JS/CoinMiner/AH

Zpráva

Duk · #1 Příspěvek od **Duk** » 31 črc 2019 16:07

Dobrý den,mám problém.V jeden den začal problém jak v pc,tak notebooku.Na většině stránek mi NOD 32 v pc vyhodí tabulku s JS/CoinMiner/AH,v notebooku Avast js:infectedMicrotic-B
Přikládám log z FRST z PC

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2019
Ran by Dukino (administrator) on DUKINO-PC (31-07-2019 16:47:14)
Running from C:\Users\Dukino\Desktop
Loaded Profiles: Dukino (Available Profiles: Dukino)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Joyent, Inc -> Joyent, Inc) C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\bin\win\node.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\FlightSupport\FlightSupport.exe
(Logitech) [File not signed] C:\Program Files\Logitech\X52\X52_Profiler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Trust International BV) [File not signed] C:\Program Files\Trust\GXT 168\GXT168GamingMouse.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [FlightSupport] => C:\Program Files\Logitech\FlightSupport\FlightSupport.exe [368776 2018-09-04] (Logitech Inc -> Logitech)
HKLM\...\Run: [X52] => C:\Program Files\Logitech\X52\X52_Profiler.exe [17920 2018-09-04] (Logitech) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2011-10-31] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\Run: [World of Tanks] => "E:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\Run: [World of Tanks (1)] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5262992 2018-02-22] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {3d5ee9ca-2292-11e8-a3e6-3085a9498ed5} - K:\setup.exe
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {3d5ee9d0-2292-11e8-a3e6-3085a9498ed5} - L:\setup.exe
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {f8e25e6b-88ca-11e8-8676-3085a9498ed5} - K:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2018-01-02] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0154B5FC-53EA-4854-AC0F-B3AA4E624345} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 8.0\upgrade.exe [575080 2019-06-26] (ESET, spol. s r.o. -> ESET)
Task: {0B87457E-0069-4E77-A90B-9D8583ECEE3A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-03-27] (Advanced Micro Devices, Inc.) [File not signed]
Task: {2592C952-D226-4C7D-994D-E6DA6378A0D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
Task: {3550E42B-4793-4BF1-B880-D89B0D75D36F} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {4C7ABE01-382E-4C6F-BB5B-B3ED4FFDAC4D} - System32\Tasks\ASUS\i-Setup103232 => C:\Windows\Chipset\AsusSetup.exe [1218688 2010-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {4D7A0CE0-E215-4B50-842B-14976E19542D} - System32\Tasks\G6-GmTaskPlan => C:\Program Files\Trust\GXT 168\GXT168GamingMouse.exe [3411456 2018-12-01] (Trust International BV) [File not signed]
Task: {50388E09-9106-441A-9B1A-13B922D6ED2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
Task: {76186723-4707-47DC-AD90-34B642061142} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [90112 2011-09-10] () [File not signed]
Task: {9266BF3D-7D09-4BE5-99A8-ECFD97CF53BF} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {9CB7491F-9C44-466B-8842-872DAE5BA89B} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [1154176 2012-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BC4071E5-420F-463D-938A-6917294E81EF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-18] (Adobe Inc. -> Adobe)
Task: {BD195EFB-9A1D-47BC-BF29-6A4B4C76C161} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [330368 2012-01-30] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BF24BAEE-30AC-4CAF-BB81-E65588632905} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C9323ACB-D9CC-4115-8DA5-8954E52B2E19} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-03-27] (Advanced Micro Devices, Inc.) [File not signed]
Task: {D6663902-1245-4D74-B47C-71E9A0FD375B} - System32\Tasks\ASUS\i-Setup103314 => C:\Windows\Chipset\AsusSetup.exe [1218688 2010-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {DFAF1EAE-886A-4C70-845D-454737198EB0} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2931328 2010-11-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E016D8C3-5236-47F6-B5E3-79ECDEA912D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.1.1.3 8.8.8.8
Tcpip\..\Interfaces\{5392A710-D25C-4317-B92C-2BC48B88F734}: [DhcpNameServer] 10.1.1.3 8.8.8.8

Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

FireFox:
========
FF DefaultProfile: 1fp4hsca.default
FF ProfilePath: C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default [2019-07-31]
FF Homepage: Mozilla\Firefox\Profiles\1fp4hsca.default -> http://www.centrum.cz
FF Extension: (ANIMATED - ALL IS MERRY & BRIGHT) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{02bb5bdd-a836-4d85-8434-21341200ed33}.xpi [2019-05-14]
FF Extension: (owl first snow) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{5768d8ad-83b7-49ac-92a8-d762eb338665}.xpi [2019-05-14]
FF Extension: (Snowmen in Winter) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{73eabba5-d0ac-430e-a730-2c6f207ed806}.xpi [2019-05-14]
FF Extension: (No Name) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-07-31]
FF Extension: (Happy New Year - Fireworks) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{f5ef1c8c-0d0d-4136-8042-92224875f7df}.xpi [2019-05-14]
FF Extension: (Celebrate 2018 by M♥Donna) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{ff2a1944-073d-43ce-8317-df4ed6c858d9}.xpi [2019-04-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-18] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-18] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default [2019-07-31]
CHR Extension: (Prezentace) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-21]
CHR Extension: (Dokumenty) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-21]
CHR Extension: (Disk Google) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-21]
CHR Extension: (YouTube) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-21]
CHR Extension: (Tabulky) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499592 2019-03-27] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\AsusFanControlService.exe [1493120 2012-02-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480720 2018-02-22] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET, spol. s r.o. -> ESET)
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 PrintManager; C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe [328704 2016-06-01] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52879752 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581512 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] (ASUSTeK Computer Inc. -> )
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation -> MCCI Corporation)
S3 ASUSstpt; C:\Windows\System32\DRIVERS\ASUSstpt.sys [24648 2011-09-15] (MCCI Corporation -> MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [141896 2011-09-15] (MCCI Corporation -> MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104840 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-03-08] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-03-08] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET, spol. s r.o. -> ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET, spol. s r.o. -> ESET)
R3 LSaiMini; C:\Windows\System32\DRIVERS\LSaiMini.sys [20720 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R3 LSaiNtBus; C:\Windows\System32\drivers\LSaiBus.sys [60336 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrd.sys [32360 2011-08-12] (Realtek Semiconductor Corp -> NT Kernel Resources)
S3 SaiK075C; C:\Windows\System32\DRIVERS\SaiK075C.sys [217408 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
S3 SaiU075C; C:\Windows\System32\DRIVERS\SaiU075C.sys [24816 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-31 16:47 - 2019-07-31 16:47 - 000022766 _____ C:\Users\Dukino\Desktop\FRST.txt
2019-07-31 16:46 - 2019-07-31 16:47 - 000000000 ____D C:\FRST
2019-07-31 16:46 - 2019-07-31 16:46 - 002096128 _____ (Farbar) C:\Users\Dukino\Desktop\FRST64.exe
2019-07-31 16:40 - 2019-07-31 16:42 - 000000000 ____D C:\AdwCleaner
2019-07-31 16:40 - 2019-07-31 16:40 - 007623880 _____ (Malwarebytes) C:\Users\Dukino\Desktop\adwcleaner_7.4.exe
2019-07-31 14:31 - 2019-07-31 14:31 - 002427504 _____ (Wiper Software, UAB) C:\Users\Dukino\Desktop\WiperSoft-installer.exe
2019-07-22 10:24 - 2019-07-24 08:55 - 000000000 ____D C:\Users\Dukino\Desktop\Předlohy
2019-07-20 18:50 - 2019-07-25 11:06 - 000000000 ____D C:\Users\Dukino\Desktop\101_PANA
2019-07-20 07:06 - 2019-07-21 17:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-18 16:45 - 2019-07-18 16:45 - 008259152 _____ (XVM team ) C:\Users\Dukino\Desktop\xvm-7.9.8.exe
2019-07-14 14:22 - 2019-06-20 11:11 - 000396896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-07-14 14:22 - 2019-06-20 10:15 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-07-14 14:22 - 2019-06-18 06:21 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-07-14 14:22 - 2019-06-18 06:09 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-14 14:22 - 2019-06-18 06:08 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-07-14 14:22 - 2019-06-18 06:07 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-07-14 14:22 - 2019-06-18 05:59 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-07-14 14:22 - 2019-06-18 05:56 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-14 14:22 - 2019-06-18 05:56 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-07-14 14:22 - 2019-06-18 05:48 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-07-14 14:22 - 2019-06-18 05:39 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-14 14:22 - 2019-06-18 05:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-07-14 14:22 - 2019-06-18 05:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-07-14 14:22 - 2019-06-18 05:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-07-14 14:22 - 2019-06-18 05:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-07-14 14:22 - 2019-06-18 05:35 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-14 14:22 - 2019-06-18 05:35 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-07-14 14:22 - 2019-06-18 05:32 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-07-14 14:22 - 2019-06-18 05:32 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-07-14 14:22 - 2019-06-18 05:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-07-14 14:22 - 2019-06-18 05:30 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-07-14 14:22 - 2019-06-18 05:29 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-07-14 14:22 - 2019-06-18 05:29 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-07-14 14:22 - 2019-06-18 05:21 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-07-14 14:22 - 2019-06-18 05:20 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-07-14 14:22 - 2019-06-18 05:20 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-07-14 14:22 - 2019-06-18 05:17 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-07-14 14:22 - 2019-06-18 05:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-07-14 14:22 - 2019-06-18 05:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-07-14 14:22 - 2019-06-18 05:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-07-14 14:22 - 2019-06-18 05:13 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-07-14 14:22 - 2019-06-18 05:13 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-07-14 14:22 - 2019-06-18 05:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-07-14 14:22 - 2019-06-18 05:03 - 013706752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-14 14:22 - 2019-06-18 05:03 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-07-14 14:22 - 2019-06-18 05:03 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-07-14 14:22 - 2019-06-18 04:55 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-07-14 14:22 - 2019-06-18 04:41 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-07-14 14:22 - 2019-06-18 04:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-14 14:21 - 2019-06-28 07:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2019-07-14 14:21 - 2019-06-28 07:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2019-07-14 14:21 - 2019-06-28 07:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2019-07-14 14:21 - 2019-06-28 07:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-14 14:21 - 2019-06-21 05:09 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-07-14 14:21 - 2019-06-21 05:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-07-14 14:21 - 2019-06-21 04:44 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-07-14 14:21 - 2019-06-21 03:41 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-14 14:21 - 2019-06-18 08:41 - 001649664 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-14 14:21 - 2019-06-18 06:34 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-14 14:21 - 2019-06-18 06:21 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-07-14 14:21 - 2019-06-18 06:07 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-14 14:21 - 2019-06-18 06:07 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-07-14 14:21 - 2019-06-18 06:07 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-07-14 14:21 - 2019-06-18 06:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-07-14 14:21 - 2019-06-18 05:59 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-14 14:21 - 2019-06-18 05:57 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-07-14 14:21 - 2019-06-18 05:56 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-07-14 14:21 - 2019-06-18 05:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-07-14 14:21 - 2019-06-18 05:55 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-07-14 14:21 - 2019-06-18 05:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-07-14 14:21 - 2019-06-18 05:45 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-07-14 14:21 - 2019-06-18 05:38 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-07-14 14:21 - 2019-06-18 05:38 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-07-14 14:21 - 2019-06-18 05:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-07-14 14:21 - 2019-06-18 05:34 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-07-14 14:21 - 2019-06-18 05:30 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-07-14 14:21 - 2019-06-18 05:29 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-07-14 14:21 - 2019-06-18 05:21 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-07-14 14:21 - 2019-06-18 05:19 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-14 14:21 - 2019-06-18 05:17 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-07-14 14:21 - 2019-06-18 05:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-07-14 14:21 - 2019-06-18 05:07 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-14 14:21 - 2019-06-18 05:06 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-07-14 14:21 - 2019-06-18 05:04 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-07-14 14:21 - 2019-06-18 05:02 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-07-14 14:21 - 2019-06-18 04:44 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-07-14 14:21 - 2019-06-18 04:43 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-07-14 14:21 - 2019-06-13 05:25 - 000160488 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-14 14:21 - 2019-06-13 05:21 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-14 14:21 - 2019-06-12 17:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-07-14 14:21 - 2019-06-12 17:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-07-14 14:21 - 2019-06-12 17:22 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-07-14 14:21 - 2019-06-12 17:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:15 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-14 14:21 - 2019-06-12 17:11 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-14 14:21 - 2019-06-12 17:11 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-14 14:21 - 2019-06-12 17:11 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-07-14 14:21 - 2019-06-12 17:11 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-07-14 14:21 - 2019-06-12 17:10 - 005550824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-14 14:21 - 2019-06-12 17:10 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-07-14 14:21 - 2019-06-12 17:09 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-07-14 14:21 - 2019-06-12 17:08 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-07-14 14:21 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-07-14 14:21 - 2019-06-12 17:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-07-14 14:21 - 2019-06-12 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-14 14:21 - 2019-06-12 16:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-07-14 14:21 - 2019-06-12 16:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-07-14 14:21 - 2019-06-12 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-07-14 14:21 - 2019-06-12 16:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2019-07-14 14:21 - 2019-06-12 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-07-14 14:21 - 2019-06-12 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-07-14 14:21 - 2019-06-12 16:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-07-14 14:21 - 2019-06-12 16:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-07-14 14:21 - 2019-06-12 16:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-07-14 14:21 - 2019-06-12 16:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-07-14 14:21 - 2019-06-12 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-07-14 14:21 - 2019-06-12 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 16:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-07-14 14:21 - 2019-06-12 16:42 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-07-14 14:21 - 2019-06-12 16:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-14 14:21 - 2019-06-12 16:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-07-14 14:21 - 2019-06-12 16:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-07-14 14:21 - 2019-06-12 16:39 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-07-14 14:21 - 2019-06-12 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-07-14 14:21 - 2019-06-12 16:37 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-07-14 14:21 - 2019-06-12 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-07-14 14:21 - 2019-06-12 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-07-14 14:21 - 2019-06-12 16:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-07-14 14:21 - 2019-06-12 16:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-07-14 14:21 - 2019-06-11 04:59 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-14 14:21 - 2019-06-11 04:59 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-14 14:21 - 2019-06-09 17:20 - 003229184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-14 14:21 - 2019-06-09 17:19 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2019-07-14 14:21 - 2019-06-09 17:08 - 003730432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-14 14:21 - 2019-06-09 17:08 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-07-14 14:21 - 2019-06-09 17:07 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2019-07-14 14:21 - 2019-06-09 17:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2019-07-14 14:21 - 2019-06-09 17:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-07-14 14:21 - 2019-06-09 16:49 - 001120768 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-07-14 14:21 - 2019-06-09 16:49 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-07-14 14:21 - 2019-06-07 17:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-07-14 14:21 - 2019-06-07 17:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-07-14 14:21 - 2019-06-07 17:08 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-14 14:21 - 2019-06-07 17:08 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-14 14:21 - 2019-06-07 17:08 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-07-14 14:21 - 2019-06-07 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-07-14 14:21 - 2019-06-07 16:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-07-14 14:21 - 2019-06-02 05:50 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-14 14:19 - 2019-07-14 14:19 - 000000000 ___HD C:\ProgramData\CanonIJQuickMenu
2019-07-03 17:26 - 2019-07-03 17:44 - 000000000 ____D C:\Users\Dukino\Desktop\Fw 190
2019-07-01 15:39 - 2019-07-01 15:39 - 008102776 _____ (XVM team ) C:\Users\Dukino\Desktop\xvm-7.9.6.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-31 16:43 - 2018-01-02 12:09 - 000000000 ____D C:\Users\Dukino\AppData\LocalLow\Mozilla
2019-07-31 16:40 - 2018-01-02 11:54 - 000000000 _____ C:\Windows\Path.idx
2019-07-31 13:15 - 2009-07-14 06:45 - 000014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-31 13:15 - 2009-07-14 06:45 - 000014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-31 13:11 - 2009-07-14 17:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2019-07-31 13:11 - 2009-07-14 17:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2019-07-31 13:11 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-31 13:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-31 13:03 - 2018-01-02 11:49 - 001048576 _____ C:\Windows\PE_Rom.dll
2019-07-31 13:02 - 2019-04-17 22:31 - 000003106 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-07-31 13:02 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-30 21:51 - 2018-01-02 13:04 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-07-29 13:19 - 2018-01-04 20:46 - 000003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2019-07-21 17:27 - 2018-01-02 12:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-18 19:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-07-18 16:35 - 2018-02-21 22:32 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-18 16:35 - 2018-02-21 22:32 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-18 16:27 - 2018-01-02 13:42 - 000000000 ____D C:\Users\Dukino\AppData\Local\Adobe
2019-07-18 16:26 - 2018-09-16 17:25 - 000004532 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-18 16:26 - 2018-01-10 09:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-18 16:26 - 2018-01-10 09:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-18 16:26 - 2018-01-10 09:11 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-18 16:26 - 2018-01-02 11:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-18 16:23 - 2018-02-15 16:47 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-07-18 16:23 - 2018-02-15 16:47 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-18 16:23 - 2009-07-14 06:45 - 000490648 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-18 16:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-18 16:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-07-14 14:43 - 2018-01-02 12:58 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-07-14 14:41 - 2018-01-02 12:33 - 000000000 ____D C:\Windows\system32\MRT
2019-07-14 14:39 - 2019-05-30 11:52 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-07-14 14:39 - 2018-01-02 12:33 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-14 14:26 - 2018-01-02 13:50 - 000000000 ____D C:\Users\Dukino\AppData\Roaming\TS3Client
2019-07-14 14:18 - 2018-01-02 13:41 - 000000000 ____D C:\Users\Dukino\AppData\Roaming\vlc
2019-07-09 22:05 - 2018-07-04 18:45 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-07-03 20:00 - 2019-04-04 09:20 - 000000000 ____D C:\Users\Dukino\Desktop\Faktury 2019

==================== Files in the root of some directories ================

2018-09-16 22:33 - 2018-09-16 22:33 - 000551424 ____T (MultiMedia Soft) C:\Users\Dukino\AppData\Roaming\Microsoft\engine_ag.dll

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-07-22 11:07
==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 31 črc 2019 16:49

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Duk · #3 Příspěvek od **Duk** » 31 črc 2019 17:03

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-31-2019
# Duration: 00:00:00
# OS: Windows 7 Professional
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\WiperSoft

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1407 octets] - [31/07/2019 16:42:10]
AdwCleaner[S01].txt - [1468 octets] - [31/07/2019 16:43:21]
AdwCleaner[S02].txt - [1475 octets] - [31/07/2019 18:02:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

#4 Příspěvek od **Rudy** » 31 črc 2019 17:58

OK. Dejte nové logy FRST+Addition.

Duk · #5 Příspěvek od **Duk** » 31 črc 2019 18:12

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2019
Ran by Dukino (administrator) on DUKINO-PC (31-07-2019 19:03:45)
Running from C:\Users\Dukino\Desktop
Loaded Profiles: Dukino (Available Profiles: Dukino)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Joyent, Inc -> Joyent, Inc) C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\bin\win\node.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\FlightSupport\FlightSupport.exe
(Logitech) [File not signed] C:\Program Files\Logitech\X52\X52_Profiler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Trust International BV) [File not signed] C:\Program Files\Trust\GXT 168\GXT168GamingMouse.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [FlightSupport] => C:\Program Files\Logitech\FlightSupport\FlightSupport.exe [368776 2018-09-04] (Logitech Inc -> Logitech)
HKLM\...\Run: [X52] => C:\Program Files\Logitech\X52\X52_Profiler.exe [17920 2018-09-04] (Logitech) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2011-10-31] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\Run: [World of Tanks] => "E:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\Run: [World of Tanks (1)] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5262992 2018-02-22] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {3d5ee9ca-2292-11e8-a3e6-3085a9498ed5} - K:\setup.exe
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {3d5ee9d0-2292-11e8-a3e6-3085a9498ed5} - L:\setup.exe
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {f8e25e6b-88ca-11e8-8676-3085a9498ed5} - K:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2018-01-02] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0154B5FC-53EA-4854-AC0F-B3AA4E624345} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 8.0\upgrade.exe [575080 2019-06-26] (ESET, spol. s r.o. -> ESET)
Task: {2592C952-D226-4C7D-994D-E6DA6378A0D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
Task: {3550E42B-4793-4BF1-B880-D89B0D75D36F} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {4C7ABE01-382E-4C6F-BB5B-B3ED4FFDAC4D} - System32\Tasks\ASUS\i-Setup103232 => C:\Windows\Chipset\AsusSetup.exe [1218688 2010-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {4D7A0CE0-E215-4B50-842B-14976E19542D} - System32\Tasks\G6-GmTaskPlan => C:\Program Files\Trust\GXT 168\GXT168GamingMouse.exe [3411456 2018-12-01] (Trust International BV) [File not signed]
Task: {50388E09-9106-441A-9B1A-13B922D6ED2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
Task: {76186723-4707-47DC-AD90-34B642061142} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [90112 2011-09-10] () [File not signed]
Task: {9266BF3D-7D09-4BE5-99A8-ECFD97CF53BF} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {9CB7491F-9C44-466B-8842-872DAE5BA89B} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [1154176 2012-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BC4071E5-420F-463D-938A-6917294E81EF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-18] (Adobe Inc. -> Adobe)
Task: {BD195EFB-9A1D-47BC-BF29-6A4B4C76C161} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [330368 2012-01-30] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BF24BAEE-30AC-4CAF-BB81-E65588632905} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-03-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C72621C8-7E06-40D5-9988-1E8A77B70F24} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-03-27] (Advanced Micro Devices, Inc.) [File not signed]
Task: {C9323ACB-D9CC-4115-8DA5-8954E52B2E19} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-03-27] (Advanced Micro Devices, Inc.) [File not signed]
Task: {D6663902-1245-4D74-B47C-71E9A0FD375B} - System32\Tasks\ASUS\i-Setup103314 => C:\Windows\Chipset\AsusSetup.exe [1218688 2010-09-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {DFAF1EAE-886A-4C70-845D-454737198EB0} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2931328 2010-11-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E016D8C3-5236-47F6-B5E3-79ECDEA912D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.1.1.3 8.8.8.8
Tcpip\..\Interfaces\{5392A710-D25C-4317-B92C-2BC48B88F734}: [DhcpNameServer] 10.1.1.3 8.8.8.8

Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

FireFox:
========
FF DefaultProfile: 1fp4hsca.default
FF ProfilePath: C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default [2019-07-31]
FF Homepage: Mozilla\Firefox\Profiles\1fp4hsca.default -> http://www.centrum.cz
FF Extension: (ANIMATED - ALL IS MERRY & BRIGHT) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{02bb5bdd-a836-4d85-8434-21341200ed33}.xpi [2019-05-14]
FF Extension: (owl first snow) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{5768d8ad-83b7-49ac-92a8-d762eb338665}.xpi [2019-05-14]
FF Extension: (Snowmen in Winter) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{73eabba5-d0ac-430e-a730-2c6f207ed806}.xpi [2019-05-14]
FF Extension: (No Name) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-07-31]
FF Extension: (Happy New Year - Fireworks) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{f5ef1c8c-0d0d-4136-8042-92224875f7df}.xpi [2019-05-14]
FF Extension: (Celebrate 2018 by M♥Donna) - C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\Extensions\{ff2a1944-073d-43ce-8317-df4ed6c858d9}.xpi [2019-04-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-18] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-18] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default [2019-07-31]
CHR Extension: (Prezentace) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-21]
CHR Extension: (Dokumenty) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-21]
CHR Extension: (Disk Google) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-21]
CHR Extension: (YouTube) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-21]
CHR Extension: (Tabulky) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499592 2019-03-27] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\AsusFanControlService.exe [1493120 2012-02-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480720 2018-02-22] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET, spol. s r.o. -> ESET)
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 PrintManager; C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe [328704 2016-06-01] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52879752 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581512 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] (ASUSTeK Computer Inc. -> )
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation -> MCCI Corporation)
S3 ASUSstpt; C:\Windows\System32\DRIVERS\ASUSstpt.sys [24648 2011-09-15] (MCCI Corporation -> MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [141896 2011-09-15] (MCCI Corporation -> MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104840 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-03-08] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-03-08] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET, spol. s r.o. -> ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET, spol. s r.o. -> ESET)
R3 LSaiMini; C:\Windows\System32\DRIVERS\LSaiMini.sys [20720 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R3 LSaiNtBus; C:\Windows\System32\drivers\LSaiBus.sys [60336 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrd.sys [32360 2011-08-12] (Realtek Semiconductor Corp -> NT Kernel Resources)
S3 SaiK075C; C:\Windows\System32\DRIVERS\SaiK075C.sys [217408 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)
S3 SaiU075C; C:\Windows\System32\DRIVERS\SaiU075C.sys [24816 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-31 19:01 - 2019-07-31 19:04 - 000022298 _____ C:\Users\Dukino\Desktop\FRST.txt
2019-07-31 18:01 - 2019-07-31 18:01 - 007623880 _____ (Malwarebytes) C:\Users\Dukino\Desktop\AdwCleaner.exe
2019-07-31 17:24 - 2019-07-31 17:25 - 008331352 _____ (XVM team ) C:\Users\Dukino\Desktop\xvm-7.9.9.exe
2019-07-31 16:46 - 2019-07-31 19:03 - 000000000 ____D C:\FRST
2019-07-31 16:46 - 2019-07-31 16:46 - 002096128 _____ (Farbar) C:\Users\Dukino\Desktop\FRST64.exe
2019-07-31 16:40 - 2019-07-31 18:02 - 000000000 ____D C:\AdwCleaner
2019-07-22 10:24 - 2019-07-24 08:55 - 000000000 ____D C:\Users\Dukino\Desktop\Předlohy
2019-07-20 18:50 - 2019-07-25 11:06 - 000000000 ____D C:\Users\Dukino\Desktop\101_PANA
2019-07-20 07:06 - 2019-07-21 17:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-18 16:45 - 2019-07-18 16:45 - 008259152 _____ (XVM team ) C:\Users\Dukino\Desktop\xvm-7.9.8.exe
2019-07-14 14:22 - 2019-06-20 11:11 - 000396896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-07-14 14:22 - 2019-06-20 10:15 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-07-14 14:22 - 2019-06-18 06:21 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-07-14 14:22 - 2019-06-18 06:09 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-14 14:22 - 2019-06-18 06:08 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-07-14 14:22 - 2019-06-18 06:07 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-07-14 14:22 - 2019-06-18 05:59 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-07-14 14:22 - 2019-06-18 05:56 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-14 14:22 - 2019-06-18 05:56 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-07-14 14:22 - 2019-06-18 05:48 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-07-14 14:22 - 2019-06-18 05:39 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-14 14:22 - 2019-06-18 05:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-07-14 14:22 - 2019-06-18 05:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-07-14 14:22 - 2019-06-18 05:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-07-14 14:22 - 2019-06-18 05:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-07-14 14:22 - 2019-06-18 05:35 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-14 14:22 - 2019-06-18 05:35 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-07-14 14:22 - 2019-06-18 05:32 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-07-14 14:22 - 2019-06-18 05:32 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-07-14 14:22 - 2019-06-18 05:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-07-14 14:22 - 2019-06-18 05:30 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-07-14 14:22 - 2019-06-18 05:29 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-07-14 14:22 - 2019-06-18 05:29 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-07-14 14:22 - 2019-06-18 05:21 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-07-14 14:22 - 2019-06-18 05:20 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-07-14 14:22 - 2019-06-18 05:20 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-07-14 14:22 - 2019-06-18 05:17 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-07-14 14:22 - 2019-06-18 05:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-07-14 14:22 - 2019-06-18 05:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-07-14 14:22 - 2019-06-18 05:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-07-14 14:22 - 2019-06-18 05:13 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-07-14 14:22 - 2019-06-18 05:13 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-07-14 14:22 - 2019-06-18 05:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-07-14 14:22 - 2019-06-18 05:03 - 013706752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-14 14:22 - 2019-06-18 05:03 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-07-14 14:22 - 2019-06-18 05:03 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-07-14 14:22 - 2019-06-18 04:55 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-07-14 14:22 - 2019-06-18 04:41 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-07-14 14:22 - 2019-06-18 04:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-07-14 14:21 - 2019-06-28 07:24 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-14 14:21 - 2019-06-28 07:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2019-07-14 14:21 - 2019-06-28 07:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2019-07-14 14:21 - 2019-06-28 07:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2019-07-14 14:21 - 2019-06-28 07:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-14 14:21 - 2019-06-21 05:09 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-07-14 14:21 - 2019-06-21 05:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-07-14 14:21 - 2019-06-21 04:44 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-07-14 14:21 - 2019-06-21 03:41 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-14 14:21 - 2019-06-18 08:41 - 001649664 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-14 14:21 - 2019-06-18 06:34 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-14 14:21 - 2019-06-18 06:21 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-07-14 14:21 - 2019-06-18 06:07 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-14 14:21 - 2019-06-18 06:07 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-07-14 14:21 - 2019-06-18 06:07 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-07-14 14:21 - 2019-06-18 06:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-07-14 14:21 - 2019-06-18 05:59 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-14 14:21 - 2019-06-18 05:57 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-07-14 14:21 - 2019-06-18 05:56 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-07-14 14:21 - 2019-06-18 05:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-07-14 14:21 - 2019-06-18 05:55 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-07-14 14:21 - 2019-06-18 05:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-07-14 14:21 - 2019-06-18 05:45 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-07-14 14:21 - 2019-06-18 05:38 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-07-14 14:21 - 2019-06-18 05:38 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-07-14 14:21 - 2019-06-18 05:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-07-14 14:21 - 2019-06-18 05:34 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-07-14 14:21 - 2019-06-18 05:30 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-07-14 14:21 - 2019-06-18 05:29 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-07-14 14:21 - 2019-06-18 05:21 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-07-14 14:21 - 2019-06-18 05:19 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-14 14:21 - 2019-06-18 05:17 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-07-14 14:21 - 2019-06-18 05:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-07-14 14:21 - 2019-06-18 05:07 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-14 14:21 - 2019-06-18 05:06 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-07-14 14:21 - 2019-06-18 05:04 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-07-14 14:21 - 2019-06-18 05:02 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-07-14 14:21 - 2019-06-18 04:44 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-07-14 14:21 - 2019-06-18 04:43 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-07-14 14:21 - 2019-06-13 05:25 - 000160488 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-14 14:21 - 2019-06-13 05:21 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-14 14:21 - 2019-06-12 17:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-07-14 14:21 - 2019-06-12 17:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-07-14 14:21 - 2019-06-12 17:22 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-07-14 14:21 - 2019-06-12 17:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-07-14 14:21 - 2019-06-12 17:21 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-07-14 14:21 - 2019-06-12 17:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:15 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-14 14:21 - 2019-06-12 17:11 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-14 14:21 - 2019-06-12 17:11 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-14 14:21 - 2019-06-12 17:11 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-07-14 14:21 - 2019-06-12 17:11 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-07-14 14:21 - 2019-06-12 17:10 - 005550824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-14 14:21 - 2019-06-12 17:10 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-07-14 14:21 - 2019-06-12 17:09 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-07-14 14:21 - 2019-06-12 17:08 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-07-14 14:21 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-07-14 14:21 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-07-14 14:21 - 2019-06-12 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-07-14 14:21 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 17:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-07-14 14:21 - 2019-06-12 17:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-07-14 14:21 - 2019-06-12 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-14 14:21 - 2019-06-12 16:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-07-14 14:21 - 2019-06-12 16:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-07-14 14:21 - 2019-06-12 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-07-14 14:21 - 2019-06-12 16:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2019-07-14 14:21 - 2019-06-12 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-07-14 14:21 - 2019-06-12 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-07-14 14:21 - 2019-06-12 16:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-07-14 14:21 - 2019-06-12 16:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-07-14 14:21 - 2019-06-12 16:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-07-14 14:21 - 2019-06-12 16:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-07-14 14:21 - 2019-06-12 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-07-14 14:21 - 2019-06-12 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-07-14 14:21 - 2019-06-12 16:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-07-14 14:21 - 2019-06-12 16:42 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-07-14 14:21 - 2019-06-12 16:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-14 14:21 - 2019-06-12 16:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-07-14 14:21 - 2019-06-12 16:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-07-14 14:21 - 2019-06-12 16:39 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-07-14 14:21 - 2019-06-12 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-07-14 14:21 - 2019-06-12 16:37 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-07-14 14:21 - 2019-06-12 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-07-14 14:21 - 2019-06-12 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-07-14 14:21 - 2019-06-12 16:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-07-14 14:21 - 2019-06-12 16:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-07-14 14:21 - 2019-06-12 16:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-07-14 14:21 - 2019-06-12 16:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-07-14 14:21 - 2019-06-11 04:59 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-14 14:21 - 2019-06-11 04:59 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-14 14:21 - 2019-06-11 04:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-14 14:21 - 2019-06-09 17:20 - 003229184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-14 14:21 - 2019-06-09 17:19 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2019-07-14 14:21 - 2019-06-09 17:08 - 003730432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-14 14:21 - 2019-06-09 17:08 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-07-14 14:21 - 2019-06-09 17:07 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2019-07-14 14:21 - 2019-06-09 17:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2019-07-14 14:21 - 2019-06-09 17:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-07-14 14:21 - 2019-06-09 16:49 - 001120768 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-07-14 14:21 - 2019-06-09 16:49 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-07-14 14:21 - 2019-06-07 17:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-07-14 14:21 - 2019-06-07 17:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-07-14 14:21 - 2019-06-07 17:08 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-14 14:21 - 2019-06-07 17:08 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-14 14:21 - 2019-06-07 17:08 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-07-14 14:21 - 2019-06-07 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-07-14 14:21 - 2019-06-07 16:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-07-14 14:21 - 2019-06-02 05:50 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-14 14:19 - 2019-07-14 14:19 - 000000000 ___HD C:\ProgramData\CanonIJQuickMenu
2019-07-03 17:26 - 2019-07-03 17:44 - 000000000 ____D C:\Users\Dukino\Desktop\Fw 190
2019-07-01 15:39 - 2019-07-01 15:39 - 008102776 _____ (XVM team ) C:\Users\Dukino\Desktop\xvm-7.9.6.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-31 19:03 - 2018-01-02 12:09 - 000000000 ____D C:\Users\Dukino\AppData\LocalLow\Mozilla
2019-07-31 18:39 - 2018-01-02 11:54 - 000000000 _____ C:\Windows\Path.idx
2019-07-31 18:12 - 2009-07-14 17:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2019-07-31 18:12 - 2009-07-14 17:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2019-07-31 18:12 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-31 18:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-31 18:09 - 2009-07-14 06:45 - 000014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-31 18:09 - 2009-07-14 06:45 - 000014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-31 18:03 - 2019-04-17 22:31 - 000003106 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-07-31 18:03 - 2018-01-02 11:49 - 001048576 _____ C:\Windows\PE_Rom.dll
2019-07-31 18:03 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-31 18:02 - 2018-01-02 13:04 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-07-29 13:19 - 2018-01-04 20:46 - 000003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2019-07-21 17:27 - 2018-01-02 12:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-18 19:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-07-18 16:35 - 2018-02-21 22:32 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-18 16:35 - 2018-02-21 22:32 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-18 16:27 - 2018-01-02 13:42 - 000000000 ____D C:\Users\Dukino\AppData\Local\Adobe
2019-07-18 16:26 - 2018-09-16 17:25 - 000004532 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-18 16:26 - 2018-01-10 09:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-18 16:26 - 2018-01-10 09:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-18 16:26 - 2018-01-10 09:11 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-18 16:26 - 2018-01-02 11:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-18 16:23 - 2018-02-15 16:47 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-07-18 16:23 - 2018-02-15 16:47 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-18 16:23 - 2009-07-14 06:45 - 000490648 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-18 16:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-18 16:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-07-14 14:43 - 2018-01-02 12:58 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-07-14 14:41 - 2018-01-02 12:33 - 000000000 ____D C:\Windows\system32\MRT
2019-07-14 14:39 - 2019-05-30 11:52 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-07-14 14:39 - 2018-01-02 12:33 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-14 14:26 - 2018-01-02 13:50 - 000000000 ____D C:\Users\Dukino\AppData\Roaming\TS3Client
2019-07-14 14:18 - 2018-01-02 13:41 - 000000000 ____D C:\Users\Dukino\AppData\Roaming\vlc
2019-07-09 22:05 - 2018-07-04 18:45 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-07-03 20:00 - 2019-04-04 09:20 - 000000000 ____D C:\Users\Dukino\Desktop\Faktury 2019

==================== Files in the root of some directories ================

2018-09-16 22:33 - 2018-09-16 22:33 - 000551424 ____T (MultiMedia Soft) C:\Users\Dukino\AppData\Roaming\Microsoft\engine_ag.dll

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-07-22 11:07
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2019
Ran by Dukino (31-07-2019 19:04:13)
Running from C:\Users\Dukino\Desktop
Windows 7 Professional Service Pack 1 (X64) (2018-01-02 09:29:44)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-485831748-437032630-948835479-500 - Administrator - Disabled)
Dukino (S-1-5-21-485831748-437032630-948835479-1000 - Administrator - Enabled) => C:\Users\Dukino
Guest (S-1-5-21-485831748-437032630-948835479-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-485831748-437032630-948835479-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.29 - ASUSTeK Computer Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.4.1 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Autodesk Fusion 360 (HKU\S-1-5-21-485831748-437032630-948835479-1000\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.5658 - Autodesk, Inc.)
Autodesk Print Studio (HKLM\...\{8286FC2F-A7B4-4FEB-B587-801BEC9A694F}) (Version: 1.6.5.0 - Autodesk) Hidden
Autodesk Print Studio (HKLM\...\Autodesk Print Studio) (Version: 1.6.5.0 - Autodesk)
Balíček ovladače systému Windows - Autodesk, Inc Net (03/04/2015 1.0) (HKLM\...\79819E7CE65C1059B95F79156766FE924E1542F9) (Version: 03/04/2015 1.0 - Autodesk, Inc)
Balíček ovladače systému Windows - Autodesk, Inc. (usbser) Ports (04/01/2016 1.0.0.0) (HKLM\...\8A64F3CB4E54DE74F44CE78CE44690458588CFD0) (Version: 04/01/2016 1.0.0.0 - Autodesk, Inc.)
Balíček ovladače systému Windows - Autodesk, Inc. (WinUSB) USBDevice (03/30/2015 6.1.7600.16385) (HKLM\...\181EF71E2FC525C7DF68499024B07947040288EC) (Version: 03/30/2015 6.1.7600.16385 - Autodesk, Inc.)
Balíček ovladače systému Windows - Autodesk, Inc. (WinUSB) USBDevice (03/30/2015 6.1.7600.16385) (HKLM\...\67F1A296BCFEE4831F02FDA393361B8D1D3B9805) (Version: 03/30/2015 6.1.7600.16385 - Autodesk, Inc.)
Balíček ovladače systému Windows - New Matter (WinUSB) USBDevice (04/07/2015 1.0.0.3) (HKLM\...\40FACA9E5FA4F8267BAD7F9E29C6BACD176E4421) (Version: 04/07/2015 1.0.0.3 - New Matter)
Balíček ovladače systému Windows - New Matter (WinUSB) USBDevice (04/07/2015 1.0.0.3) (HKLM\...\B19577081E29020ACEC05323A77AB320AD8D6F39) (Version: 04/07/2015 1.0.0.3 - New Matter)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Call of Duty Black Ops 4 (HKLM-x32\...\Call of Duty Black Ops 4) (Version: - Blizzard Entertainment)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.1.0343 - Disc Soft Ltd)
ESET NOD32 Antivirus (HKLM\...\{AB1AA952-0F66-42B2-B8B0-6B94FC500132}) (Version: 8.0.304.1 - ESET, spol s r. o.)
Flight Support (HKLM\...\{714DA7C8-D6E7-44D5-94EE-87BBA4F22B26}) (Version: 8.0.213.0 - Logitech)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GXT 168 Gaming Mouse (HKLM-x32\...\{06BE89B5-BEAB-4A60-BC72-7E57F2C6F9BC}}_is1) (Version: 1.0 - Trust International BV)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-MX) (HKLM-x32\...\{E8F3B154-03CE-4120-8B9D-9E83ED5F3AD7}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
K-Lite Mega Codec Pack 14.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.0 - KLCP)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 68.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 68.0.1 (x64 cs)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 3.44 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon iP7200 series (HKLM-x32\...\Registrace uživatele zařízení Canon iP7200 series) (Version: - Canon Inc.‎)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streaming Audio Recorder V4.2.3 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.2.3 - APOWERSOFT LIMITED)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Telegram Desktop version 1.5.8 (HKU\S-1-5-21-485831748-437032630-948835479-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.8 - Telegram Messenger LLP)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Outlook 2007 Junk Email Filter (kb979895) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D45674C6-9127-4C84-8826-93FBC552DF53}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
X52 H.O.T.A.S. (HKLM\...\{A27FA83D-4B86-4690-874E-7C2C76463D6F}) (Version: 8.0.213.0 - Logitech)
XVM verze 7.9.9 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 7.9.9 - XVM team)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-485831748-437032630-948835479-1000_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Dukino\AppData\Local\Autodesk\webdeploy\production\2d7211077a1fed70bf5803391f804350b3b29eae\NPreview10.dll (Autodesk, Inc. -> )
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2014-10-01] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-02-22] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2014-10-01] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-02-22] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-03-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2014-10-01] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-01-02 11:45 - 2010-08-23 04:17 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2018-01-02 11:46 - 2011-09-26 20:36 - 000869376 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2018-01-02 11:46 - 2011-07-12 20:14 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2018-01-02 11:46 - 2011-09-20 19:11 - 000985600 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2018-01-02 11:46 - 2010-10-05 09:22 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2018-01-02 11:47 - 2011-12-29 21:45 - 001296384 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2018-01-02 11:47 - 2012-02-02 16:12 - 000786432 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
2018-01-02 11:47 - 2012-03-14 11:12 - 000150016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
2018-01-02 11:47 - 2010-10-05 09:22 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
2018-01-02 11:47 - 2012-02-09 18:09 - 001118208 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2018-01-02 11:46 - 2010-10-05 09:22 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2018-01-02 11:47 - 2012-02-10 12:29 - 001047040 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2018-01-02 11:46 - 2011-09-26 19:37 - 001616384 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2018-01-02 11:46 - 2009-08-12 21:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2018-01-02 11:46 - 2012-02-13 10:53 - 000883712 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2018-01-02 11:46 - 2011-09-19 21:18 - 001243136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2018-01-02 11:46 - 2011-07-21 10:06 - 000846848 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2018-01-02 11:46 - 2011-10-14 21:03 - 000885248 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2018-01-02 11:48 - 2011-12-28 19:13 - 000043520 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2018-01-02 11:48 - 2011-09-08 00:23 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2018-01-02 11:48 - 2010-09-23 12:51 - 000114688 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
2018-01-02 11:48 - 2010-02-25 15:01 - 000139264 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll
2018-01-02 11:48 - 2012-01-19 10:39 - 000028672 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2018-01-02 11:45 - 2010-06-29 04:58 - 000104448 ____R () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.18\ATKEX.dll
2018-01-02 11:45 - 2019-07-31 18:03 - 000028672 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.18\PEbiosinterface32.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-01-24 15:38 - 2019-01-24 15:38 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-01 08:48 - 2016-06-01 08:48 - 000328704 _____ () [File not signed] C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\bin\win\nssm.exe
2016-06-01 08:49 - 2016-06-01 08:49 - 000232960 _____ () [File not signed] C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\node_modules\mdns\build\Release\dns_sd_bindings.node
2016-06-01 08:49 - 2016-06-01 08:49 - 000171520 _____ () [File not signed] C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\node_modules\serialport\build\serialport\v1.6.1\Release\node-v11-win32-x64\serialport.node
2016-06-01 08:51 - 2016-06-01 08:51 - 000295936 _____ () [File not signed] C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\node_modules\usb\node_modules\usb-shyp-win32-x64\node-v11\usb_bindings.node
2016-06-01 08:49 - 2016-06-01 08:49 - 000144384 _____ () [File not signed] C:\Program Files\Autodesk\Autodesk Print Studio\PM\spark-print-mgr\node_modules\usb-detection\build\Release\detection.node
2019-07-18 18:42 - 2019-07-18 18:42 - 004404736 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\1682c47692360176487bacecd1ac527d\DiscSoft.NET.Common.ni.dll
2018-01-02 11:45 - 2010-08-09 15:33 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2018-01-02 11:46 - 2010-08-09 22:33 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2018-01-02 11:46 - 2012-02-29 08:02 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpi.dll
2018-01-02 11:47 - 2011-09-07 00:13 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpi.dll
2018-01-02 11:48 - 2011-09-08 00:23 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\ASACPI.DLL
2010-10-26 12:54 - 2010-10-26 12:54 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\AsAcpi.dll
2011-10-29 03:59 - 2011-10-29 03:59 - 000918448 ____R (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
2018-01-02 11:45 - 2010-08-12 01:52 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2018-01-02 11:46 - 2010-08-12 08:52 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2018-01-02 11:46 - 2010-10-05 09:22 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2018-01-02 11:46 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\AsMultiLang.dll
2018-01-02 11:46 - 2012-01-04 16:04 - 001080832 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2018-01-02 11:46 - 2010-09-08 22:25 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2018-01-02 11:46 - 2011-10-31 12:54 - 001015296 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2018-01-02 11:46 - 2012-02-29 08:02 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpiEx.dll
2018-01-02 11:46 - 2012-03-27 17:14 - 001389056 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\DigiPowerControl.dll
2018-01-02 11:47 - 2011-09-07 00:13 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpiEx.dll
2018-01-02 11:47 - 2011-09-07 00:13 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\AsMultiLang.dll
2018-01-02 11:47 - 2012-02-22 15:11 - 001399808 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPU.dll
2018-01-02 11:47 - 2012-02-09 17:27 - 001089024 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FAN Xpert+\FANXpert.dll
2018-01-02 11:47 - 2011-12-05 17:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\AsMultiLang.dll
2018-01-02 11:47 - 2011-12-05 17:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\AsMultiLang.dll
2018-01-02 11:46 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2018-01-02 11:46 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2018-01-02 11:47 - 2012-02-07 12:20 - 001237504 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
2018-01-02 11:46 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2018-01-02 11:48 - 2011-09-08 00:23 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\asacpiEx.dll
2018-01-02 11:48 - 2011-10-05 00:46 - 001876992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\IccHelper_old.dll
2018-01-02 11:48 - 2012-02-16 15:54 - 001651200 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVEVO.dll
2018-01-02 11:48 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\AsMultiLang.dll
2018-01-02 11:48 - 2011-11-16 16:03 - 000878592 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\Express.dll
2018-01-02 11:48 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsMultiLang.dll
2018-01-02 11:48 - 2012-02-03 17:03 - 000998912 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\BIOSFLK.dll
2018-01-02 11:47 - 2010-10-26 13:51 - 000677888 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.25\asacpiEx.dll
2018-01-02 14:04 - 2012-03-28 19:00 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2018-01-02 11:47 - 2011-05-27 12:07 - 000160768 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
2018-01-02 11:42 - 2012-01-04 21:57 - 000073728 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2018-09-04 08:36 - 2018-09-04 08:36 - 000017920 _____ (Logitech) [File not signed] C:\Program Files\Logitech\X52\X52_Profiler.exe
2018-01-02 11:47 - 2011-12-05 17:10 - 000057344 _____ (NT Kernel Resources) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\ndisapi.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-03-26 23:50 - 2019-03-26 23:50 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
2018-12-25 11:51 - 2018-12-01 10:24 - 003411456 _____ (Trust International BV) [File not signed] C:\Program Files\Trust\GXT 168\GXT168GamingMouse.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-485831748-437032630-948835479-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dukino\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.1.1.3 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D3F17A6B-1942-4FFB-91F9-7E17BCC79E6D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{E9D64DAC-62BD-4033-8E1C-F4B80AE7B42D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{65CFC8D1-4394-40A7-BA2C-B5072E086674}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7FA99C40-9645-46C5-B43A-FE6713FB1E9B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2F051115-A8C5-4CC8-83C9-4F8CEBE67552}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [UDP Query User{4C105E7C-689F-4F59-8436-C4295CE3128B}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe No File
FirewallRules: [TCP Query User{90D4FCEB-9319-402B-9402-EACF34E255C1}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{DF67A253-3743-475F-80A4-117B843871FE}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{44943315-3309-4B75-A739-8A5DB2E04EE8}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{D366E5C4-BB9C-49A2-ACA5-1EB752CABA9D}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{6124A117-7036-4F7D-85D3-8345C1C80259}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd -> Disc Soft Ltd)
FirewallRules: [{9F22844D-6C53-4F6D-9210-39BB9CC34D72}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmr-stak-cpu\powercore-main.exe No File
FirewallRules: [{E243AF31-BA30-479A-BFB3-11E307E9D056}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmr-stak-cpu\powercore-main.exe No File
FirewallRules: [{C5DAFD74-5768-4E1C-90C8-31E898311B97}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\equihash\powercore-main-g.exe No File
FirewallRules: [{EEC8E800-7EF5-406D-B19B-665DF6C329D4}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\equihash\powercore-main-g.exe No File
FirewallRules: [{29DEC4CE-76D4-4A8D-BD33-1AC1B0D7AB3B}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual\EthDcrMiner64.exe No File
FirewallRules: [{38C25A20-0509-460B-A68D-06DEB767493E}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual\EthDcrMiner64.exe No File
FirewallRules: [{7B8C29B1-A787-4665-AA33-04AED61B644F}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ewbf\miner.exe No File
FirewallRules: [{FAB508A7-B683-4A4F-9053-B5E670EC8789}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ewbf\miner.exe No File
FirewallRules: [{5C3C9B06-958C-422B-8F62-02A8FB69807B}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-xmr\NsGpuCNMiner.exe No File
FirewallRules: [{EE1CA63C-D9EF-4790-9836-47BC3F71D6C2}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-xmr\NsGpuCNMiner.exe No File
FirewallRules: [{80DB2BE1-1C42-41B0-9D5E-48F345BF22B9}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-x64\ccminer-x64.exe No File
FirewallRules: [{1AD1DD19-3E2B-44B6-8B18-0862DD92A8F1}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-x64\ccminer-x64.exe No File
FirewallRules: [TCP Query User{15383428-FB56-451B-BCF4-8DD65D8A501C}E:\program files\miranda im\miranda32.exe] => (Allow) E:\program files\miranda im\miranda32.exe ( ) [File not signed]
FirewallRules: [UDP Query User{005CA0C2-7A54-4803-9D4E-5F41C7D8D367}E:\program files\miranda im\miranda32.exe] => (Allow) E:\program files\miranda im\miranda32.exe ( ) [File not signed]
FirewallRules: [{ACECFA8C-32F6-4CF1-A4A7-7B39A381EE6E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6A9EE8B1-3DB0-4E17-8902-246FF3D91F3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{016DC3A7-E23C-461E-B6A0-639AD5381E6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C645DEA0-DC62-4022-BA09-E8C930A02DFC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{74F6FCF3-6F2C-476C-8C7D-AABF64B8553A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D003BB51-D81D-4CB6-8C06-8A8422D6B62A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{666E0DBE-802F-4F1B-BE63-9422EACC414F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5930652B-031B-478A-BA5D-8646C8C57B09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8ECF6FB9-869D-4B32-8F33-3C1DBDA51165}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll No File
FirewallRules: [{A249573D-B8FD-4B46-A72C-D36ECD4AF8AA}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll No File
FirewallRules: [{F14C6CB8-E7BD-4087-936A-839A074E2D72}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe No File
FirewallRules: [{7BE2E64A-517A-493E-937F-AC674BF3586F}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe No File
FirewallRules: [{AD5E010D-999E-46DD-BE03-BB5CD9C2ACFE}] => (Allow) E:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6AEF239F-EF9B-4C2B-93ED-5E4F2DB5350E}] => (Allow) E:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{5EE94B2D-AD77-4915-8676-3E7752D3AA38}] => (Allow) E:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll () [File not signed]
FirewallRules: [{2A9AB418-BB9E-4187-8129-418536C393AC}] => (Allow) E:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll () [File not signed]
FirewallRules: [{4DD54C18-F3A2-4318-853E-2003A3FE9935}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1C-777 Limited) [File not signed]
FirewallRules: [{DD30640A-3AD5-4862-B98C-CE8D53933D5B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1C-777 Limited) [File not signed]
FirewallRules: [{2699EBDD-2014-4EEA-B0BB-1D585F60C2F7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

26-07-2019 12:10:33 Naplánovaný kontrolní bod
27-07-2019 16:10:01 Windows Update

==================== Faulty Device Manager Devices =============

Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2019 07:12:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Název chybujícího modulu: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Kód výjimky: 0xc0000005
Posun chyby: 0x0001089f
ID chybujícího procesu: 0x165c
Čas spuštění chybující aplikace: 0x01d54370b81d7187
Cesta k chybující aplikaci: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
Cesta k chybujícímu modulu: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
ID zprávy: f5cb4495-af63-11e9-aec3-3085a9498ed5

Error: (07/26/2019 07:12:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Název chybujícího modulu: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Kód výjimky: 0xc0000005
Posun chyby: 0x0001089f
ID chybujícího procesu: 0x14d8
Čas spuštění chybující aplikace: 0x01d54370b5e26d4b
Cesta k chybující aplikaci: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
Cesta k chybujícímu modulu: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
ID zprávy: f3912abc-af63-11e9-aec3-3085a9498ed5

Error: (07/26/2019 07:12:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Název chybujícího modulu: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Kód výjimky: 0xc0000005
Posun chyby: 0x0001089f
ID chybujícího procesu: 0x16cc
Čas spuštění chybující aplikace: 0x01d54370afbe8776
Cesta k chybující aplikaci: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
Cesta k chybujícímu modulu: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
ID zprávy: ed84ebf0-af63-11e9-aec3-3085a9498ed5

Error: (07/18/2019 04:23:04 PM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1003) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo vyvolat poskytovatele jako odpověď na událost 256. Kód chyby 2147942432.

Error: (07/18/2019 04:23:04 PM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1001) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo načíst poskytovatele pautoenr.dll. Kód chyby 32.

Error: (06/28/2019 05:36:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Název chybujícího modulu: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Kód výjimky: 0xc0000005
Posun chyby: 0x0001089f
ID chybujícího procesu: 0x16bc
Čas spuštění chybující aplikace: 0x01d52d62a0c80666
Cesta k chybující aplikaci: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
Cesta k chybujícímu modulu: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
ID zprávy: de75d973-9955-11e9-9092-3085a9498ed5

Error: (06/28/2019 05:35:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Název chybujícího modulu: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Kód výjimky: 0xc0000005
Posun chyby: 0x0001089f
ID chybujícího procesu: 0x1194
Čas spuštění chybující aplikace: 0x01d52d6299007c8d
Cesta k chybující aplikaci: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
Cesta k chybujícímu modulu: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
ID zprávy: d6be0745-9955-11e9-9092-3085a9498ed5

Error: (06/17/2019 11:10:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Název chybujícího modulu: Blizzard Uninstaller.exe, verze: 1.16.2.82, časové razítko: 0x5c33aa06
Kód výjimky: 0xc0000005
Posun chyby: 0x0001089f
ID chybujícího procesu: 0x150c
Čas spuštění chybující aplikace: 0x01d524ec851f14d4
Cesta k chybující aplikaci: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
Cesta k chybujícímu modulu: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe
ID zprávy: c3cfdcbd-90df-11e9-88ad-3085a9498ed5

System errors:
=============
Error: (07/31/2019 06:02:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/31/2019 06:02:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2019 06:02:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Print Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2019 06:02:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS System Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2019 06:02:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2019 06:02:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2019 06:02:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/29/2019 01:08:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Disc Soft Lite Bus Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Windows Defender:
===================================
Date: 2018-07-04 18:45:45.230
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-04 18:45:45.229
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1708 11/09/2012
Motherboard: ASUSTeK COMPUTER INC. P8Z77-M PRO
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 67%
Total physical RAM: 8139.11 MB
Available physical RAM: 2678.18 MB
Total Virtual: 16276.37 MB
Available Virtual: 9619.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:61.3 GB) NTFS
Drive e: (Místní disk) (Fixed) (Total:465.76 GB) (Free:147.08 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{e5087f46-ef9e-11e7-8be0-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: F47FCEA7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2A0788D9)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#6 Příspěvek od **Rudy** » 31 črc 2019 18:21

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {3d5ee9ca-2292-11e8-a3e6-3085a9498ed5} - K:\setup.exe
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {3d5ee9d0-2292-11e8-a3e6-3085a9498ed5} - L:\setup.exe
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {f8e25e6b-88ca-11e8-8676-3085a9498ed5} - K:\LG_PC_Programs.exe
Task: {2592C952-D226-4C7D-994D-E6DA6378A0D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
Task: {50388E09-9106-441A-9B1A-13B922D6ED2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FirewallRules: [{9F22844D-6C53-4F6D-9210-39BB9CC34D72}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmr-stak-cpu\powercore-main.exe No File
FirewallRules: [{E243AF31-BA30-479A-BFB3-11E307E9D056}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmr-stak-cpu\powercore-main.exe No File
FirewallRules: [{C5DAFD74-5768-4E1C-90C8-31E898311B97}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\equihash\powercore-main-g.exe No File
FirewallRules: [{EEC8E800-7EF5-406D-B19B-665DF6C329D4}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\equihash\powercore-main-g.exe No File
FirewallRules: [{29DEC4CE-76D4-4A8D-BD33-1AC1B0D7AB3B}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual\EthDcrMiner64.exe No File
FirewallRules: [{38C25A20-0509-460B-A68D-06DEB767493E}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual\EthDcrMiner64.exe No File
FirewallRules: [{7B8C29B1-A787-4665-AA33-04AED61B644F}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ewbf\miner.exe No File
FirewallRules: [{FAB508A7-B683-4A4F-9053-B5E670EC8789}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ewbf\miner.exe No File
FirewallRules: [{5C3C9B06-958C-422B-8F62-02A8FB69807B}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-xmr\NsGpuCNMiner.exe No File
FirewallRules: [{EE1CA63C-D9EF-4790-9836-47BC3F71D6C2}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-xmr\NsGpuCNMiner.exe No File
FirewallRules: [{80DB2BE1-1C42-41B0-9D5E-48F345BF22B9}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-x64\ccminer-x64.exe No File
FirewallRules: [{1AD1DD19-3E2B-44B6-8B18-0862DD92A8F1}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-x64\ccminer-x64.exe No File
FirewallRules: [{016DC3A7-E23C-461E-B6A0-639AD5381E6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C645DEA0-DC62-4022-BA09-E8C930A02DFC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{8ECF6FB9-869D-4B32-8F33-3C1DBDA51165}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll No File
FirewallRules: [{A249573D-B8FD-4B46-A72C-D36ECD4AF8AA}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll No File
FirewallRules: [{F14C6CB8-E7BD-4087-936A-839A074E2D72}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe No File
FirewallRules: [{7BE2E64A-517A-493E-937F-AC674BF3586F}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Duk · #7 Příspěvek od **Duk** » 31 črc 2019 18:31

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-07-2019
Ran by Dukino (31-07-2019 19:27:32) Run:1
Running from C:\Users\Dukino\Desktop
Loaded Profiles: Dukino (Available Profiles: Dukino)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {3d5ee9ca-2292-11e8-a3e6-3085a9498ed5} - K:\setup.exe
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {3d5ee9d0-2292-11e8-a3e6-3085a9498ed5} - L:\setup.exe
HKU\S-1-5-21-485831748-437032630-948835479-1000\...\MountPoints2: {f8e25e6b-88ca-11e8-8676-3085a9498ed5} - K:\LG_PC_Programs.exe
Task: {2592C952-D226-4C7D-994D-E6DA6378A0D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
Task: {50388E09-9106-441A-9B1A-13B922D6ED2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FirewallRules: [{9F22844D-6C53-4F6D-9210-39BB9CC34D72}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmr-stak-cpu\powercore-main.exe No File
FirewallRules: [{E243AF31-BA30-479A-BFB3-11E307E9D056}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmr-stak-cpu\powercore-main.exe No File
FirewallRules: [{C5DAFD74-5768-4E1C-90C8-31E898311B97}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\equihash\powercore-main-g.exe No File
FirewallRules: [{EEC8E800-7EF5-406D-B19B-665DF6C329D4}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\equihash\powercore-main-g.exe No File
FirewallRules: [{29DEC4CE-76D4-4A8D-BD33-1AC1B0D7AB3B}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual\EthDcrMiner64.exe No File
FirewallRules: [{38C25A20-0509-460B-A68D-06DEB767493E}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual\EthDcrMiner64.exe No File
FirewallRules: [{7B8C29B1-A787-4665-AA33-04AED61B644F}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ewbf\miner.exe No File
FirewallRules: [{FAB508A7-B683-4A4F-9053-B5E670EC8789}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ewbf\miner.exe No File
FirewallRules: [{5C3C9B06-958C-422B-8F62-02A8FB69807B}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-xmr\NsGpuCNMiner.exe No File
FirewallRules: [{EE1CA63C-D9EF-4790-9836-47BC3F71D6C2}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-xmr\NsGpuCNMiner.exe No File
FirewallRules: [{80DB2BE1-1C42-41B0-9D5E-48F345BF22B9}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-x64\ccminer-x64.exe No File
FirewallRules: [{1AD1DD19-3E2B-44B6-8B18-0862DD92A8F1}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-x64\ccminer-x64.exe No File
FirewallRules: [{016DC3A7-E23C-461E-B6A0-639AD5381E6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C645DEA0-DC62-4022-BA09-E8C930A02DFC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{8ECF6FB9-869D-4B32-8F33-3C1DBDA51165}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll No File
FirewallRules: [{A249573D-B8FD-4B46-A72C-D36ECD4AF8AA}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll No File
FirewallRules: [{F14C6CB8-E7BD-4087-936A-839A074E2D72}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe No File
FirewallRules: [{7BE2E64A-517A-493E-937F-AC674BF3586F}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-485831748-437032630-948835479-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d5ee9ca-2292-11e8-a3e6-3085a9498ed5} => removed successfully
HKLM\Software\Classes\CLSID\{3d5ee9ca-2292-11e8-a3e6-3085a9498ed5} => not found
HKU\S-1-5-21-485831748-437032630-948835479-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d5ee9d0-2292-11e8-a3e6-3085a9498ed5} => removed successfully
HKLM\Software\Classes\CLSID\{3d5ee9d0-2292-11e8-a3e6-3085a9498ed5} => not found
HKU\S-1-5-21-485831748-437032630-948835479-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8e25e6b-88ca-11e8-8676-3085a9498ed5} => removed successfully
HKLM\Software\Classes\CLSID\{f8e25e6b-88ca-11e8-8676-3085a9498ed5} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2592C952-D226-4C7D-994D-E6DA6378A0D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2592C952-D226-4C7D-994D-E6DA6378A0D3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{50388E09-9106-441A-9B1A-13B922D6ED2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50388E09-9106-441A-9B1A-13B922D6ED2A}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F22844D-6C53-4F6D-9210-39BB9CC34D72}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E243AF31-BA30-479A-BFB3-11E307E9D056}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5DAFD74-5768-4E1C-90C8-31E898311B97}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEC8E800-7EF5-406D-B19B-665DF6C329D4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29DEC4CE-76D4-4A8D-BD33-1AC1B0D7AB3B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38C25A20-0509-460B-A68D-06DEB767493E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B8C29B1-A787-4665-AA33-04AED61B644F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FAB508A7-B683-4A4F-9053-B5E670EC8789}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C3C9B06-958C-422B-8F62-02A8FB69807B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE1CA63C-D9EF-4790-9836-47BC3F71D6C2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{80DB2BE1-1C42-41B0-9D5E-48F345BF22B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1AD1DD19-3E2B-44B6-8B18-0862DD92A8F1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{016DC3A7-E23C-461E-B6A0-639AD5381E6E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C645DEA0-DC62-4022-BA09-E8C930A02DFC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8ECF6FB9-869D-4B32-8F33-3C1DBDA51165}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A249573D-B8FD-4B46-A72C-D36ECD4AF8AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F14C6CB8-E7BD-4087-936A-839A074E2D72}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BE2E64A-517A-493E-937F-AC674BF3586F}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 222199191 B
Java, Flash, Steam htmlcache => 279503029 B
Windows/system/drivers => 166381494 B
Edge => 0 B
Chrome => 407471814 B
Firefox => 1191837040 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558406 B
systemprofile32 => 66356 B
LocalService => 66228 B
NetworkService => 160864 B
Dukino => 2789286103 B

RecycleBin => 525218673 B
EmptyTemp: => 5.3 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 19:28:00 ====

#8 Příspěvek od **Rudy** » 31 črc 2019 18:50

Smazáno. Nastala nějaká změna?

Duk · #9 Příspěvek od **Duk** » 31 črc 2019 19:08

Bohužel,žádná změna.Stále antivir vyhazuje onu tabulku jak jsem uvedl v prvním příspěvku.

#10 Příspěvek od **Rudy** » 31 črc 2019 19:55

Vyčistíme ještě prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Duk · #11 Příspěvek od **Duk** » 31 črc 2019 20:30

Stále nic nepomohlo.
Logy:

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Dukino on st 31.07.2019 at 21:09:30,79.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dukino\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

31.7.2019 21:10:44 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted successfully
C:\Users\Dukino\AppData\Roaming\BetterHash deleted successfully
C:\Users\Dukino\AppData\Roaming\Corel deleted successfully
C:\Users\Dukino\AppData\Local\Blizzard deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\prefs.js:
user_pref("browser.startup.homepage", "www.centrum.cz");

Added to C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- FireFox user.js and prefs.js backups ----

prefs_31.07.2019_2119_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 not found
C:\PROGRA~3\Package Cache deleted
C:\Windows\Syswow64\SET46D5.tmp deleted
C:\Windows\Syswow64\SET5F9B.tmp deleted
C:\Windows\Syswow64\SET80F0.tmp deleted
C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default\extensions\staged deleted

==== Orphaned Tasks deleted from Registry ======================

ESET Windows 10 upgrade - Refresh settings deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default
- theme: images: theme_frame: CT.PNG colors: frame: rgba2292302321 tab_background_text: ffffff version: 2.0 ANIMATED - ALL IS MERRY BRIGHT manifest_version: 2 description: Remember if Christmas isnt found in your heart you wont find it under a tree.\n Charlotte Carpenter\n\nTAGS:\nChristmas lights Xmas blinking colorful animation png gif multi-colored festive decoration Santa holidays December winter \n\nMerry Christmas and a Happy New Year to You All xoxo \n\n^..^\nSaSSyGirL\n\nImage by JACQELINEla. You can view many great images similar to the one used in this design by visiting her profile at <a href\https:outgoing.prod.mozaws.netv158a0d14a1dac5320e9640196f1839f91c1a225ac2b01e61ad069fb8501413f10http3Amy.desktopnexus.comJACQELINEla\ rel\nofollow\>http:my.desktopnexus.comJACQELINEla<a> - %ProfilePath%\extensions\{02bb5bdd-a836-4d85-8434-21341200ed33}.xpi
- owl first snow manifest_version: 2 version: 6.0 theme: images: theme_frame: header.png colors: toolbar: rgba0 0 0 0 toolbar_field: rgba0 0 0 0 toolbar_field_text: rgba0 0 0 1 frame: rgba220 239 245 0 tab_background_text: rgba0 0 0 1 bookmark_text: rgba0 0 0 1 - %ProfilePath%\extensions\{5768d8ad-83b7-49ac-92a8-d762eb338665}.xpi
- theme: images: theme_frame: 3dSnowmen_top01.jpg colors: frame: 080808 tab_background_text: ffffff version: 2.0 Snowmen in Winter manifest_version: 2 description: Some 3d snowmen in a simple winter setting. - %ProfilePath%\extensions\{73eabba5-d0ac-430e-a730-2c6f207ed806}.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- theme: images: theme_frame: header.png colors: frame: 221f28 tab_background_text: fff4e5 version: 2.0 Happy New Year - Fireworks manifest_version: 2 description: Stock credit: <a rel\nofollow\ href\https:outgoing.prod.mozaws.netv191527f033edbb6377838b8bc2e82622b3ea8e6b2b30c48a305a86678aa2bb736http3Awww.freepik.com\>freepik<a> - %ProfilePath%\extensions\{f5ef1c8c-0d0d-4136-8042-92224875f7df}.xpi
- Celebrate 2018 by MDonna - %ProfilePath%\extensions\{ff2a1944-073d-43ce-8317-df4ed6c858d9}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Dukino\AppData\Roaming\Mozilla\Firefox\Profiles\1fp4hsca.default
- C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll - [?]

==== Chromium Look ======================

Chrome Media Router - Dukino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dukino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dukino\AppData\Local\Mozilla\Firefox\Profiles\1fp4hsca.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Dukino\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=71 folders=98 44123365 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Dukino\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dukino\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 31.07.2019 at 21:22:55,39 ======================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64
Ran by Dukino (Administrator) on st 31.07.2019 at 21:26:16,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 8

Successfully deleted: C:\Users\Dukino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DDNNMYTS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dukino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8T0KK97 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dukino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VZSRTLK7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dukino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YXI4P6OH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DDNNMYTS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8T0KK97 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VZSRTLK7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YXI4P6OH (Temporary Internet Files Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 31.07.2019 at 21:27:26,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Duk · #12 Příspěvek od **Duk** » 31 črc 2019 20:49

Ještě bych podotknul,že to stejné začlo dělat i sousedovy který je u stejného poskytovatele Internetu.Zajímavé.

#13 Příspěvek od **Rudy** » 31 črc 2019 21:09

Opravdu zajímavé. Změřte rychlost připojení a odezvu zde: www.dsl.cz a porovnejte s údajem uvedeným ve smlouvě o připojení k internetu.

Duk · #14 Příspěvek od **Duk** » 01 srp 2019 08:52

Změnu rychlosti jsem nezaznamenal,běží pořád stejně.

#15 Příspěvek od **Rudy** » 01 srp 2019 09:23

OK. Poprosím ještě jednou o logy FRST+Addition. Děkuji.

VIRY.CZ

JS/CoinMiner/AH

JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH

Re: JS/CoinMiner/AH