Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

vyskakující stránky

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
michal1223
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 08 srp 2008 16:35

vyskakující stránky

#1 Příspěvek od michal1223 »

zdravím, po zapnutí stále vyskakují nějaké stránky, můžete prosím kouknout? Díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Michal (administrator) on MICHAL-PC (Acer Aspire M5811) (18-07-2019 20:42:25)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> ) C:\OEM\USBDECTION\USBS3S4Detection.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Acer Incorporated -> Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Digital Wave Ltd -> Digital Wave Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Michal\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.72\opera_crashreporter.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] (Acer Incorporated -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-717758605-1106027559-3896876889-1000\...\Run: [Gaijin.Net Updater] => C:\Users\Michal\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-04-22] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-717758605-1106027559-3896876889-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-717758605-1106027559-3896876889-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-26] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00D38C0A-DB75-43F9-93C2-285861907C68} - System32\Tasks\{58B8170D-FFFD-4CB1-B8A5-0234830FA395} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\McAfee\MSC\mcuninst.exe"
Task: {0D7ACE16-A882-486F-B374-81A2240807BC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-15] (Adobe Inc. -> Adobe)
Task: {1404E4C4-D138-43B2-AF5D-5538A7FAE473} - System32\Tasks\{558938E5-1C74-4956-AD82-1BF109320A1A} => C:\Windows\system32\pcalua.exe -a D:\Downloads\funhouse.exe -d D:\Downloads
Task: {261796E6-D0D6-473D-B3F4-B221CC02B931} - System32\Tasks\{975148D1-6E39-44E4-9D89-2949ECB1FEFB} => C:\Windows\system32\pcalua.exe -a D:\Downloads\SetupWordToPDF.exe -d D:\Downloads
Task: {268513CA-CA15-4053-9160-1037DDB57B9D} - System32\Tasks\{8275FF53-43CE-420F-866F-2CF349A7E937} => C:\Windows\system32\pcalua.exe -a C:\Users\Michal\Desktop\GTA_5_CZ_Instalator.exe -d C:\Users\Michal\Desktop
Task: {27B9574C-BAC5-4DE5-87AC-E53400E18DDF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3C4D575C-8C0A-4828-8864-99289641CE58} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-717758605-1106027559-3896876889-1000UA => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4C391530-B686-4FE0-9FC0-C1B61E04E029} - System32\Tasks\Opera scheduled Autoupdate 1496341338 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-11] (Opera Software AS -> Opera Software)
Task: {7B8C47C0-6840-4360-BAD9-3D4467F9A8EE} - System32\Tasks\Opera scheduled Autoupdate 1492376809 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-11] (Opera Software AS -> Opera Software)
Task: {84A3CAB1-23B4-4422-A126-13319F9288A9} - System32\Tasks\{B157664F-963A-4AF1-B708-43B67AD93B11} => C:\Windows\system32\pcalua.exe -a C:\Users\Michal\Downloads\TeamSpeak3-cestina-0.1.-beta2.exe -d C:\Users\Michal\Downloads
Task: {858881D4-BC02-4556-8300-886E91482C5B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {8758412A-A3F6-459E-AA09-F4D5E980A734} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {89DF3408-E958-4695-9E4B-D5DC0118C180} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {90F1844E-E3FD-40EB-A404-8B21D7871E62} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-717758605-1106027559-3896876889-1000Core => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {BA6F97BD-B2C2-47CA-B71E-454AFE219501} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-15] (Adobe Inc. -> Adobe)
Task: {CDF010E9-11B4-4858-A300-D3F6B7A66CEF} - System32\Tasks\{D06F5F84-8F55-4E45-A26F-565ED24D069E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\setup-bp.exe" -d "C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl"
Task: {CFADF8E2-CD96-448A-B5E7-A5AF4152ED2B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 88.83.169.2 195.113.144.194
Tcpip\..\Interfaces\{1311EEBF-3D32-4CC0-AFB4-F75D58CB1316}: [DhcpNameServer] 88.83.169.2 195.113.144.194
Tcpip\..\Interfaces\{4E05B988-A467-4A3C-A54A-EB389AEACD2E}: [DhcpNameServer] 88.83.169.2 195.113.144.194

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-717758605-1106027559-3896876889-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/#
HKU\S-1-5-21-717758605-1106027559-3896876889-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-717758605-1106027559-3896876889-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ687
SearchScopes: HKU\S-1-5-21-717758605-1106027559-3896876889-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-717758605-1106027559-3896876889-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ687
SearchScopes: HKU\S-1-5-21-717758605-1106027559-3896876889-1000 -> {A11D0B67-762F-4FA4-8FCE-2C8B249D7634} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)

FireFox:
========
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2019-06-09]
CHR Extension: (Prezentace) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-08]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-08]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-08]

Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-11] (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed]
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] (Acer Incorporated -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279336 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
S3 atikmdag; C:\Windows\system32\drivers\atikmdag.sys [5020672 2009-07-13] (Microsoft Windows -> ATI Technologies Inc.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-02-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-02-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 MTRACK2X2M; C:\Windows\System32\DRIVERS\MAudioMTrack2X2M.sys [245336 2018-06-08] (INMUSIC BRANDS INC -> M-Audio)
S3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MEDIATEK INC. -> MediaTek Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2017-06-09] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-18 20:42 - 2019-07-18 20:43 - 000019462 _____ C:\Users\Michal\Desktop\FRST.txt
2019-07-18 20:41 - 2019-07-18 20:42 - 000000000 ____D C:\FRST
2019-07-18 20:41 - 2019-07-18 20:41 - 002095104 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2019-07-18 20:22 - 2019-07-18 20:22 - 007025360 _____ (Malwarebytes) C:\Users\Michal\Desktop\adwcleaner_7.3 (1).exe
2019-07-18 20:05 - 2019-07-18 20:05 - 000406168 _____ C:\Windows\Minidump\071819-17706-01.dmp
2019-07-16 20:15 - 2019-07-16 20:19 - 1173849473 _____ C:\Users\Michal\Downloads\Hastrman.mp4
2019-07-16 19:53 - 2019-07-16 19:58 - 1402161974 _____ C:\Users\Michal\Downloads\Martan 2015 cz dabing.avi
2019-07-15 17:11 - 2019-06-28 07:24 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-15 17:11 - 2019-06-28 07:24 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-07-15 17:11 - 2019-06-28 07:24 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-15 17:11 - 2019-06-28 07:24 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-07-15 17:11 - 2019-06-28 07:24 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-15 17:11 - 2019-06-28 07:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2019-07-15 17:11 - 2019-06-28 07:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2019-07-15 17:11 - 2019-06-28 07:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2019-07-15 17:11 - 2019-06-28 07:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-15 17:11 - 2019-06-21 05:09 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-07-15 17:11 - 2019-06-21 05:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-07-15 17:11 - 2019-06-21 04:44 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-07-15 17:11 - 2019-06-21 03:41 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-15 17:11 - 2019-06-20 11:11 - 000396896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-07-15 17:11 - 2019-06-20 10:15 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-07-15 17:11 - 2019-06-19 05:06 - 006135296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-15 17:11 - 2019-06-19 03:52 - 007081984 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-15 17:11 - 2019-06-18 08:41 - 001649664 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-15 17:11 - 2019-06-18 06:34 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-15 17:11 - 2019-06-18 06:21 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-07-15 17:11 - 2019-06-18 06:21 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-07-15 17:11 - 2019-06-18 06:09 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-15 17:11 - 2019-06-18 06:08 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-07-15 17:11 - 2019-06-18 06:07 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-15 17:11 - 2019-06-18 06:07 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-07-15 17:11 - 2019-06-18 06:07 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-07-15 17:11 - 2019-06-18 06:07 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-07-15 17:11 - 2019-06-18 06:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-07-15 17:11 - 2019-06-18 05:59 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-15 17:11 - 2019-06-18 05:59 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-07-15 17:11 - 2019-06-18 05:57 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-07-15 17:11 - 2019-06-18 05:56 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-15 17:11 - 2019-06-18 05:56 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-07-15 17:11 - 2019-06-18 05:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-07-15 17:11 - 2019-06-18 05:56 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-07-15 17:11 - 2019-06-18 05:55 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-07-15 17:11 - 2019-06-18 05:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-07-15 17:11 - 2019-06-18 05:48 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-07-15 17:11 - 2019-06-18 05:45 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-07-15 17:11 - 2019-06-18 05:39 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-15 17:11 - 2019-06-18 05:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-07-15 17:11 - 2019-06-18 05:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-07-15 17:11 - 2019-06-18 05:38 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-07-15 17:11 - 2019-06-18 05:38 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-07-15 17:11 - 2019-06-18 05:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-07-15 17:11 - 2019-06-18 05:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-07-15 17:11 - 2019-06-18 05:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-07-15 17:11 - 2019-06-18 05:35 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-15 17:11 - 2019-06-18 05:35 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-07-15 17:11 - 2019-06-18 05:34 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-07-15 17:11 - 2019-06-18 05:32 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-07-15 17:11 - 2019-06-18 05:32 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-07-15 17:11 - 2019-06-18 05:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-07-15 17:11 - 2019-06-18 05:30 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-07-15 17:11 - 2019-06-18 05:30 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-07-15 17:11 - 2019-06-18 05:29 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-07-15 17:11 - 2019-06-18 05:29 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-07-15 17:11 - 2019-06-18 05:29 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-07-15 17:11 - 2019-06-18 05:21 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-07-15 17:11 - 2019-06-18 05:21 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-07-15 17:11 - 2019-06-18 05:20 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-07-15 17:11 - 2019-06-18 05:20 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-07-15 17:11 - 2019-06-18 05:19 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-15 17:11 - 2019-06-18 05:17 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-07-15 17:11 - 2019-06-18 05:17 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-07-15 17:11 - 2019-06-18 05:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-07-15 17:11 - 2019-06-18 05:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-07-15 17:11 - 2019-06-18 05:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-07-15 17:11 - 2019-06-18 05:13 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-07-15 17:11 - 2019-06-18 05:13 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-07-15 17:11 - 2019-06-18 05:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-07-15 17:11 - 2019-06-18 05:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-07-15 17:11 - 2019-06-18 05:07 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-15 17:11 - 2019-06-18 05:06 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-07-15 17:11 - 2019-06-18 05:04 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-07-15 17:11 - 2019-06-18 05:03 - 013706752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-15 17:11 - 2019-06-18 05:03 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-07-15 17:11 - 2019-06-18 05:03 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-07-15 17:11 - 2019-06-18 05:02 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-07-15 17:11 - 2019-06-18 04:55 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-07-15 17:11 - 2019-06-18 04:44 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-07-15 17:11 - 2019-06-18 04:43 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-07-15 17:11 - 2019-06-18 04:41 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-07-15 17:11 - 2019-06-18 04:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-07-15 17:11 - 2019-06-13 05:25 - 000160488 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-15 17:11 - 2019-06-13 05:21 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-15 17:11 - 2019-06-12 17:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-07-15 17:11 - 2019-06-12 17:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-07-15 17:11 - 2019-06-12 17:22 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-07-15 17:11 - 2019-06-12 17:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-07-15 17:11 - 2019-06-12 17:21 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-07-15 17:11 - 2019-06-12 17:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:15 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-15 17:11 - 2019-06-12 17:11 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-15 17:11 - 2019-06-12 17:11 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-15 17:11 - 2019-06-12 17:11 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-07-15 17:11 - 2019-06-12 17:11 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-07-15 17:11 - 2019-06-12 17:10 - 005550824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-15 17:11 - 2019-06-12 17:10 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-07-15 17:11 - 2019-06-12 17:09 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-07-15 17:11 - 2019-06-12 17:08 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-07-15 17:11 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-07-15 17:11 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-07-15 17:11 - 2019-06-12 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-07-15 17:11 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 17:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-07-15 17:11 - 2019-06-12 17:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-07-15 17:11 - 2019-06-12 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-15 17:11 - 2019-06-12 16:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-07-15 17:11 - 2019-06-12 16:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-07-15 17:11 - 2019-06-12 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-07-15 17:11 - 2019-06-12 16:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2019-07-15 17:11 - 2019-06-12 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-07-15 17:11 - 2019-06-12 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-07-15 17:11 - 2019-06-12 16:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-07-15 17:11 - 2019-06-12 16:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-07-15 17:11 - 2019-06-12 16:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-07-15 17:11 - 2019-06-12 16:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-07-15 17:11 - 2019-06-12 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-07-15 17:11 - 2019-06-12 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-07-15 17:11 - 2019-06-12 16:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-07-15 17:11 - 2019-06-12 16:42 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-07-15 17:11 - 2019-06-12 16:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-15 17:11 - 2019-06-12 16:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-07-15 17:11 - 2019-06-12 16:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-07-15 17:11 - 2019-06-12 16:39 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-07-15 17:11 - 2019-06-12 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-07-15 17:11 - 2019-06-12 16:37 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-07-15 17:11 - 2019-06-12 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-07-15 17:11 - 2019-06-12 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-07-15 17:11 - 2019-06-12 16:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-07-15 17:11 - 2019-06-12 16:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-15 17:11 - 2019-06-12 16:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-07-15 17:11 - 2019-06-12 16:36 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-15 17:11 - 2019-06-12 16:36 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-07-15 17:11 - 2019-06-12 16:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-07-15 17:11 - 2019-06-12 16:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-07-15 17:11 - 2019-06-12 16:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-07-15 17:11 - 2019-06-12 16:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-07-15 17:11 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-07-15 17:11 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-07-15 17:11 - 2019-06-12 16:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-07-15 17:11 - 2019-06-12 16:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-07-15 17:11 - 2019-06-11 04:59 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-15 17:11 - 2019-06-11 04:59 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-15 17:11 - 2019-06-11 04:59 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-15 17:11 - 2019-06-11 04:59 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-15 17:11 - 2019-06-11 04:59 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-07-15 17:11 - 2019-06-11 04:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-15 17:11 - 2019-06-11 04:59 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-15 17:11 - 2019-06-11 04:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-15 17:11 - 2019-06-07 17:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-07-15 17:11 - 2019-06-07 17:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-07-15 17:11 - 2019-06-07 17:08 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-15 17:11 - 2019-06-07 17:08 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-15 17:11 - 2019-06-07 17:08 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-07-15 17:11 - 2019-06-07 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-07-15 17:11 - 2019-06-07 16:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-07-15 16:57 - 2019-07-15 16:56 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-15 16:57 - 2019-07-15 16:56 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-07-15 16:57 - 2019-07-15 16:56 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-01 15:42 - 2019-07-01 15:42 - 000406344 _____ C:\Windows\Minidump\070119-16863-01.dmp
2019-06-25 18:04 - 2019-06-25 18:04 - 000406496 _____ C:\Windows\Minidump\062519-15069-01.dmp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-18 20:14 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-18 20:14 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-18 20:05 - 2017-03-02 21:24 - 000000000 ____D C:\Windows\Minidump
2019-07-18 20:05 - 2016-04-04 21:40 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-18 20:05 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-17 13:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-07-17 13:01 - 2017-03-18 17:45 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-17 12:59 - 2009-07-14 07:08 - 000032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-16 20:47 - 2016-04-05 07:24 - 000668542 _____ C:\Windows\system32\perfh005.dat
2019-07-16 20:47 - 2016-04-05 07:24 - 000141202 _____ C:\Windows\system32\perfc005.dat
2019-07-16 20:47 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-16 20:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-16 18:22 - 2009-07-14 06:45 - 000442712 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-16 18:19 - 2017-03-02 21:53 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-07-16 18:19 - 2017-03-02 21:53 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-16 18:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-16 18:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-07-15 21:36 - 2016-04-05 23:36 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-07-15 21:33 - 2016-04-04 23:09 - 000000000 ____D C:\Windows\system32\MRT
2019-07-15 21:29 - 2016-04-04 23:09 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-15 17:01 - 2016-05-20 20:57 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-15 17:01 - 2016-05-20 20:57 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-15 17:01 - 2016-05-20 20:57 - 000004520 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-15 17:01 - 2016-05-20 20:57 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-07-15 17:01 - 2016-05-20 20:57 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-15 17:01 - 2009-11-19 00:08 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-15 16:57 - 2017-06-01 20:22 - 000003836 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1496341338
2019-07-15 16:57 - 2017-04-16 23:06 - 000000000 ____D C:\Program Files\Opera
2019-07-15 16:56 - 2019-02-19 18:06 - 000279336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-07-15 16:56 - 2019-01-17 18:07 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-07-15 16:56 - 2019-01-16 16:20 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-07-15 16:56 - 2019-01-16 16:20 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-07-15 16:56 - 2019-01-16 16:20 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-07-15 16:56 - 2018-10-22 20:06 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-07-15 16:56 - 2017-11-17 00:48 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-07-15 16:56 - 2017-06-01 20:22 - 000001042 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2019-07-15 16:56 - 2017-06-01 20:22 - 000001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-07-15 16:56 - 2016-04-04 22:34 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-07-15 16:56 - 2016-04-04 22:34 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-07-15 16:56 - 2016-04-04 22:34 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-07-15 16:56 - 2016-04-04 22:34 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-07-15 16:56 - 2016-04-04 22:34 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys

==================== Files in the root of some directories ================

2016-10-25 18:55 - 2016-10-25 18:55 - 000000100 _____ () C:\Users\Michal\AppData\Roaming\wklnhst.dat
2017-01-05 23:37 - 2017-01-05 23:37 - 000000000 ___SH () C:\Users\Michal\AppData\Local\LumaEmu
2017-03-09 23:34 - 2017-03-09 23:35 - 000011287 _____ () C:\Users\Michal\AppData\Local\MyWinLockerInstaller.txt-20170309.log
2016-04-04 23:46 - 2017-04-26 15:58 - 000007605 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-15 19:40
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Michal (18-07-2019 20:43:31)
Running from C:\Users\Michal\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-04-04 19:41:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-717758605-1106027559-3896876889-500 - Administrator - Disabled)
Guest (S-1-5-21-717758605-1106027559-3896876889-501 - Limited - Disabled)
Michal (S-1-5-21-717758605-1106027559-3896876889-1000 - Administrator - Enabled) => C:\Users\Michal

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{36381D51-CC5E-4698-A0CC-E939C75EC9D8}) (Version: 1.5 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.2 - Nero AG) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
firstobject XML Editor version 2.4.2 (HKLM-x32\...\firstobject XML Editor_is1) (Version: - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.4.317 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.10.511 - Digital Wave Ltd)
Freemake Video Converter verze 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{99D7DE4C-2775-4B16-B155-7F09AE939E8E}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{965ef942-36c2-4f92-b60f-c75cd1dcde2f}) (Version: - Nero AG)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
Opera Stable 45.0.2552.888 (HKLM-x32\...\Opera 45.0.2552.888) (Version: 45.0.2552.888 - Opera Software)
Opera Stable 49.0.2725.64 (HKLM-x32\...\Opera 49.0.2725.64) (Version: 49.0.2725.64 - Opera Software)
Opera Stable 51.0.2830.55 (HKLM-x32\...\Opera 51.0.2830.55) (Version: 51.0.2830.55 - Opera Software)
Opera Stable 62.0.3331.72 (HKLM-x32\...\Opera 62.0.3331.72) (Version: 62.0.3331.72 - Opera Software)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
War Thunder Launcher 1.0.3.148 (HKU\S-1-5-21-717758605-1106027559-3896876889-1000\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnet Explоrer (No Add-ons).lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunch Intеrnet Eхplоrеr Browser.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Оpеrа (2).lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Оpеrа.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Аvast SаfeZоne Вrowser.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <==== Cyrillic

ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D\Sweet Home 3D.lnk -> C:\ProgramData\Oracle\Java\javapath\javaws.exe (Oracle Corporation) -> -localfile -offline -J-Djnlp.application.href=hxxp://www.sweethome3d.com/SweetHome3D.jnlp "C:\Users\Michal\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\247e2df4-50746959"

==================== Loaded Modules (Whitelisted) ==============

2009-08-18 09:31 - 2009-08-18 09:31 - 000163840 _____ () [File not signed] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2016-04-04 21:50 - 2009-09-30 18:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2016-06-10 13:45 - 2016-05-11 16:11 - 000044392 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-06-10 13:45 - 2016-05-11 16:11 - 000104296 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-06-10 13:45 - 2016-05-11 16:11 - 000020328 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-06-10 13:45 - 2016-05-11 16:11 - 000387944 _____ (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
2016-06-10 13:45 - 2016-05-11 16:11 - 000300904 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dlmgr.dll
2016-06-10 13:45 - 2016-05-11 16:11 - 000129896 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\tier0.dll
2016-06-10 13:45 - 2016-05-11 16:11 - 000131944 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\updhelperlib.dll
2016-06-10 13:45 - 2016-03-17 20:53 - 000442728 _____ (Digital Wave Ltd -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\MSVCP120.dll
2016-06-10 13:45 - 2016-03-17 20:53 - 000958312 _____ (Digital Wave Ltd -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\MSVCR120.dll
2016-06-10 13:45 - 2016-05-11 16:11 - 000286056 _____ (Digital Wave Ltd -> The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcurl.dll
2016-07-11 11:36 - 2016-05-11 16:11 - 001333096 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\LIBEAY32MD.dll
2016-07-11 11:36 - 2016-05-11 16:11 - 000276328 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\SSLEAY32MD.dll
2016-04-04 21:50 - 2009-09-30 19:33 - 000262144 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2016-04-04 21:50 - 2009-09-30 18:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2016-04-04 21:50 - 2009-09-30 18:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2016-04-04 21:50 - 2009-09-30 19:34 - 002314240 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2017-12-09 17:23 - 2017-10-27 18:06 - 000874368 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2017-12-09 17:24 - 2017-10-27 18:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-717758605-1106027559-3896876889-1000\...\ibcsob24.cz -> hxxps://www.ibcsob24.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 17:00 - 000000029 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-717758605-1106027559-3896876889-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 88.83.169.2 - 195.113.144.194
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Michal\AppData\Local\Discord\app-0.0.304\Discord.exe
MSCONFIG\startupreg: Gaijin.Net Agent => "C:\Users\Michal\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
MSCONFIG\startupreg: Gaijin.Net Updater => "C:\Users\Michal\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{343C5892-A070-4CD6-82F2-5E22E5038736}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed]
FirewallRules: [{876105E7-881A-4CEA-BDA1-E0689E02F745}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed]
FirewallRules: [{E16DED39-2709-42A9-948C-D318E510862E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EB5E7FF8-797E-448A-BAD3-165B040DFF51}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{5D2E3A8E-943F-405C-A701-62F0C53FA29E}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{FB8C0A67-D787-46A2-9153-0087A2656F52}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{6E75653D-B4F3-4442-98DE-C7373700DD74}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed]
FirewallRules: [{8F6A81A0-33F6-4321-A129-E9D476146528}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed]
FirewallRules: [{A985B7C2-361A-4537-B723-E081826C8020}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BFD46346-7FBE-484E-8075-31BC1449E921}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B29F98D5-92C5-49DE-B642-3B7CEDF974A3}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2BE83862-DDAE-4B8A-9EE9-3DC792EBBBB7}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E1BB9E0F-DF79-401F-A5EB-C2179A771BBB}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A0A79496-5454-4633-A8BE-25BCEA37D6A2}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{FC18838D-BF3D-4239-9A0E-C74ECDC88BB3}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{594A58ED-4E53-4080-944C-A00B481756B6}] => (Allow) C:\Program Files\Opera\49.0.2725.47\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B1BCBFEE-4D30-41C5-B468-AA69E57CF6CF}] => (Allow) C:\Program Files\Opera\51.0.2830.40\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{1E378284-C197-4B47-92BC-D21B8745BBAE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6FC45140-07CC-47ED-B0A6-17F10215D0FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D228C7EC-0E4D-4342-B074-6A03D205B199}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F2E3C43A-5EC9-41E6-A902-477372C48B41}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{13A81309-39FB-49A8-8E4A-F6D24A4D426C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{83A849A2-A285-4B1A-A2B5-A6021B39FFC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{B1084CB1-BE87-464F-99AA-EA8CDF449D99}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{B436F7D6-0886-4629-87AB-A91C928273E6}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{B68074DF-A638-44EE-BDA1-CF493F0076B7}] => (Allow) C:\Program Files\Opera\60.0.3255.170\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{4279BD26-B195-4978-BDFD-2BC4AED51A77}] => (Allow) C:\Program Files\Opera\62.0.3331.72\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

15-07-2019 21:28:13 Windows Update

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft pro port PS/2
Description: Myš Microsoft pro port PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2019 11:53:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FontCache, verze: 6.1.7600.16385, časové razítko: 0x4a5bc3c1
Název chybujícího modulu: fntcache.dll, verze: 6.2.9200.22164, časové razítko: 0x590e23a5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000065987
ID chybujícího procesu: 0x7b8
Čas spuštění chybující aplikace: 0x01d50502736b4bd6
Cesta k chybující aplikaci: C:\Windows\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\fntcache.dll
ID zprávy: 87f47b7f-7112-11e9-ad1d-90fba6473217

Error: (05/07/2019 08:26:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FontCache, verze: 6.1.7600.16385, časové razítko: 0x4a5bc3c1
Název chybujícího modulu: fntcache.dll, verze: 6.2.9200.22164, časové razítko: 0x590e23a5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000065987
ID chybujícího procesu: 0x1af8
Čas spuštění chybující aplikace: 0x01d504f34b2ef10d
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\fntcache.dll
ID zprávy: b069f093-70f5-11e9-ad1d-90fba6473217

Error: (05/07/2019 06:38:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FontCache, verze: 6.1.7600.16385, časové razítko: 0x4a5bc3c1
Název chybujícího modulu: fntcache.dll, verze: 6.2.9200.22164, časové razítko: 0x590e23a5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000065987
ID chybujícího procesu: 0x44c
Čas spuštění chybující aplikace: 0x01d504e166c88758
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\fntcache.dll
ID zprávy: 87dc8e6a-70e6-11e9-ad1d-90fba6473217

Error: (04/27/2019 03:14:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_SysMain, verze: 6.1.7600.16385, časové razítko: 0x4a5bc3c1
Název chybujícího modulu: sysmain.dll, verze: 6.1.7601.24000, časové razítko: 0x5a499a8d
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000016cd1
ID chybujícího procesu: 0xb58
Čas spuštění chybující aplikace: 0x01d4fcbdd6157764
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\sysmain.dll
ID zprávy: 5fdbb9ca-68ee-11e9-ae81-90fba6473217

Error: (03/24/2019 07:07:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_7.0.8.0.exe, verze: 7.0.8.0, časové razítko: 0x5a7cb095
Název chybujícího modulu: adwcleaner_7.0.8.0.exe, verze: 7.0.8.0, časové razítko: 0x5a7cb095
Kód výjimky: 0xc0000005
Posun chyby: 0x0004c7aa
ID chybujícího procesu: 0x1404
Čas spuštění chybující aplikace: 0x01d4e263fb5da0f3
Cesta k chybující aplikaci: C:\Users\Michal\Downloads\adwcleaner_7.0.8.0.exe
Cesta k chybujícímu modulu: C:\Users\Michal\Downloads\adwcleaner_7.0.8.0.exe
ID zprávy: 49e47ab6-4e57-11e9-a3e6-90fba6473217

Error: (03/24/2019 07:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_7.2.7.0.exe, verze: 7.2.7.0, časové razítko: 0x5c518811
Název chybujícího modulu: SHELL32.dll, verze: 6.1.7601.24234, časové razítko: 0x5b71a68c
Kód výjimky: 0xc0000005
Posun chyby: 0x000a1884
ID chybujícího procesu: 0xcb0
Čas spuštění chybující aplikace: 0x01d4e2639fb9053e
Cesta k chybující aplikaci: C:\Users\Michal\Downloads\adwcleaner_7.2.7.0.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\SHELL32.dll
ID zprávy: dfb25728-4e56-11e9-a3e6-90fba6473217

Error: (03/24/2019 07:03:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_7.2.7.0.exe, verze: 7.2.7.0, časové razítko: 0x5c518811
Název chybujícího modulu: SHELL32.dll, verze: 6.1.7601.24234, časové razítko: 0x5b71a68c
Kód výjimky: 0xc0000005
Posun chyby: 0x000a1884
ID chybujícího procesu: 0x774
Čas spuštění chybující aplikace: 0x01d4e263896ae6f8
Cesta k chybující aplikaci: C:\Users\Michal\AppData\Local\Temp\scoped_dir4036_26371\adwcleaner_7.2.7.0.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\SHELL32.dll
ID zprávy: cf1d4090-4e56-11e9-a3e6-90fba6473217

Error: (03/24/2019 06:59:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Steam.exe, verze: 4.97.72.56, časové razítko: 0x5c7f0892
Název chybujícího modulu: SHELL32.dll, verze: 6.1.7601.24234, časové razítko: 0x5b71a68c
Kód výjimky: 0xc0000005
Posun chyby: 0x000a1884
ID chybujícího procesu: 0xc84
Čas spuštění chybující aplikace: 0x01d4e262dc03023e
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\Steam.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\SHELL32.dll
ID zprávy: 2406b010-4e56-11e9-a3e6-90fba6473217


System errors:
=============
Error: (07/18/2019 08:05:05 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000001a (0x0000000000041201, 0xfffff68000014088, 0xcc60000087039947, 0xfffffa800a5e9910). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: 071819-17706-01

Error: (07/18/2019 08:05:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:02:08, ‎18.‎7.‎2019) bylo neočekávané.

Error: (07/16/2019 08:46:27 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR7.

Error: (07/16/2019 08:46:25 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR7.

Error: (07/04/2019 06:58:21 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.

Error: (07/01/2019 03:42:39 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x00000050 (0xfffff681ff7fc128, 0x0000000000000000, 0xfffff80002bacf82, 0x0000000000000005). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: 070119-16863-01

Error: (07/01/2019 03:42:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:05:03, ‎1.‎7.‎2019) bylo neočekávané.

Error: (07/01/2019 02:35:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.


CodeIntegrity:
===================================

Date: 2017-11-17 09:42:08.941
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-17 09:42:08.832
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-17 09:27:21.879
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-17 09:27:21.754
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-17 09:14:03.356
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-17 09:14:03.232
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-17 08:57:09.560
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-17 08:57:09.420
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P01-A3 12/31/2009
Motherboard: Acer H57M01
Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 53%
Total physical RAM: 8119.09 MB
Available physical RAM: 3766.36 MB
Total Virtual: 16236.33 MB
Available Virtual: 11797.99 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:489.32 GB) (Free:191.26 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:442.19 GB) (Free:366.52 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 59797029)
Partition 1: (Active) - (Size=489.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=442.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: vyskakující stránky

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

michal1223
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 08 srp 2008 16:35

Re: vyskakující stránky

#3 Příspěvek od michal1223 »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-07-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-18-2019
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [18/07/2019 21:07:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: vyskakující stránky

#4 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

michal1223
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 08 srp 2008 16:35

Re: vyskakující stránky

#5 Příspěvek od michal1223 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Michal (22-07-2019 20:31:13) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File

EmptyTemp:
End

*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\AppMgmt => removed successfully
AppMgmt => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{d9cea52e-100d-4159-89ea-76e845bc13e1} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6012254 B
Java, Flash, Steam htmlcache => 128481991 B
Windows/system/drivers => 403 B
Edge => 0 B
Chrome => 155783 B
Firefox => 0 B
Opera => 31001969 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Michal => 2238088 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 168.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:31:41 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: vyskakující stránky

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

michal1223
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 08 srp 2008 16:35

Re: vyskakující stránky

#7 Příspěvek od michal1223 »

Děkuji. Ty stránky po spuštění pc vyskakují pořád, jsou vždy dvě...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: vyskakující stránky

#8 Příspěvek od Rudy »

Zkuste ještě vyčistit samotné prohlížeče. Spusťte postupně tyto utility:

1. tahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

michal1223
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 08 srp 2008 16:35

Re: vyskakující stránky

#9 Příspěvek od michal1223 »

stránky vyskakují pořád, nějaký fix.com a earn money...

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Michal on po 22.07.2019 at 22:18:59,42.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michal\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.7.2019 22:22:21 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\GUM3B52.tmp deleted successfully
C:\PROGRA~2\NewTech Infosystems deleted successfully
C:\PROGRA~2\COMMON~1\BattlEye deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\Users\Michal\AppData\Roaming\HDDHealth deleted successfully
C:\Users\Michal\AppData\Roaming\Mediatronic deleted successfully
C:\Users\Michal\AppData\Roaming\PDF Producer deleted successfully
C:\Users\Michal\AppData\Roaming\SEGA deleted successfully
C:\Users\Michal\AppData\Local\CrashDumps deleted successfully
C:\Users\Michal\AppData\Local\Rockstar Games deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-717758605-1106027559-3896876889-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFF1FF83-D72B-46DC-AC26-DEE8D1BD8B3F} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\GUM3B52.tmp not found
C:\PROGRA~2\NewTech Infosystems not found
C:\Users\Michal\AppData\Roaming\discord deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\hddhealth_s.log deleted
C:\PROGRA~3\Package Cache deleted
C:\PROGRA~3\Trymedia deleted
C:\Users\Michal\AppData\Local\MyWinLockerInstaller.txt-20170309.log deleted
C:\Windows\wininit.ini deleted
"C:\Users\Michal\AppData\Local\LumaEmu" deleted
"C:\Users\Michal\AppData\Roaming\KMP\default.kpl" deleted
"C:\Users\Michal\AppData\Local\AVAST Software\APM\Michal\kv_pam.db" not deleted
"C:\Users\Michal\AppData\Roaming\KMP" deleted
"C:\Users\Michal\AppData\Local\AVAST Software" not deleted
"C:\Users\Michal\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Michal\AppData\Local\AVAST Software\APM\Michal" not deleted

==== Firefox XPI-files found: ======================

- __MSG_avastAppShortName__ - C:\Program Files\AVAST Software\Avast\SafePrice\FF\sp@avast.com.xpi
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF\wrc@avast.com.xpi

==== Chromium Look ======================



==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/#"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/#"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=i ... lz=1I7ACAW
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=i ... AW_csCZ687
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\SearchScopes\{A11D0B67-762F-4FA4-8FCE-2C8B249D7634} - http://tv.seznam.cz/hledej?w={searchTer ... arch_29530

==== Reset Google Chrome ======================

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Michal\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Michal\Appdata\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\Michal\Appdata\Roaming\Opera Software\Opera Stable\Secure Preferences was reset successfully
C:\Users\Michal\Appdata\Roaming\Opera Software\Opera Stable\Secure Preferences.backup was reset successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Michal\Appdata\Roaming\Opera Software\Opera Stable\Web Data will be reset at reboot
C:\Users\Michal\Appdata\Roaming\Opera Software\Opera Stable\Web Data-journal will be reset at reboot
C:\Users\Michal\Appdata\Roaming\Opera Software\Opera Stable\Web Data.too_new was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Discord deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaijin.Net Agent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaijin.Net Updater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Michal\AppData\Local\Opera Software\Opera Stable\Cache will be emptied at reboot
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1303 folders=238 347742160 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Michal\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Michal\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Michal\AppData\Local\AVAST Software\APM\Michal\kv_pam.db" not found
"C:\Users\Michal\Appdata\Roaming\Opera Software\Opera Stable\Web Data" not found
"C:\Users\Michal\Appdata\Roaming\Opera Software\Opera Stable\Web Data-journal" not found
"C:\Users\Michal\AppData\Local\Opera Software\Opera Stable\Cache\data_0" deleted
"C:\Users\Michal\AppData\Local\Opera Software\Opera Stable\Cache\data_1" deleted
"C:\Users\Michal\AppData\Local\Opera Software\Opera Stable\Cache\data_2" deleted
"C:\Users\Michal\AppData\Local\Opera Software\Opera Stable\Cache\data_3" deleted
"C:\Users\Michal\AppData\Local\Opera Software\Opera Stable\Cache\index" deleted
"C:\Users\Michal\AppData\Local\AVAST Software" not found

==== EOF on po 22.07.2019 at 23:09:19,14 ======================

michal1223
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 08 srp 2008 16:35

Re: vyskakující stránky

#10 Příspěvek od michal1223 »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64
Ran by Michal (Administrator) on po 22.07.2019 at 23:12:41,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\ProgramData\pdfforge (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 22.07.2019 at 23:15:54,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: vyskakující stránky

#11 Příspěvek od Conder »

:arrow: Pardon za vstup :)

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    CMD: type "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-26] () [File not signed]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: vyskakující stránky

#12 Příspěvek od Rudy »

OK. Uděljte to, co píše kolega a mělo by být po problému.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

michal1223
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 08 srp 2008 16:35

Re: vyskakující stránky

#13 Příspěvek od michal1223 »

vypadá to, že je vyřešeno, moc všem děkuji, jste nejlepší :-)


Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Michal (23-07-2019 20:08:13) Run:2
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

CMD: type "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-26] () [File not signed]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= type "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat" =========

@echo off
TITLE Update check..
start "" http://vaugette.com/4TZ2
start "" http://destyy.com/wMsWgf
========= End of CMD: =========

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17789598 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 245 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 41381378 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Michal => 1969397 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 66.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:08:40 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: vyskakující stránky

#14 Příspěvek od Rudy »

To jsme rádi. I za kolegu: nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno