Dobrý den, prosím o kontrolu logu.
Děkuji a přeji hezký den
Nela
Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2019-06-28 11:35:22
Microsoft Windows 10 Pro
System drive C: has 202 GB (66%) free of 305 GB
Total RAM: 8149 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:35:30, on 28.06.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0001)
Boot mode: Normal
Running processes:
C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Uživatel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [Chromium] "c:\users\uživatel\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_081442A522F3F8EF65AFB97F7DFDC5DE] "C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9140 bytes
======Listing Processes======
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k RPCSS -p
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
C:\Windows\system32\svchost.exe -k LocalService -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\System32\spoolsv.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"ctfmon.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\Windows\System32\svchost.exe -k utcsvc -p
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe"
C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXfg6d6cpsk8dr59w1g58kzt275tb8m991.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19053.13.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
C:\Windows\system32\MicrosoftEdgeSH.exe SCODEF:5812 CREDAT:9730 APH:6440000000009 JITHOST /prefetch:2
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
AvastUI.exe /nogui
"C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe --type=crashpad-handler "--user-data-dir=C:\Users\Uživatel\AppData\Local\Chromium\User Data" /prefetch:7 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Uživatel\AppData\Local\Chromium\User Data" --monitor-self-argument=/prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Uživatel\AppData\Local\Chromium\User Data\Crashpad" "--metrics-dir=C:\Users\Uživatel\AppData\Local\Chromium\User Data" --annotation=plat=Win32 --annotation=prod=Chromium --annotation=ver=63.0.3237.0-devel --initial-client-data=0x228,0x22c,0x230,0x224,0x234,0x73da78e4,0x73da78f4,0x73da7904
C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe --type=crashpad-handler "--user-data-dir=C:\Users\Uživatel\AppData\Local\Chromium\User Data" /prefetch:7 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Uživatel\AppData\Local\Chromium\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=Chromium --annotation=ver=63.0.3237.0-devel --initial-client-data=0x258,0x25c,0x260,0x254,0x264,0xc39c9c,0xc39cac,0xc39cbc
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe" --type=gpu-process --field-trial-handle=1608,14679902829173148018,13938541780786582422,131072 --gpu-vendor-id=0x10de --gpu-device-id=0x2182 --gpu-driver-vendor=NVIDIA --gpu-driver-version=25.21.14.1917 --gpu-driver-date=2-20-2019 --service-request-channel-token=0C239E81CADE2D7E6E4D1B932EF7F911 --mojo-platform-channel-handle=1616 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe" --type=renderer --field-trial-handle=1608,14679902829173148018,13938541780786582422,131072 --service-pipe-token=CC6BC00D6DAE2E6DE9126B6149472B2E --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-checker-imaging --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=CC6BC00D6DAE2E6DE9126B6149472B2E --renderer-client-id=3 --mojo-platform-channel-handle=2588 /prefetch:1
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe" --type=renderer --field-trial-handle=1608,14679902829173148018,13938541780786582422,131072 --service-pipe-token=2E2F0F84A7C1B6B9EAF6155DA1BE9E86 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-checker-imaging --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=2E2F0F84A7C1B6B9EAF6155DA1BE9E86 --renderer-client-id=4 --mojo-platform-channel-handle=2676 /prefetch:1
"C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe" --type=renderer --field-trial-handle=1608,14679902829173148018,13938541780786582422,131072 --service-pipe-token=E7B99D833A4F3FA5A189F9E95A3CC6F9 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,cssExternalScannerNoPreload=false,cssExternalScannerPreload=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-checker-imaging --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=E7B99D833A4F3FA5A189F9E95A3CC6F9 --renderer-client-id=5 --mojo-platform-channel-handle=2784 /prefetch:1
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/Win64/UnrealCEFSubProcess.exe" --type=gpu-process --no-sandbox --lang=en --locales-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-file=C:/Users/Uživatel/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-severity=warning --product-version="EpicGamesLauncher/10.2.4-7100722+++Portal+Release-Live UnrealEngine/4.21.0-7100722+++Portal+Release-Live Chrome/59.0.3071.15" --resources-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x2182 --gpu-driver-vendor=NVIDIA --gpu-driver-version=25.21.14.1917 --gpu-driver-date=2-20-2019 --lang=en --locales-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-file=C:/Users/Uživatel/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-severity=warning --product-version="EpicGamesLauncher/10.2.4-7100722+++Portal+Release-Live UnrealEngine/4.21.0-7100722+++Portal+Release-Live Chrome/59.0.3071.15" --resources-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --service-request-channel-token=6F24850B80D9ED0BFCC0A87614F81496 --mojo-platform-channel-handle=2156 /prefetch:2
C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\System32\svchost.exe -k netsvcs -p
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\system32\AUDIODG.EXE 0x538
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Windows\system32\SearchFilterHost.exe" 0 776 780 788 8192 784
"C:\Users\Uživatel\Downloads\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-10 480120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-10 194424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Windows\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-06-22 262024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-06-13 1586488]
"EpicGamesLauncher"=C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2019-06-21 35519888]
"Chromium"=c:\users\uživatel\appdata\local\chromium\application\chrome.exe [2017-10-10 4186112]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-06-04 22691064]
"GoogleChromeAutoLaunch_081442A522F3F8EF65AFB97F7DFDC5DE"=C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe [2017-10-10 4186112]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-12-16 601424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-06-28 11:35:22 ----D---- C:\rsit
2019-06-28 11:35:22 ----D---- C:\Program Files\trend micro
2019-06-28 11:29:52 ----A---- C:\Windows\system32\drivers\mbam.sys
2019-06-28 11:29:45 ----A---- C:\Windows\system32\drivers\farflt.sys
2019-06-28 11:29:31 ----A---- C:\Windows\system32\drivers\mwac.sys
2019-06-28 11:27:19 ----A---- C:\active_protection.txt
2019-06-28 11:27:07 ----A---- C:\url_setting_definitions.txt
2019-06-28 11:20:54 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2019-06-28 11:20:41 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2019-06-28 11:20:31 ----A---- C:\Windows\system32\drivers\MbamElam.sys
2019-06-28 11:20:28 ----A---- C:\Windows\system32\drivers\mbae64.sys
2019-06-28 11:20:22 ----D---- C:\ProgramData\Malwarebytes
2019-06-28 11:20:22 ----D---- C:\Program Files\Malwarebytes
2019-06-28 11:14:30 ----D---- C:\Program Files\Reimage
2019-06-22 08:06:10 ----D---- C:\Users\Uživatel\AppData\Roaming\AVAST Software
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswStm.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswSP.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswElam.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswbuniv.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswbidsh.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswbidsdriver.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2019-06-22 08:04:42 ----A---- C:\Windows\system32\drivers\aswArDisk.sys
2019-06-22 08:04:37 ----A---- C:\Windows\system32\aswBoot.exe
2019-06-22 08:04:36 ----D---- C:\Program Files\Common Files\AVAST Software
2019-06-22 08:03:27 ----D---- C:\Program Files\AVAST Software
2019-06-22 08:03:10 ----D---- C:\ProgramData\AVAST Software
2019-06-22 08:03:04 ----D---- C:\Program Files\CCleaner
2019-06-21 19:45:01 ----D---- C:\ProgramData\ByteFence
2019-06-21 19:33:31 ----D---- C:\ProgramData\{A0299C15-8801-E46D-D059-CC4538B1149D}
2019-06-21 19:33:05 ----D---- C:\Program Files (x86)\Pivot Animator
2019-06-21 19:32:59 ----D---- C:\ProgramData\xgdbc
2019-06-19 07:23:50 ----D---- C:\Program Files\UNP
2019-06-13 12:58:10 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-06-12 15:41:54 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2019-06-12 15:41:54 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2019-06-12 15:41:54 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2019-06-12 15:41:53 ----A---- C:\Windows\SYSWOW64\fveapibase.dll
2019-06-12 15:41:53 ----A---- C:\Windows\SYSWOW64\fveapi.dll
2019-06-12 15:41:53 ----A---- C:\Windows\system32\Windows.Media.dll
2019-06-12 15:41:53 ----A---- C:\Windows\system32\fveapibase.dll
2019-06-12 15:41:53 ----A---- C:\Windows\system32\fveapi.dll
2019-06-12 15:41:45 ----A---- C:\Windows\system32\HoloSI.PCShell.dll
2019-06-12 15:41:44 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-06-12 15:41:44 ----A---- C:\Windows\system32\assignedaccessmanagersvc.dll
2019-06-12 15:41:44 ----A---- C:\Windows\system32\AssignedAccessManager.dll
2019-06-12 15:41:43 ----A---- C:\Windows\SYSWOW64\EdgeManager.dll
2019-06-12 15:41:42 ----A---- C:\Windows\SYSWOW64\webplatstorageserver.dll
2019-06-12 15:41:42 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2019-06-12 15:41:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-06-12 15:41:42 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2019-06-12 15:41:42 ----A---- C:\Windows\SYSWOW64\ieproxy.dll
2019-06-12 15:41:42 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-06-12 15:41:42 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2019-06-12 15:41:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-06-12 15:41:41 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-06-12 15:41:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-06-12 15:41:39 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-06-12 15:41:39 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2019-06-12 15:41:38 ----A---- C:\Windows\SYSWOW64\msi.dll
2019-06-12 15:41:38 ----A---- C:\Windows\SYSWOW64\esentutl.exe
2019-06-12 15:41:38 ----A---- C:\Windows\system32\wwansvc.dll
2019-06-12 15:41:38 ----A---- C:\Windows\system32\SIHClient.exe
2019-06-12 15:41:35 ----A---- C:\Windows\system32\msi.dll
2019-06-12 15:41:34 ----A---- C:\Windows\system32\mshtml.dll
2019-06-12 15:41:34 ----A---- C:\Windows\system32\jscript9.dll
2019-06-12 15:41:34 ----A---- C:\Windows\system32\iedkcs32.dll
2019-06-12 15:41:34 ----A---- C:\Windows\system32\ie4uinit.exe
2019-06-12 15:41:33 ----A---- C:\Windows\system32\ieframe.dll
2019-06-12 15:41:32 ----A---- C:\Windows\system32\msfeeds.dll
2019-06-12 15:41:32 ----A---- C:\Windows\system32\Chakradiag.dll
2019-06-12 15:41:32 ----A---- C:\Windows\system32\Chakra.dll
2019-06-12 15:41:32 ----A---- C:\Windows\system32\EdgeManager.dll
2019-06-12 15:41:30 ----A---- C:\Windows\system32\webplatstorageserver.dll
2019-06-12 15:41:30 ----A---- C:\Windows\system32\StorSvc.dll
2019-06-12 15:41:30 ----A---- C:\Windows\system32\ieproxy.dll
2019-06-12 15:41:30 ----A---- C:\Windows\system32\esentutl.exe
2019-06-12 15:41:30 ----A---- C:\Windows\system32\edgehtml.dll
2019-06-12 15:41:29 ----A---- C:\Windows\system32\spacebridge.dll
2019-06-12 15:41:28 ----A---- C:\Windows\SYSWOW64\shell32.dll
2019-06-12 15:41:28 ----A---- C:\Windows\system32\bcastdvruserservice.dll
2019-06-12 15:41:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-06-12 15:41:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-06-12 15:41:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-06-12 15:41:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-06-12 15:41:26 ----A---- C:\Windows\SYSWOW64\usoapi.dll
2019-06-12 15:41:26 ----A---- C:\Windows\SYSWOW64\policymanager.dll
2019-06-12 15:41:26 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-06-12 15:41:26 ----A---- C:\Windows\SYSWOW64\mdmregistration.dll
2019-06-12 15:41:26 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2019-06-12 15:41:26 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2019-06-12 15:41:26 ----A---- C:\Windows\SYSWOW64\credprovhost.dll
2019-06-12 15:41:26 ----A---- C:\Windows\SYSWOW64\AppResolver.dll
2019-06-12 15:41:25 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryCore.dll
2019-06-12 15:41:25 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2019-06-12 15:41:25 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 15:41:25 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2019-06-12 15:41:24 ----RA---- C:\Windows\SYSWOW64\icuin.dll
2019-06-12 15:41:24 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2019-06-12 15:41:24 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2019-06-12 15:41:24 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-12 15:41:24 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryPS.dll
2019-06-12 15:41:24 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryClient.dll
2019-06-12 15:41:24 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryBroker.dll
2019-06-12 15:41:24 ----A---- C:\Windows\SYSWOW64\StateRepository.Core.dll
2019-06-12 15:41:23 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2019-06-12 15:41:23 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2019-06-12 15:41:23 ----A---- C:\Windows\SYSWOW64\cdp.dll
2019-06-12 15:41:23 ----A---- C:\Windows\SYSWOW64\AssignedAccessRuntime.dll
2019-06-12 15:41:22 ----A---- C:\Windows\SYSWOW64\twinui.dll
2019-06-12 15:41:22 ----A---- C:\Windows\SYSWOW64\TokenBrokerUI.dll
2019-06-12 15:41:16 ----A---- C:\Windows\SYSWOW64\Windows.Web.dll
2019-06-12 15:41:16 ----A---- C:\Windows\SYSWOW64\sppcext.dll
2019-06-12 15:41:16 ----A---- C:\Windows\SYSWOW64\slcext.dll
2019-06-12 15:41:15 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2019-06-12 15:41:14 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-12 15:41:14 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2019-06-12 15:41:14 ----A---- C:\Windows\SYSWOW64\CompPkgSup.dll
2019-06-12 15:41:14 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2019-06-12 15:41:14 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2019-06-12 15:41:14 ----A---- C:\Windows\system32\WebRuntimeManager.dll
2019-06-12 15:41:14 ----A---- C:\Windows\system32\policymanager.dll
2019-06-12 15:41:14 ----A---- C:\Windows\system32\DeviceEnroller.exe
2019-06-12 15:41:13 ----A---- C:\Windows\system32\wininet.dll
2019-06-12 15:41:13 ----A---- C:\Windows\system32\iertutil.dll
2019-06-12 15:41:13 ----A---- C:\Windows\system32\GdiPlus.dll
2019-06-12 15:41:13 ----A---- C:\Windows\system32\gdi32full.dll
2019-06-12 15:41:12 ----A---- C:\Windows\system32\usermgr.dll
2019-06-12 15:41:12 ----A---- C:\Windows\system32\urlmon.dll
2019-06-12 15:41:12 ----A---- C:\Windows\system32\mf3216.dll
2019-06-12 15:41:12 ----A---- C:\Windows\system32\drivers\tcpip.sys
2019-06-12 15:41:12 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-06-12 15:41:12 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-06-12 15:41:12 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2019-06-12 15:41:12 ----A---- C:\Windows\system32\credprovhost.dll
2019-06-12 15:41:12 ----A---- C:\Windows\system32\bcryptprimitives.dll
2019-06-12 15:41:11 ----A---- C:\Windows\system32\drivers\ntfs.sys
2019-06-12 15:41:11 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2019-06-12 15:41:10 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2019-06-12 15:41:10 ----A---- C:\Windows\system32\wdigest.dll
2019-06-12 15:41:10 ----A---- C:\Windows\system32\twinui.dll
2019-06-12 15:41:10 ----A---- C:\Windows\system32\TokenBrokerUI.dll
2019-06-12 15:41:10 ----A---- C:\Windows\system32\schedsvc.dll
2019-06-12 15:41:09 ----A---- C:\Windows\system32\winresume.exe
2019-06-12 15:41:09 ----A---- C:\Windows\system32\taskcomp.dll
2019-06-12 15:41:09 ----A---- C:\Windows\system32\msctf.dll
2019-06-12 15:41:08 ----A---- C:\Windows\system32\winload.exe
2019-06-12 15:41:07 ----A---- C:\Windows\system32\SettingsHandlers_Language.dll
2019-06-12 15:41:07 ----A---- C:\Windows\system32\NotificationControllerPS.dll
2019-06-12 15:41:07 ----A---- C:\Windows\system32\NotificationController.dll
2019-06-12 15:41:07 ----A---- C:\Windows\system32\NetworkMobileSettings.dll
2019-06-12 15:41:07 ----A---- C:\Windows\system32\AppResolver.dll
2019-06-12 15:41:06 ----A---- C:\Windows\system32\shell32.dll
2019-06-12 15:41:05 ----A---- C:\Windows\system32\vbscript.dll
2019-06-12 15:41:05 ----A---- C:\Windows\system32\sppsvc.exe
2019-06-12 15:41:05 ----A---- C:\Windows\system32\sppcext.dll
2019-06-12 15:41:05 ----A---- C:\Windows\system32\slcext.dll
2019-06-12 15:41:05 ----A---- C:\Windows\system32\pku2u.dll
2019-06-12 15:41:04 ----A---- C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-12 15:41:04 ----A---- C:\Windows\system32\hal.dll
2019-06-12 15:41:04 ----A---- C:\Windows\system32\AxInstSv.dll
2019-06-12 15:41:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-06-12 15:41:03 ----A---- C:\Windows\system32\mdmregistration.dll
2019-06-12 15:41:02 ----A---- C:\Windows\system32\wpncore.dll
2019-06-12 15:41:02 ----A---- C:\Windows\system32\wpnapps.dll
2019-06-12 15:41:02 ----A---- C:\Windows\system32\win32kfull.sys
2019-06-12 15:41:02 ----A---- C:\Windows\system32\win32k.sys
2019-06-12 15:41:02 ----A---- C:\Windows\system32\storewuauth.dll
2019-06-12 15:41:02 ----A---- C:\Windows\system32\rdpcore.dll
2019-06-12 15:41:02 ----A---- C:\Windows\system32\PsmServiceExtHost.dll
2019-06-12 15:41:01 ----A---- C:\Windows\system32\win32kbase.sys
2019-06-12 15:41:01 ----A---- C:\Windows\system32\EdgeContent.dll
2019-06-12 15:41:01 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2019-06-12 15:41:01 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2019-06-12 15:41:00 ----A---- C:\Windows\system32\FntCache.dll
2019-06-12 15:41:00 ----A---- C:\Windows\system32\DWrite.dll
2019-06-12 15:41:00 ----A---- C:\Windows\system32\cdp.dll
2019-06-12 15:41:00 ----A---- C:\Windows\system32\AssignedAccessRuntime.dll
2019-06-12 15:40:59 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-12 15:40:59 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2019-06-12 15:40:59 ----A---- C:\Windows\system32\TokenBroker.dll
2019-06-12 15:40:59 ----A---- C:\Windows\system32\smartscreen.exe
2019-06-12 15:40:59 ----A---- C:\Windows\system32\aadcloudap.dll
2019-06-12 15:40:58 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 15:40:58 ----A---- C:\Windows\system32\SecurityHealthAgent.dll
2019-06-12 15:40:58 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 15:40:58 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2019-06-12 15:40:57 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2019-06-12 15:40:57 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 15:40:56 ----A---- C:\Windows\system32\wmicmiplugin.dll
2019-06-12 15:40:56 ----A---- C:\Windows\system32\Windows.Web.dll
2019-06-12 15:40:56 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2019-06-12 15:40:53 ----A---- C:\Windows\system32\audiosrv.dll
2019-06-12 15:40:53 ----A---- C:\Windows\system32\AudioSes.dll
2019-06-12 15:40:53 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-12 15:40:52 ----A---- C:\Windows\system32\CompPkgSup.dll
2019-06-12 15:40:52 ----A---- C:\Windows\system32\CompPkgSrv.exe
2019-06-12 15:40:52 ----A---- C:\Windows\system32\browserbroker.dll
2019-06-12 15:40:52 ----A---- C:\Windows\system32\AudioEng.dll
2019-06-12 15:40:52 ----A---- C:\Windows\system32\audiodg.exe
2019-06-12 15:40:52 ----A---- C:\Windows\system32\AppReadiness.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\wuuhext.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\wups2.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\wups.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\wuapi.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\WaaSMedicSvc.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\WaaSMedicCapsule.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\WaaSMedicAgent.exe
2019-06-12 15:40:51 ----A---- C:\Windows\system32\usocore.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\UsoClient.exe
2019-06-12 15:40:51 ----A---- C:\Windows\system32\usoapi.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\updatehandlers.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2019-06-12 15:40:51 ----A---- C:\Windows\system32\MusNotifyIcon.exe
2019-06-12 15:40:50 ----A---- C:\Windows\system32\wuaueng.dll
2019-06-12 15:40:50 ----A---- C:\Windows\system32\SDDS.dll
2019-06-12 15:40:50 ----A---- C:\Windows\system32\mf.dll
2019-06-12 15:40:50 ----A---- C:\Windows\system32\lsasrv.dll
2019-06-12 15:40:50 ----A---- C:\Windows\system32\JpnServiceDS.dll
2019-06-12 15:40:50 ----A---- C:\Windows\system32\FilterDS.dll
2019-06-12 15:40:50 ----A---- C:\Windows\system32\drivers\cng.sys
2019-06-12 15:40:50 ----A---- C:\Windows\system32\drivers\clfs.sys
2019-06-12 15:40:50 ----A---- C:\Windows\system32\DDDS.dll
2019-06-12 15:40:50 ----A---- C:\Windows\system32\BingFilterDS.dll
2019-06-12 15:40:50 ----A---- C:\Windows\system32\BingASDS.dll
2019-06-12 15:40:49 ----A---- C:\Windows\system32\tcblaunch.exe
2019-06-12 15:40:49 ----A---- C:\Windows\system32\srvsvc.dll
2019-06-12 15:40:49 ----A---- C:\Windows\system32\securekernel.exe
2019-06-12 15:40:49 ----A---- C:\Windows\system32\esent.dll
2019-06-12 15:40:48 ----A---- C:\Windows\SYSWOW64\userenv.dll
2019-06-12 15:40:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-06-12 15:40:48 ----A---- C:\Windows\system32\userenv.dll
2019-06-12 15:40:48 ----A---- C:\Windows\system32\tzres.dll
2019-06-12 15:40:48 ----A---- C:\Windows\system32\schannel.dll
2019-06-12 15:40:48 ----A---- C:\Windows\system32\samsrv.dll
2019-06-12 15:40:48 ----A---- C:\Windows\system32\msv1_0.dll
2019-06-12 15:40:48 ----A---- C:\Windows\system32\kerberos.dll
2019-06-12 15:40:48 ----A---- C:\Windows\system32\KerbClientShared.dll
2019-06-12 15:40:48 ----A---- C:\Windows\system32\drivers\storport.sys
2019-06-12 15:40:48 ----A---- C:\Windows\system32\ci.dll
2019-06-12 15:40:47 ----RA---- C:\Windows\system32\icuin.dll
2019-06-12 15:40:46 ----A---- C:\Windows\system32\windows.storage.dll
2019-06-12 15:40:46 ----A---- C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-06-12 15:40:46 ----A---- C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-06-12 15:40:46 ----A---- C:\Windows\system32\Windows.StateRepositoryCore.dll
2019-06-12 15:40:46 ----A---- C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-06-12 15:40:46 ----A---- C:\Windows\system32\Windows.StateRepositoryBroker.dll
2019-06-12 15:40:46 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2019-06-12 15:40:46 ----A---- C:\Windows\system32\StateRepository.Core.dll
2019-06-12 15:40:46 ----A---- C:\Windows\system32\drivers\winnat.sys
2019-06-12 15:40:45 ----A---- C:\Windows\SYSWOW64\wups.dll
2019-06-12 15:40:45 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2019-06-12 15:40:45 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2019-06-12 15:40:45 ----A---- C:\Windows\SYSWOW64\spacebridge.dll
2019-06-12 15:40:45 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-06-12 15:40:45 ----A---- C:\Windows\SYSWOW64\msctf.dll
2019-06-12 15:40:45 ----A---- C:\Windows\SYSWOW64\esent.dll
2019-06-12 15:40:45 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2019-06-12 15:40:44 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-06-12 15:40:44 ----A---- C:\Windows\SYSWOW64\KerbClientShared.dll
2019-06-12 15:40:43 ----A---- C:\Windows\system32\hvloader.dll
2019-06-12 15:40:43 ----A---- C:\Windows\system32\hvix64.exe
2019-06-12 15:40:43 ----A---- C:\Windows\system32\hvax64.exe
2019-06-12 15:40:43 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2019-06-12 15:40:43 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2019-06-12 15:40:43 ----A---- C:\Windows\system32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-12 15:40:43 ----A---- C:\Windows\system32\drivers\hvservice.sys
2019-06-12 15:40:43 ----A---- C:\Windows\system32\drivers\bthport.sys
2019-06-12 15:40:42 ----A---- C:\Windows\system32\drivers\spaceport.sys
2019-06-12 15:40:42 ----A---- C:\Windows\system32\drivers\spacedump.sys
======List of files/folders modified in the last 1 month======
2019-06-28 11:35:30 ----D---- C:\Windows\Prefetch
2019-06-28 11:35:30 ----D---- C:\Windows\AppReadiness
2019-06-28 11:35:29 ----HD---- C:\Program Files\WindowsApps
2019-06-28 11:35:29 ----D---- C:\Windows\Temp
2019-06-28 11:35:22 ----RD---- C:\Program Files
2019-06-28 11:29:52 ----D---- C:\Windows\system32\drivers
2019-06-28 11:29:36 ----D---- C:\Windows\system32\catroot2
2019-06-28 11:29:10 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-06-28 11:28:53 ----D---- C:\ProgramData\NVIDIA
2019-06-28 11:27:42 ----D---- C:\Windows\system32\sru
2019-06-28 11:27:05 ----D---- C:\Windows
2019-06-28 11:27:04 ----HD---- C:\ProgramData
2019-06-28 11:20:32 ----HD---- C:\Windows\ELAMBKUP
2019-06-28 11:14:51 ----D---- C:\Windows\system32\Tasks
2019-06-28 10:54:06 ----D---- C:\Windows\System32
2019-06-27 17:13:55 ----D---- C:\Windows\system32\SleepStudy
2019-06-27 16:16:13 ----SHD---- C:\System Volume Information
2019-06-27 16:14:30 ----RD---- C:\Windows\Microsoft.NET
2019-06-26 17:28:18 ----D---- C:\Windows\system32\LogFiles
2019-06-24 15:19:50 ----D---- C:\Windows\system32\config
2019-06-22 16:44:37 ----D---- C:\Windows\LiveKernelReports
2019-06-22 08:06:32 ----D---- C:\Windows\Panther
2019-06-22 08:06:32 ----D---- C:\Windows\INF
2019-06-22 08:06:31 ----D---- C:\Windows\debug
2019-06-22 08:04:52 ----D---- C:\Windows\WinSxS
2019-06-22 08:04:36 ----D---- C:\Program Files\Common Files
2019-06-21 21:15:55 ----D---- C:\ProgramData\Packages
2019-06-21 19:33:55 ----D---- C:\Program Files (x86)\Common Files
2019-06-21 19:33:29 ----RD---- C:\Users
2019-06-21 19:33:05 ----RD---- C:\Program Files (x86)
2019-06-20 17:24:38 ----D---- C:\Windows\Logs
2019-06-13 12:58:13 ----D---- C:\Windows\CbsTemp
2019-06-13 07:27:11 ----D---- C:\Windows\system32\DriverStore
2019-06-12 21:42:39 ----D---- C:\Windows\SYSWOW64\migration
2019-06-12 21:42:39 ----D---- C:\Windows\SysWOW64
2019-06-12 21:42:37 ----D---- C:\Windows\system32\wbem
2019-06-12 21:42:37 ----D---- C:\Windows\system32\migwiz
2019-06-12 21:42:37 ----D---- C:\Windows\system32\migration
2019-06-12 21:42:37 ----D---- C:\Windows\system32\cs-CZ
2019-06-12 21:42:36 ----D---- C:\Windows\system32\Boot
2019-06-12 21:42:30 ----RD---- C:\Program Files\Windows Defender
2019-06-12 21:42:30 ----D---- C:\Windows\bcastdvr
2019-06-12 21:42:30 ----D---- C:\Windows\apppatch
2019-06-12 21:42:30 ----D---- C:\Program Files\internet explorer
2019-06-12 21:42:30 ----D---- C:\Program Files (x86)\Internet Explorer
2019-06-12 15:31:54 ----D---- C:\Windows\system32\MRT
2019-06-12 15:29:13 ----AC---- C:\Windows\system32\MRT.exe
2019-06-04 16:00:37 ----D---- C:\Windows\system32\drivers\wd
2019-05-31 20:03:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2019-06-22 37104]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-06-22 205848]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-06-22 61472]
R0 aswElam;aswElam; C:\Windows\system32\drivers\aswElam.sys [2019-06-22 15488]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-06-22 87944]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-06-22 385880]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2019-03-26 55608]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2019-06-28 275232]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2019-05-15 317240]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\Windows\system32\drivers\SgrmAgent.sys [2018-09-15 87552]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2018-09-15 40960]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-06-22 207448]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-06-22 262496]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2019-06-22 279120]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-06-22 42288]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-06-22 112312]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-06-22 1030784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-06-22 477584]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-09-15 63288]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2019-01-08 153328]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-06-22 168104]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-06-22 225600]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2019-03-26 452096]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2019-06-28 199768]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2019-03-26 51712]
R3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i63x64.sys [2018-09-15 524800]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2019-06-28 224408]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\DRIVERS\mbam.sys [2019-06-28 73584]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2019-06-28 116112]
R3 MEIx64;@oem2.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2016-01-19 202032]
R3 NVHDA;@oem8.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2019-02-22 237576]
R3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_65d85610cbd6aedd\nvlddmkm.sys [2019-02-22 20726016]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 MbamElam;MbamElam; C:\Windows\system32\DRIVERS\MbamElam.sys [2019-06-26 20936]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2018-09-15 135168]
S0 SmartSAMD;SmartSAMD; C:\Windows\System32\drivers\SmartSAMD.sys [2018-09-15 219960]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2018-09-15 137016]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2019-03-26 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2018-09-15 153400]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2019-03-26 104248]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2019-03-26 111104]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-06-12 90624]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2019-06-12 1229824]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\drivers\BTHUSB.sys [2019-05-15 92672]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2018-09-15 63288]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2018-09-15 125952]
S3 cpuz139;cpuz139; \??\C:\Windows\TEMP\cpuz139\cpuz139_x64.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 GPUZ;GPUZ; \??\C:\Windows\TEMP\GPUZ.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2019-06-12 80400]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2018-09-15 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2018-09-15 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-09-15 124928]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2019-03-26 290816]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2018-09-15 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2019-04-10 981816]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2018-09-15 202240]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2018-09-15 108032]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2018-09-15 33080]
S3 smbdirect;smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [2018-09-15 171520]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [2018-09-15 73016]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2018-09-15 33280]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-06-22 409224]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_2bd7c;CDPUserSvc_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-06-26 6744288]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-02-20 767016]
R2 OneSyncSvc_2bd7c;OneSyncSvc_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\Windows\system32\SgrmBroker.exe [2019-04-10 255128]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-06-22 6844776]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_2bd7c;cbdhsvc_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2019-03-26 864056]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-09 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-06-22 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_2bd7c;BcastDVRUserService_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-04-02 8473200]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_2bd7c;BluetoothUserService_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_2bd7c;CaptureService_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_2bd7c;ConsentUxUserSvc_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_2bd7c;DevicePickerUserSvc_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_2bd7c;DevicesFlowUserSvc_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-15 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2019-04-02 802432]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2016-08-11 342456]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe [2019-06-18 1098224]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-09 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_2bd7c;MessagingService_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc_2bd7c;PimIndexMaintenanceSvc_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_2bd7c;PrintWorkflowUserSvc_2bd7c; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2019-04-10 5382448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2018-09-15 1269248]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2019-03-26 831288]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Chromium
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Chromium
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Chromium
Děkuji, Chromium vyskakuje pořád - po startu.
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-28-2019
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 9
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\Reimage
Deleted C:\ProgramData\ByteFence
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\reimageplus.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\reimageplus.com
Deleted HKLM\Software\Reimage
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2734 octets] - [28/06/2019 15:18:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-28-2019
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 9
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\Reimage
Deleted C:\ProgramData\ByteFence
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\reimageplus.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\reimageplus.com
Deleted HKLM\Software\Reimage
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2734 octets] - [28/06/2019 15:18:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Chromium
OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Chromium
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-28-2019
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 9
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\Reimage
Deleted C:\ProgramData\ByteFence
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\reimageplus.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\reimageplus.com
Deleted HKLM\Software\Reimage
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2734 octets] - [28/06/2019 15:18:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-28-2019
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 9
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\Reimage
Deleted C:\ProgramData\ByteFence
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\reimageplus.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\reimageplus.com
Deleted HKLM\Software\Reimage
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2734 octets] - [28/06/2019 15:18:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Chromium
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2019
Ran by Uživatel (administrator) on DESKTOP-P57QUDT (Dell Inc. OptiPlex 790) (28-06-2019 16:38:52)
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available Profiles: Uživatel)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.30.12001.0_x64__8wekyb3d8bbwe\GameBar.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.30.12001.0_x64__8wekyb3d8bbwe\GameBarFT.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35519888 2019-06-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\Run: [Chromium] => c:\users\uživatel\appdata\local\chromium\application\chrome.exe [4186112 2017-10-10] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\Run: [GoogleChromeAutoLaunch_081442A522F3F8EF65AFB97F7DFDC5DE] => C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe [4186112 2017-10-10] (The Chromium Authors) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3FE26D7A-A9E9-4782-BF57-E1ACD9C0D538} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4282198C-28C3-4937-B26E-0B99D1298BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
Task: {525D3086-7DCD-42F8-AC9B-28711C202013} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {C5885A57-7091-4137-AC38-3359A8137377} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
Task: {CFC5B348-FBBF-42CF-9223-9FAD0807A980} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {DEA0396C-9F5E-41F0-BF1B-1EB689934AFC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 82.144.128.1 82.144.129.1
Tcpip\..\Interfaces\{098d61ea-789e-4984-85d7-98fd5bd30d29}: [DhcpNameServer] 82.144.128.1 82.144.129.1
Internet Explorer:
==================
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-10] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default [2019-06-28]
CHR Extension: (Prezentace) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-09]
CHR Extension: (Rose) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aobcgffnbkbipbflopponndoiommhnch [2019-03-26]
CHR Extension: (Dokumenty) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-09]
CHR Extension: (Disk Google) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-09]
CHR Extension: (YouTube) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-09]
CHR Extension: (Tabulky) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-26]
CHR Extension: (AdBlock) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-29]
CHR Extension: (Avast Online Security) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-09]
CHR Extension: (Gmail) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-22]
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-04-02] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-04-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (FUTUREMARK INC -> Futuremark)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [168104 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225600 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116112 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_65d85610cbd6aedd\nvlddmkm.sys [20726016 2019-02-22] (NVIDIA Corporation -> NVIDIA Corporation)
R3 UcmCxUcsiNvppc; C:\Windows\system32\DRIVERS\UcmCxUcsiNvppc.sys [461784 2019-02-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [47496 2019-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [337632 2019-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz139; \??\C:\Windows\TEMP\cpuz139\cpuz139_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-28 16:38 - 2019-06-28 16:40 - 000018775 _____ C:\Users\Uživatel\Desktop\FRST.txt
2019-06-28 16:37 - 2019-06-28 16:38 - 000000000 ____D C:\FRST
2019-06-28 16:36 - 2019-06-28 16:36 - 002418688 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2019-06-28 15:20 - 2019-06-28 15:20 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-06-28 15:20 - 2019-06-28 15:20 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-06-28 15:20 - 2019-06-28 15:20 - 000116112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-06-28 15:20 - 2019-06-28 15:20 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-06-28 15:17 - 2019-06-28 15:18 - 000000000 ____D C:\AdwCleaner
2019-06-28 15:17 - 2019-06-28 15:17 - 007025360 _____ (Malwarebytes) C:\Users\Uživatel\Downloads\AdwCleaner.exe
2019-06-28 11:35 - 2019-06-28 11:35 - 000000000 ____D C:\rsit
2019-06-28 11:35 - 2019-06-28 11:35 - 000000000 ____D C:\Program Files\trend micro
2019-06-28 11:34 - 2019-06-28 11:35 - 001222144 _____ C:\Users\Uživatel\Downloads\RSITx64.exe
2019-06-28 11:32 - 2019-06-28 11:33 - 064333800 _____ (Malwarebytes ) C:\Users\Uživatel\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11270 (1).exe
2019-06-28 11:27 - 2019-06-28 11:27 - 000319920 _____ C:\active_protection.txt
2019-06-28 11:27 - 2019-06-28 11:27 - 000037376 _____ C:\url_setting_definitions.txt
2019-06-28 11:21 - 2019-06-28 11:21 - 000000000 ____D C:\Users\Uživatel\AppData\Local\mbam
2019-06-28 11:20 - 2019-06-28 11:20 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-06-28 11:20 - 2019-06-28 11:20 - 000001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-28 11:20 - 2019-06-28 11:20 - 000000000 ____D C:\Users\Uživatel\AppData\Local\mbamtray
2019-06-28 11:20 - 2019-06-28 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-28 11:20 - 2019-06-28 11:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-28 11:20 - 2019-06-28 11:20 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-28 11:20 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-06-28 11:20 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-06-28 11:19 - 2019-06-28 11:20 - 064333800 _____ (Malwarebytes ) C:\Users\Uživatel\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11270.exe
2019-06-22 08:06 - 2019-06-22 08:06 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-06-22 08:06 - 2019-06-22 08:06 - 000002082 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-06-22 08:06 - 2019-06-22 08:06 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\AVAST Software
2019-06-22 08:06 - 2019-06-22 08:06 - 000000000 ____D C:\Users\Uživatel\AppData\Local\AVAST Software
2019-06-22 08:05 - 2019-06-28 16:30 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-06-22 08:05 - 2019-06-27 12:06 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-06-22 08:04 - 2019-06-22 08:05 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-22 08:04 - 2019-06-22 08:05 - 000225600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-22 08:04 - 2019-06-22 08:05 - 000168104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-06-22 08:04 - 2019-06-22 08:04 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000015488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-06-22 08:04 - 2019-06-22 08:03 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-06-22 08:03 - 2019-06-28 16:30 - 000002238 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-22 08:03 - 2019-06-22 12:58 - 000003048 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-22 08:03 - 2019-06-22 08:04 - 000000000 ____D C:\ProgramData\AVAST Software
2019-06-22 08:03 - 2019-06-22 08:03 - 000000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-22 08:03 - 2019-06-22 08:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-06-22 08:03 - 2019-06-22 08:03 - 000000000 ____D C:\Program Files\CCleaner
2019-06-22 08:03 - 2019-06-22 08:03 - 000000000 ____D C:\Program Files\AVAST Software
2019-06-22 08:02 - 2019-06-22 08:02 - 020638704 _____ (Piriform Software Ltd) C:\Users\Uživatel\Downloads\ccsetup558.exe
2019-06-21 19:34 - 2019-06-22 08:34 - 000000000 ____D C:\Windows\System32\Tasks\{175BAEB5-B917-B5BF-5FB3-106CAD6B45CD}
2019-06-21 19:34 - 2019-06-21 19:34 - 000002359 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2019-06-21 19:34 - 2019-06-21 19:34 - 000000000 ____D C:\Users\Uživatel\AppData\Local\chromium
2019-06-21 19:33 - 2019-06-21 19:34 - 000000000 ____D C:\ProgramData\{A0299C15-8801-E46D-D059-CC4538B1149D}
2019-06-21 19:33 - 2019-06-21 19:33 - 000001109 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2019-06-21 19:33 - 2019-06-21 19:33 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Pivot Animator
2019-06-21 19:33 - 2019-06-21 19:33 - 000000000 ____D C:\Users\U�ivatel
2019-06-21 19:33 - 2019-06-21 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
2019-06-21 19:33 - 2019-06-21 19:33 - 000000000 ____D C:\Program Files (x86)\Pivot Animator
2019-06-21 19:32 - 2019-06-21 19:35 - 000000000 ____D C:\ProgramData\xgdbc
2019-06-19 07:23 - 2019-06-19 07:23 - 000000000 ____D C:\Program Files\UNP
2019-06-13 12:58 - 2019-06-13 12:58 - 001993528 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 023438336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 018999296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 015221248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 012869120 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 012162048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 007875072 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 007724992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006926336 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006547144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006309256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005297152 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005210904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005112792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 004661760 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 003983872 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003906560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 003426816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 003344896 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003091968 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 002777736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002690048 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002627600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 002323696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002276192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-12 15:41 - 2019-06-12 15:41 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-12 15:41 - 2019-06-12 15:41 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001860608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001761280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001750016 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001700312 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-12 15:41 - 2019-06-12 15:41 - 001670840 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001644544 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001618944 ____R (The ICU Project) C:\Windows\SysWOW64\icuin.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001471040 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 001466496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001342904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-12 15:41 - 2019-06-12 15:41 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001260048 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-06-12 15:41 - 2019-06-12 15:41 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001255936 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001254912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001223168 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001180184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 001098136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000927744 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000804352 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000699392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000586040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000555232 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000540720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000515152 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000513904 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-12 15:41 - 2019-06-12 15:41 - 000451104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000430904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000427688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000398208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000287912 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000262160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000122680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000091424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000087864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2019-06-12 15:40 - 2019-06-12 15:41 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 017484800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 004997096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 003385344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 003270144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002928640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 002653696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002638336 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002085168 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001929216 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001860096 ____R (The ICU Project) C:\Windows\system32\icuin.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001462272 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001298952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 001229824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 001219424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 001032704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000924160 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000773632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000752144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000730592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000676048 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000651064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000615440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000604344 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000506192 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000462136 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000419368 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\BingASDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000386576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000375544 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000351232 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000292664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000282424 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000247608 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000196920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSrv.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000152896 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000152400 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000137056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000125528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000114648 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000101176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\BingFilterDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-28 16:30 - 2019-01-09 14:38 - 000003400 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-28 16:30 - 2019-01-09 14:38 - 000003176 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-28 16:30 - 2019-01-09 13:45 - 000002862 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2290176911-3157601873-3903230591-1001
2019-06-28 16:02 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-28 15:51 - 2019-01-09 13:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-28 15:19 - 2019-01-09 13:48 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-28 15:19 - 2019-01-09 13:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-28 15:18 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-28 14:25 - 2019-04-02 17:32 - 000000000 ____D C:\Users\Uživatel\AppData\Local\D3DSCache
2019-06-28 11:36 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-28 11:36 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-06-28 11:20 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-26 20:28 - 2019-03-26 18:22 - 000001442 _____ C:\Users\Uživatel\Desktop\Roblox Player.lnk
2019-06-26 20:28 - 2019-03-26 18:21 - 000001257 _____ C:\Users\Uživatel\Desktop\Roblox Studio.lnk
2019-06-26 20:28 - 2019-03-26 18:21 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-06-22 16:44 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-06-22 08:06 - 2019-01-09 13:16 - 000000000 ____D C:\Windows\Panther
2019-06-22 08:06 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-06-21 21:15 - 2019-01-09 14:00 - 000000000 ____D C:\ProgramData\Packages
2019-06-20 14:20 - 2019-01-09 14:39 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-20 14:20 - 2019-01-09 14:39 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-17 20:19 - 2019-05-15 18:30 - 000000000 ____D C:\Users\Uživatel\AppData\Local\ElevatedDiagnostics
2019-06-13 15:19 - 2019-01-09 13:45 - 000000000 ___RD C:\Users\Uživatel\OneDrive
2019-06-13 15:19 - 2019-01-09 13:40 - 000002380 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-13 12:58 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-06-13 07:28 - 2019-01-09 13:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-13 07:28 - 2019-01-09 13:42 - 000000000 ___RD C:\Users\Uživatel\3D Objects
2019-06-13 07:27 - 2019-01-09 13:16 - 000348672 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-12 21:42 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-12 21:42 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-06-12 21:42 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-06-12 15:31 - 2019-03-26 17:47 - 000000000 ____D C:\Windows\system32\MRT
2019-06-12 15:29 - 2019-03-26 17:47 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-04 16:00 - 2019-01-09 13:17 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-06-02 17:39 - 2019-03-26 18:21 - 000000254 _____ C:\Users\Uživatel\AppData\LocalLow\rbxcsettings.rbx
2019-05-31 20:03 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-31 20:03 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-29 20:16 - 2019-03-26 18:21 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Roblox
==================== FLock ================
2019-01-09 13:26 C:\Windows\CSC
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Ran by Uživatel (administrator) on DESKTOP-P57QUDT (Dell Inc. OptiPlex 790) (28-06-2019 16:38:52)
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available Profiles: Uživatel)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.30.12001.0_x64__8wekyb3d8bbwe\GameBar.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.30.12001.0_x64__8wekyb3d8bbwe\GameBarFT.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35519888 2019-06-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\Run: [Chromium] => c:\users\uživatel\appdata\local\chromium\application\chrome.exe [4186112 2017-10-10] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\Run: [GoogleChromeAutoLaunch_081442A522F3F8EF65AFB97F7DFDC5DE] => C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe [4186112 2017-10-10] (The Chromium Authors) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3FE26D7A-A9E9-4782-BF57-E1ACD9C0D538} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4282198C-28C3-4937-B26E-0B99D1298BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
Task: {525D3086-7DCD-42F8-AC9B-28711C202013} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {C5885A57-7091-4137-AC38-3359A8137377} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
Task: {CFC5B348-FBBF-42CF-9223-9FAD0807A980} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {DEA0396C-9F5E-41F0-BF1B-1EB689934AFC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 82.144.128.1 82.144.129.1
Tcpip\..\Interfaces\{098d61ea-789e-4984-85d7-98fd5bd30d29}: [DhcpNameServer] 82.144.128.1 82.144.129.1
Internet Explorer:
==================
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-04-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-04-10] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-04-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-04-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default [2019-06-28]
CHR Extension: (Prezentace) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-09]
CHR Extension: (Rose) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aobcgffnbkbipbflopponndoiommhnch [2019-03-26]
CHR Extension: (Dokumenty) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-09]
CHR Extension: (Disk Google) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-09]
CHR Extension: (YouTube) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-09]
CHR Extension: (Tabulky) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-26]
CHR Extension: (AdBlock) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-29]
CHR Extension: (Avast Online Security) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-09]
CHR Extension: (Gmail) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-22]
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-04-02] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-04-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (FUTUREMARK INC -> Futuremark)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [168104 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225600 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116112 2019-06-28] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_65d85610cbd6aedd\nvlddmkm.sys [20726016 2019-02-22] (NVIDIA Corporation -> NVIDIA Corporation)
R3 UcmCxUcsiNvppc; C:\Windows\system32\DRIVERS\UcmCxUcsiNvppc.sys [461784 2019-02-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [47496 2019-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [337632 2019-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz139; \??\C:\Windows\TEMP\cpuz139\cpuz139_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-28 16:38 - 2019-06-28 16:40 - 000018775 _____ C:\Users\Uživatel\Desktop\FRST.txt
2019-06-28 16:37 - 2019-06-28 16:38 - 000000000 ____D C:\FRST
2019-06-28 16:36 - 2019-06-28 16:36 - 002418688 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2019-06-28 15:20 - 2019-06-28 15:20 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-06-28 15:20 - 2019-06-28 15:20 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-06-28 15:20 - 2019-06-28 15:20 - 000116112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-06-28 15:20 - 2019-06-28 15:20 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-06-28 15:17 - 2019-06-28 15:18 - 000000000 ____D C:\AdwCleaner
2019-06-28 15:17 - 2019-06-28 15:17 - 007025360 _____ (Malwarebytes) C:\Users\Uživatel\Downloads\AdwCleaner.exe
2019-06-28 11:35 - 2019-06-28 11:35 - 000000000 ____D C:\rsit
2019-06-28 11:35 - 2019-06-28 11:35 - 000000000 ____D C:\Program Files\trend micro
2019-06-28 11:34 - 2019-06-28 11:35 - 001222144 _____ C:\Users\Uživatel\Downloads\RSITx64.exe
2019-06-28 11:32 - 2019-06-28 11:33 - 064333800 _____ (Malwarebytes ) C:\Users\Uživatel\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11270 (1).exe
2019-06-28 11:27 - 2019-06-28 11:27 - 000319920 _____ C:\active_protection.txt
2019-06-28 11:27 - 2019-06-28 11:27 - 000037376 _____ C:\url_setting_definitions.txt
2019-06-28 11:21 - 2019-06-28 11:21 - 000000000 ____D C:\Users\Uživatel\AppData\Local\mbam
2019-06-28 11:20 - 2019-06-28 11:20 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-06-28 11:20 - 2019-06-28 11:20 - 000001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-28 11:20 - 2019-06-28 11:20 - 000000000 ____D C:\Users\Uživatel\AppData\Local\mbamtray
2019-06-28 11:20 - 2019-06-28 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-28 11:20 - 2019-06-28 11:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-28 11:20 - 2019-06-28 11:20 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-28 11:20 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-06-28 11:20 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-06-28 11:19 - 2019-06-28 11:20 - 064333800 _____ (Malwarebytes ) C:\Users\Uživatel\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11270.exe
2019-06-22 08:06 - 2019-06-22 08:06 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-06-22 08:06 - 2019-06-22 08:06 - 000002082 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-06-22 08:06 - 2019-06-22 08:06 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\AVAST Software
2019-06-22 08:06 - 2019-06-22 08:06 - 000000000 ____D C:\Users\Uživatel\AppData\Local\AVAST Software
2019-06-22 08:05 - 2019-06-28 16:30 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-06-22 08:05 - 2019-06-27 12:06 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-06-22 08:04 - 2019-06-22 08:05 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-22 08:04 - 2019-06-22 08:05 - 000225600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-22 08:04 - 2019-06-22 08:05 - 000168104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-06-22 08:04 - 2019-06-22 08:04 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000015488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2019-06-22 08:04 - 2019-06-22 08:04 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-06-22 08:04 - 2019-06-22 08:03 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-22 08:04 - 2019-06-22 08:03 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-06-22 08:03 - 2019-06-28 16:30 - 000002238 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-22 08:03 - 2019-06-22 12:58 - 000003048 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-22 08:03 - 2019-06-22 08:04 - 000000000 ____D C:\ProgramData\AVAST Software
2019-06-22 08:03 - 2019-06-22 08:03 - 000000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-22 08:03 - 2019-06-22 08:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-06-22 08:03 - 2019-06-22 08:03 - 000000000 ____D C:\Program Files\CCleaner
2019-06-22 08:03 - 2019-06-22 08:03 - 000000000 ____D C:\Program Files\AVAST Software
2019-06-22 08:02 - 2019-06-22 08:02 - 020638704 _____ (Piriform Software Ltd) C:\Users\Uživatel\Downloads\ccsetup558.exe
2019-06-21 19:34 - 2019-06-22 08:34 - 000000000 ____D C:\Windows\System32\Tasks\{175BAEB5-B917-B5BF-5FB3-106CAD6B45CD}
2019-06-21 19:34 - 2019-06-21 19:34 - 000002359 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2019-06-21 19:34 - 2019-06-21 19:34 - 000000000 ____D C:\Users\Uživatel\AppData\Local\chromium
2019-06-21 19:33 - 2019-06-21 19:34 - 000000000 ____D C:\ProgramData\{A0299C15-8801-E46D-D059-CC4538B1149D}
2019-06-21 19:33 - 2019-06-21 19:33 - 000001109 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2019-06-21 19:33 - 2019-06-21 19:33 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Pivot Animator
2019-06-21 19:33 - 2019-06-21 19:33 - 000000000 ____D C:\Users\U�ivatel
2019-06-21 19:33 - 2019-06-21 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
2019-06-21 19:33 - 2019-06-21 19:33 - 000000000 ____D C:\Program Files (x86)\Pivot Animator
2019-06-21 19:32 - 2019-06-21 19:35 - 000000000 ____D C:\ProgramData\xgdbc
2019-06-19 07:23 - 2019-06-19 07:23 - 000000000 ____D C:\Program Files\UNP
2019-06-13 12:58 - 2019-06-13 12:58 - 001993528 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 023438336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 018999296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 015221248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 012869120 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 012162048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 007875072 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 007724992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006926336 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006547144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006309256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005297152 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005210904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005112792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 004661760 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 003983872 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003906560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 003426816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 003344896 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 003091968 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 002777736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002690048 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002627600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 002323696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002276192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-12 15:41 - 2019-06-12 15:41 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-12 15:41 - 2019-06-12 15:41 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001860608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001761280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001750016 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001700312 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-12 15:41 - 2019-06-12 15:41 - 001670840 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001644544 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001618944 ____R (The ICU Project) C:\Windows\SysWOW64\icuin.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001471040 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 001466496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001342904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-12 15:41 - 2019-06-12 15:41 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001260048 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-06-12 15:41 - 2019-06-12 15:41 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001255936 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001254912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001223168 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001180184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 001098136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000927744 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000804352 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000699392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000586040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000555232 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000540720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000515152 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000513904 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-12 15:41 - 2019-06-12 15:41 - 000451104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000430904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000427688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000398208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000287912 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000262160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-12 15:41 - 2019-06-12 15:41 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-12 15:41 - 2019-06-12 15:41 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000122680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000091424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000087864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2019-06-12 15:41 - 2019-06-12 15:41 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2019-06-12 15:40 - 2019-06-12 15:41 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 017484800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 004997096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 003385344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 003270144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002928640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 002653696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002638336 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 002085168 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001929216 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001860096 ____R (The ICU Project) C:\Windows\system32\icuin.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001462272 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001298952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 001229824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 001219424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 001032704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000924160 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000773632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000752144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000730592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000676048 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000651064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000615440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000604344 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000506192 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000462136 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000419368 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\BingASDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000386576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000375544 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000351232 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000292664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000282424 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000247608 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000196920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSrv.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000152896 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000152400 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000137056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000125528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000114648 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000101176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\BingFilterDS.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-06-12 15:40 - 2019-06-12 15:40 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-06-12 15:40 - 2019-06-12 15:40 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-06-12 15:40 - 2019-06-12 15:40 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-28 16:30 - 2019-01-09 14:38 - 000003400 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-28 16:30 - 2019-01-09 14:38 - 000003176 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-28 16:30 - 2019-01-09 13:45 - 000002862 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2290176911-3157601873-3903230591-1001
2019-06-28 16:02 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-28 15:51 - 2019-01-09 13:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-28 15:19 - 2019-01-09 13:48 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-28 15:19 - 2019-01-09 13:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-28 15:18 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-28 14:25 - 2019-04-02 17:32 - 000000000 ____D C:\Users\Uživatel\AppData\Local\D3DSCache
2019-06-28 11:36 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-28 11:36 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-06-28 11:20 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-26 20:28 - 2019-03-26 18:22 - 000001442 _____ C:\Users\Uživatel\Desktop\Roblox Player.lnk
2019-06-26 20:28 - 2019-03-26 18:21 - 000001257 _____ C:\Users\Uživatel\Desktop\Roblox Studio.lnk
2019-06-26 20:28 - 2019-03-26 18:21 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-06-22 16:44 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-06-22 08:06 - 2019-01-09 13:16 - 000000000 ____D C:\Windows\Panther
2019-06-22 08:06 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-06-21 21:15 - 2019-01-09 14:00 - 000000000 ____D C:\ProgramData\Packages
2019-06-20 14:20 - 2019-01-09 14:39 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-20 14:20 - 2019-01-09 14:39 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-17 20:19 - 2019-05-15 18:30 - 000000000 ____D C:\Users\Uživatel\AppData\Local\ElevatedDiagnostics
2019-06-13 15:19 - 2019-01-09 13:45 - 000000000 ___RD C:\Users\Uživatel\OneDrive
2019-06-13 15:19 - 2019-01-09 13:40 - 000002380 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-13 12:58 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-06-13 07:28 - 2019-01-09 13:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-13 07:28 - 2019-01-09 13:42 - 000000000 ___RD C:\Users\Uživatel\3D Objects
2019-06-13 07:27 - 2019-01-09 13:16 - 000348672 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-12 21:42 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-12 21:42 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-06-12 21:42 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-06-12 15:31 - 2019-03-26 17:47 - 000000000 ____D C:\Windows\system32\MRT
2019-06-12 15:29 - 2019-03-26 17:47 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-04 16:00 - 2019-01-09 13:17 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-06-02 17:39 - 2019-03-26 18:21 - 000000254 _____ C:\Users\Uživatel\AppData\LocalLow\rbxcsettings.rbx
2019-05-31 20:03 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-31 20:03 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-29 20:16 - 2019-03-26 18:21 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Roblox
==================== FLock ================
2019-01-09 13:26 C:\Windows\CSC
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Re: Chromium
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by Uživatel (28-06-2019 16:40:43)
Running from C:\Users\Uživatel\Desktop
Windows 10 Pro Version 1809 17763.557 (X64) (2019-01-09 11:26:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2290176911-3157601873-3903230591-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2290176911-3157601873-3903230591-503 - Limited - Disabled)
Guest (S-1-5-21-2290176911-3157601873-3903230591-501 - Limited - Disabled)
Uživatel (S-1-5-21-2290176911-3157601873-3903230591-1001 - Administrator - Enabled) => C:\Users\Uživatel
WDAGUtilityAccount (S-1-5-21-2290176911-3157601873-3903230591-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM\...\{F611E93B-8EC1-4662-BDFF-6909DB820862}) (Version: 2.2.3509.0 - Futuremark) Hidden
3DMark (HKLM-x32\...\{4bf26510-8c4e-447c-b819-2967aeca2839}) (Version: 2.2.3509.0 - Futuremark)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 5.2.7.2 (HKLM\...\{42330F6C-6E8F-4E0A-8820-A7303D3C07FF}) (Version: 5.2.7.2 - The Document Foundation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.17 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.17 - NVIDIA Corporation)
NVIDIA USBC Driver 1.1.27.831 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.1.27.831 - NVIDIA Corporation)
Ovládací panel NVIDIA 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.17 - NVIDIA Corporation) Hidden
Pivot Animator version 4.2.7 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.2.7 - Motus Software Ltd)
Roblox Player for Uživatel (HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Uživatel (HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\roblox-studio) (Version: - Roblox Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1530.2.0_x86__kgqvnymyfvs32 [2019-06-14] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_5.0.0.3_x86__m9bz608c1b9ra [2019-06-10] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-26] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-09] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-03-26] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-01-09] (Thumbmunkeys Ltd) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-04-02 17:31 - 2019-04-02 17:31 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-04-02 17:31 - 2019-04-02 17:31 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-04-02 17:31 - 2019-04-02 17:31 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 000078848 _____ () [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\libegl.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 003148800 _____ () [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\libglesv2.dll
2019-04-02 17:31 - 2019-04-02 17:31 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 036962304 _____ (The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\chrome.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 000427520 _____ (The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\chrome_elf.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 049775616 _____ (The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\chrome_child.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 004186112 _____ (The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 09:31 - 2019-06-22 07:58 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NGX
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\Control Panel\Desktop\\Wallpaper -> c:\users\uživatel\downloads\jina kocka.jpg
DNS Servers: 82.144.128.1 - 82.144.129.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{644C69F4-D2EE-4BC2-A432-C2E8C4EB41F6}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{738EC2E8-AC59-4498-89F0-0DA67822CE87}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{FC85C66E-48BA-4B5F-8B57-D887363BC0B5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D78AB557-C83A-4A29-BDA3-499EBDCC2BCA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B180DDB9-0F64-46D9-B25C-26F3471B0603}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3F185D3B-2384-4DDE-9E35-18CE8961AA93}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F156894C-66BB-4C51-ACC9-AFF74C93782D}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{BB5D943A-0295-4962-BFFE-8F75901F51E1}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{9215AF83-2487-4DAA-9C05-98B8E28D022F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C5E7492A-D52B-49CF-9DEA-1C518D843AD4}] => (Allow) C:\Users\Uživatel\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
==================== Restore Points =========================
12-06-2019 07:44:22 Naplánovaný kontrolní bod
19-06-2019 15:28:26 Naplánovaný kontrolní bod
27-06-2019 16:15:39 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Kompatibilní myš PS/2
Description: Kompatibilní myš PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/21/2019 07:33:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: pivot_v4-2_1254816609.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.475, časové razítko: 0x1ddde673
Kód výjimky: 0xc0000005
Posun chyby: 0x00051e0b
ID chybujícího procesu: 0x1ef8
Čas spuštění chybující aplikace: 0x01d528575711c91a
Cesta k chybující aplikaci: C:\Users\Uživatel\Downloads\pivot_v4-2_1254816609.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: a20dd692-d3f0-479a-a772-6ef37e1c6f86
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/27/2019 06:13:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchUI.exe verze 10.0.17763.404 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1b8c
Čas spuštění: 01d514a70c86e726
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID hlášení: 741853c2-0e19-4127-aa5c-a547c153beb6
Úplný název balíčku s chybou: Microsoft.Windows.Cortana_1.11.5.17763_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: CortanaUI
Typ zablokování: Quiesce
Error: (03/26/2019 07:49:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 73.0.3683.86 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1ca4
Čas spuštění: 01d4e3ebc1c1e130
Čas ukončení: 40
Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
ID hlášení: 578dc334-82f5-479f-b54f-57057fe5856b
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (03/26/2019 06:49:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PickerHost.exe, verze: 10.0.17763.1, časové razítko: 0xc95f39d0
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.1, časové razítko: 0xa369e897
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb349
ID chybujícího procesu: 0x1938
Čas spuštění chybující aplikace: 0x01d4e3f3c95d0e97
Cesta k chybující aplikaci: C:\Windows\System32\PickerHost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 5a49abe8-7c1b-42c8-9228-17449f350861
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/26/2019 06:49:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.Photos.exe, verze: 2019.19011.19410.0, časové razítko: 0x5c7d9545
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.27405.0, časové razítko: 0x5c59d1be
Kód výjimky: 0x80004005
Posun chyby: 0x00000000007e36ae
ID chybujícího procesu: 0x132c
Čas spuštění chybující aplikace: 0x01d4e3ec5decfe55
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 6e5b2e82-44e5-4ae3-a351-ff65e5066ea3
Úplný název chybujícího balíčku: Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (03/26/2019 05:49:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SkypeApp.exe, verze: 8.36.0.52, časové razítko: 0x5c101808
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17763.1, časové razítko: 0x5df1492c
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000bd458
ID chybujícího procesu: 0x1db8
Čas spuštění chybující aplikace: 0x01d4e3eb27d1e597
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\twinapi.appcore.dll
ID zprávy: f358f725-5de6-42ab-9b73-bc1a4cc1455a
Úplný název chybujícího balíčku: Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c
ID aplikace související s chybujícím balíčkem: App
Error: (03/22/2019 06:47:46 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Přístup k datům o výkonu byl odepřen pro uživatele SYSTEM (hodnota z GetUsera() pro běžící vlákno), když došlo k příslušnému pokusu z modulu \\?\C:\Windows\system32\wbem\WMIADAP.EXE (hodnota z GetModuleFileName() pro binární soubor, který vystavil dotaz).
Error: (03/22/2019 06:44:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004C003
Argument příkazového řádku:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent
System errors:
=============
Error: (06/28/2019 04:38:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 04:35:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 04:19:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WpnUserService_2ae87 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (06/28/2019 03:54:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 03:51:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 03:21:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 03:21:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 03:21:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-05-29 17:13:30.737
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9F38C8E1-E03F-46EA-8856-952A15CA8618}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-29 17:03:50.200
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {79FC4960-0E70-499D-B76E-22A49CFD55EA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-22 18:25:49.145
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {5E8E477D-BD94-4B0C-B932-C6FB0070FE0C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-22 17:19:58.799
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {089DC45A-158E-42BC-885C-AA6DDDDA68B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-21 19:36:30.182
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3E341CAD-F63B-4B08-BE04-5D7293533B3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-16 21:33:42.828
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.1657.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x8024402c
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2019-06-28 15:21:06.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:06.177
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:06.167
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:06.139
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:05.992
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:05.971
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:05.860
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:05.852
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. A05 05/28/2011
Motherboard: Dell Inc. 0HY9JP
Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 37%
Total physical RAM: 8148.93 MB
Available physical RAM: 5071.63 MB
Total Virtual: 11220.93 MB
Available Virtual: 6425.96 MB
==================== Drives ================================
Drive c: (Compik) (Fixed) (Total:297.55 GB) (Free:196.42 GB) NTFS
Drive f: (OZIEBOO) (CDROM) (Total:7.44 GB) (Free:0 GB) UDF
\\?\Volume{085c6574-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 085C6574)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Uživatel (28-06-2019 16:40:43)
Running from C:\Users\Uživatel\Desktop
Windows 10 Pro Version 1809 17763.557 (X64) (2019-01-09 11:26:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2290176911-3157601873-3903230591-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2290176911-3157601873-3903230591-503 - Limited - Disabled)
Guest (S-1-5-21-2290176911-3157601873-3903230591-501 - Limited - Disabled)
Uživatel (S-1-5-21-2290176911-3157601873-3903230591-1001 - Administrator - Enabled) => C:\Users\Uživatel
WDAGUtilityAccount (S-1-5-21-2290176911-3157601873-3903230591-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM\...\{F611E93B-8EC1-4662-BDFF-6909DB820862}) (Version: 2.2.3509.0 - Futuremark) Hidden
3DMark (HKLM-x32\...\{4bf26510-8c4e-447c-b819-2967aeca2839}) (Version: 2.2.3509.0 - Futuremark)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 5.2.7.2 (HKLM\...\{42330F6C-6E8F-4E0A-8820-A7303D3C07FF}) (Version: 5.2.7.2 - The Document Foundation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.17 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.17 - NVIDIA Corporation)
NVIDIA USBC Driver 1.1.27.831 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.1.27.831 - NVIDIA Corporation)
Ovládací panel NVIDIA 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.17 - NVIDIA Corporation) Hidden
Pivot Animator version 4.2.7 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.2.7 - Motus Software Ltd)
Roblox Player for Uživatel (HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Uživatel (HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\...\roblox-studio) (Version: - Roblox Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1530.2.0_x86__kgqvnymyfvs32 [2019-06-14] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_5.0.0.3_x86__m9bz608c1b9ra [2019-06-10] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-26] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-09] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-03-26] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-01-09] (Thumbmunkeys Ltd) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-04-02 17:31 - 2019-04-02 17:31 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-04-02 17:31 - 2019-04-02 17:31 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-04-02 17:31 - 2019-04-02 17:31 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 000078848 _____ () [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\libegl.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 003148800 _____ () [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\libglesv2.dll
2019-04-02 17:31 - 2019-04-02 17:31 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 036962304 _____ (The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\chrome.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 000427520 _____ (The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\chrome_elf.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 049775616 _____ (The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\63.0.3237.0\chrome_child.dll
2019-06-21 19:34 - 2017-10-10 12:05 - 004186112 _____ (The Chromium Authors) [File not signed] C:\Users\Uživatel\AppData\Local\chromium\Application\chrome.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 09:31 - 2019-06-22 07:58 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NGX
HKU\S-1-5-21-2290176911-3157601873-3903230591-1001\Control Panel\Desktop\\Wallpaper -> c:\users\uživatel\downloads\jina kocka.jpg
DNS Servers: 82.144.128.1 - 82.144.129.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{644C69F4-D2EE-4BC2-A432-C2E8C4EB41F6}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{738EC2E8-AC59-4498-89F0-0DA67822CE87}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{FC85C66E-48BA-4B5F-8B57-D887363BC0B5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D78AB557-C83A-4A29-BDA3-499EBDCC2BCA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B180DDB9-0F64-46D9-B25C-26F3471B0603}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3F185D3B-2384-4DDE-9E35-18CE8961AA93}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F156894C-66BB-4C51-ACC9-AFF74C93782D}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{BB5D943A-0295-4962-BFFE-8F75901F51E1}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{9215AF83-2487-4DAA-9C05-98B8E28D022F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C5E7492A-D52B-49CF-9DEA-1C518D843AD4}] => (Allow) C:\Users\Uživatel\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
==================== Restore Points =========================
12-06-2019 07:44:22 Naplánovaný kontrolní bod
19-06-2019 15:28:26 Naplánovaný kontrolní bod
27-06-2019 16:15:39 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Kompatibilní myš PS/2
Description: Kompatibilní myš PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/21/2019 07:33:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: pivot_v4-2_1254816609.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.475, časové razítko: 0x1ddde673
Kód výjimky: 0xc0000005
Posun chyby: 0x00051e0b
ID chybujícího procesu: 0x1ef8
Čas spuštění chybující aplikace: 0x01d528575711c91a
Cesta k chybující aplikaci: C:\Users\Uživatel\Downloads\pivot_v4-2_1254816609.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: a20dd692-d3f0-479a-a772-6ef37e1c6f86
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/27/2019 06:13:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchUI.exe verze 10.0.17763.404 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1b8c
Čas spuštění: 01d514a70c86e726
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID hlášení: 741853c2-0e19-4127-aa5c-a547c153beb6
Úplný název balíčku s chybou: Microsoft.Windows.Cortana_1.11.5.17763_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: CortanaUI
Typ zablokování: Quiesce
Error: (03/26/2019 07:49:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 73.0.3683.86 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1ca4
Čas spuštění: 01d4e3ebc1c1e130
Čas ukončení: 40
Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
ID hlášení: 578dc334-82f5-479f-b54f-57057fe5856b
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (03/26/2019 06:49:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PickerHost.exe, verze: 10.0.17763.1, časové razítko: 0xc95f39d0
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.1, časové razítko: 0xa369e897
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb349
ID chybujícího procesu: 0x1938
Čas spuštění chybující aplikace: 0x01d4e3f3c95d0e97
Cesta k chybující aplikaci: C:\Windows\System32\PickerHost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 5a49abe8-7c1b-42c8-9228-17449f350861
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/26/2019 06:49:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.Photos.exe, verze: 2019.19011.19410.0, časové razítko: 0x5c7d9545
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.27405.0, časové razítko: 0x5c59d1be
Kód výjimky: 0x80004005
Posun chyby: 0x00000000007e36ae
ID chybujícího procesu: 0x132c
Čas spuštění chybující aplikace: 0x01d4e3ec5decfe55
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 6e5b2e82-44e5-4ae3-a351-ff65e5066ea3
Úplný název chybujícího balíčku: Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (03/26/2019 05:49:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SkypeApp.exe, verze: 8.36.0.52, časové razítko: 0x5c101808
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17763.1, časové razítko: 0x5df1492c
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000bd458
ID chybujícího procesu: 0x1db8
Čas spuštění chybující aplikace: 0x01d4e3eb27d1e597
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\twinapi.appcore.dll
ID zprávy: f358f725-5de6-42ab-9b73-bc1a4cc1455a
Úplný název chybujícího balíčku: Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c
ID aplikace související s chybujícím balíčkem: App
Error: (03/22/2019 06:47:46 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Přístup k datům o výkonu byl odepřen pro uživatele SYSTEM (hodnota z GetUsera() pro běžící vlákno), když došlo k příslušnému pokusu z modulu \\?\C:\Windows\system32\wbem\WMIADAP.EXE (hodnota z GetModuleFileName() pro binární soubor, který vystavil dotaz).
Error: (03/22/2019 06:44:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004C003
Argument příkazového řádku:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent
System errors:
=============
Error: (06/28/2019 04:38:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 04:35:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 04:19:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WpnUserService_2ae87 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (06/28/2019 03:54:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 03:51:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 03:21:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 03:21:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-P57QUDT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-P57QUDT\Uživatel (SID: S-1-5-21-2290176911-3157601873-3903230591-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/28/2019 03:21:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-05-29 17:13:30.737
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9F38C8E1-E03F-46EA-8856-952A15CA8618}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-29 17:03:50.200
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {79FC4960-0E70-499D-B76E-22A49CFD55EA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-22 18:25:49.145
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {5E8E477D-BD94-4B0C-B932-C6FB0070FE0C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-22 17:19:58.799
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {089DC45A-158E-42BC-885C-AA6DDDDA68B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-21 19:36:30.182
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3E341CAD-F63B-4B08-BE04-5D7293533B3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-05-16 21:33:42.828
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.1657.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x8024402c
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. CodeIntegrity:
===================================
Date: 2019-06-28 15:21:06.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:06.177
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:06.167
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:06.139
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:05.992
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:05.971
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:05.860
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-28 15:21:05.852
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. A05 05/28/2011
Motherboard: Dell Inc. 0HY9JP
Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 37%
Total physical RAM: 8148.93 MB
Available physical RAM: 5071.63 MB
Total Virtual: 11220.93 MB
Available Virtual: 6425.96 MB
==================== Drives ================================
Drive c: (Compik) (Fixed) (Total:297.55 GB) (Free:196.42 GB) NTFS
Drive f: (OZIEBOO) (CDROM) (Total:7.44 GB) (Free:0 GB) UDF
\\?\Volume{085c6574-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 085C6574)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Chromium
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4282198C-28C3-4937-B26E-0B99D1298BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
Task: {C5885A57-7091-4137-AC38-3359A8137377} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Chromium
Pořád 
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by Uživatel (28-06-2019 19:03:34) Run:1
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available Profiles: Uživatel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4282198C-28C3-4937-B26E-0B99D1298BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
Task: {C5885A57-7091-4137-AC38-3359A8137377} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4282198C-28C3-4937-B26E-0B99D1298BF9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4282198C-28C3-4937-B26E-0B99D1298BF9}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5885A57-7091-4137-AC38-3359A8137377}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5885A57-7091-4137-AC38-3359A8137377}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 82856651 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1366834 B
Edge => 3654877 B
Chrome => 397860653 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3716 B
LocalService => 0 B
NetworkService => 1184 B
NetworkService => 0 B
Uživatel => 736002300 B
RecycleBin => 2457 B
EmptyTemp: => 1.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:04:08 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by Uživatel (28-06-2019 19:03:34) Run:1
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available Profiles: Uživatel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4282198C-28C3-4937-B26E-0B99D1298BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
Task: {C5885A57-7091-4137-AC38-3359A8137377} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-09] (Google Inc -> Google Inc.)
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4282198C-28C3-4937-B26E-0B99D1298BF9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4282198C-28C3-4937-B26E-0B99D1298BF9}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5885A57-7091-4137-AC38-3359A8137377}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5885A57-7091-4137-AC38-3359A8137377}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 82856651 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1366834 B
Edge => 3654877 B
Chrome => 397860653 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3716 B
LocalService => 0 B
NetworkService => 1184 B
NetworkService => 0 B
Uživatel => 736002300 B
RecycleBin => 2457 B
EmptyTemp: => 1.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:04:08 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Chromium
Smazáno. Chromium, které v PC máte, není virus, ale: https://www.stahuj.cz/internet_a_site/p ... /chromium/ . Pokud ho v PC nechcete, odinstalujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Chromium
Už je pryč. Děkuji moc za pomoc. Hezký den
Nela
Nela
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Chromium
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?