Právě je 19 led 2020 09:57

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.



Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 11 ] 
Autor Zpráva
 Předmět příspěvku: Zpomalený počítač
PříspěvekNapsal: 09 led 2020 07:29 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 28 dub 2008 18:06
Příspěvky: 250
Bydliště: Tromaville
Ahoj , mám to nějaké zasekané a dost mi zamrza PC .. přiložím log RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by YMER at 2020-01-09 07:32:57
Microsoft Windows 10 Education
System drive C: has 25 GB (11%) free of 229 GB
Total RAM: 8183 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:32:58, on 09.01.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\trend micro\YMER.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Viber] "E:\YMER\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Gopher.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Developer Tools Service (DeveloperToolsService) - Unknown owner - C:\Windows\System32\DeveloperToolsSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - E:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ManyCam Service - Visicom Media Inc. - C:\ProgramData\ManyCam\Service\service.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH SSH Server (sshd) - Unknown owner - C:\Windows\System32\OpenSSH\sshd.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing)

--
End of file - 9586 bytes

======Listing Processes======









C:\Windows\system32\lsass.exe
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-856b2003-2f61-4eca-8c2a-1a9e8de0ecaf -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e41177e7-917b-46b2-af48-753427057a27 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c0a9f3b4-ecd9-4646-a315-2a3704471ac8 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-fe84c639-deae-418f-8be1-3cb547f95c99 -LifetimeId:270eaef6-d0db-4eb9-8831-b556551649e7 -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp

c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc

C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Windows\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Windows\System32\svchost.exe -k utcsvc -p
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"

C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\Windows\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

C:\Windows\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
AvastUI.exe /nogui
"C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe" Spotify.exe --autostart
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\YMER\AppData\Local\SpotifyAppX\User Data\Crashpad" "--metrics-dir=C:\Users\YMER\AppData\Local\SpotifyAppX\User Data" --url=https://crashdump.spotify.com:443/ --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.1.12.451 --initial-client-data=0x654,0x658,0x65c,0x650,0x660,0x6c5b38b0,0x6c5b38c0,0x6c5b38cc
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe" --type=gpu-process --field-trial-handle=2120,16356866183918977835,9163418683525579173,131072 --disable-features=ExtendedMouseButtons --disable-d3d11 --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\debug.log" --log-severity=disable --product-version=Spotify/1.1.12.451 --lang=cs --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\debug.log" --service-request-channel-token=9729824230962236142 --mojo-platform-channel-handle=2220 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe" --type=utility --field-trial-handle=2120,16356866183918977835,9163418683525579173,131072 --disable-features=ExtendedMouseButtons --lang=cs --service-sandbox-type=network --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\debug.log" --log-severity=disable --product-version=Spotify/1.1.12.451 --lang=cs --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\debug.log" --service-request-channel-token=14558943661466942769 --mojo-platform-channel-handle=3336 /prefetch:8
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe" --type=renderer --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\debug.log" --field-trial-handle=2120,16356866183918977835,9163418683525579173,131072 --disable-features=ExtendedMouseButtons --lang=cs --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\debug.log" --log-severity=disable --product-version=Spotify/1.1.12.451 --disable-spell-checking --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15802423939140889184 --renderer-client-id=4 --mojo-platform-channel-handle=3448 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\YMER\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\YMER\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=79.0.3945.88 --initial-client-data=0x84,0x88,0x8c,0x78,0x90,0x7ff8e8badd08,0x7ff8e8badd18,0x7ff8e8badd28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=76 --on-initialized-event-handle=472 --parent-handle=476 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1468,4930624368814795785,4164151822494651527,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=17757621710301019584 --mojo-platform-channel-handle=1480 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1468,4930624368814795785,4164151822494651527,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --service-request-channel-token=5159843194511026645 --mojo-platform-channel-handle=1680 /prefetch:8
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
C:\Windows\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,4930624368814795785,4164151822494651527,131072 --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=569702871416859107 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2768 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1468,4930624368814795785,4164151822494651527,131072 --lang=cs --service-sandbox-type=audio --enable-audio-service-sandbox --service-request-channel-token=1151425118248686647 --mojo-platform-channel-handle=5220 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=7940,6988092408356644880,718772776983270499,131072 --no-sandbox --disable-direct-composition --log-file="C:\Users\YMER\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (19.8.2393)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=12541125373347089815 --mojo-platform-channel-handle=7960 /prefetch:2

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,4930624368814795785,4164151822494651527,131072 --lang=cs --instant-process --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4825118960186543675 --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,4930624368814795785,4164151822494651527,131072 --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9079434988176703948 --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,4930624368814795785,4164151822494651527,131072 --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6829149190521773965 --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,4930624368814795785,4164151822494651527,131072 --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2100050969979543738 --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8724 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"E:\YMER\Downloads\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.293 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.231.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.231.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.293 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.231.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.231.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll


C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30 582200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30 245304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30 480312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30 194616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-10-02 268680]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2019-04-20 18391120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2019-11-12 83524968]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-10-14 24552064]
"Viber"=E:\YMER\AppData\Local\Viber\Viber.exe [2018-02-22 35950152]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2019-10-05 645648]

C:\Users\YMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Gopher.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
SshdPinAuthLsa

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\epmntdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EuGdiDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\epmntdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EuGdiDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"PromptOnSecureDesktop"=0
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=lvcod64.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-01-09 07:26:36 ----D---- C:\Program Files\trend micro
2020-01-09 07:26:35 ----D---- C:\rsit
2020-01-09 06:25:09 ----D---- C:\Program Files\Mozilla Firefox
2020-01-07 18:05:38 ----A---- C:\Windows\SYSWOW64\config.ini
2020-01-07 17:37:00 ----D---- C:\Program Files (x86)\Microsoft XNA
2019-12-26 14:55:32 ----D---- C:\ProgramData\SystemAcCrux
2019-12-26 14:55:21 ----A---- C:\Windows\system32\drivers\EPMVolFl0.sys
2019-12-26 14:55:18 ----D---- C:\Program Files (x86)\EaseUS
2019-12-19 07:41:40 ----D---- C:\Program Files\qBittorrent
2019-12-12 15:41:56 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:41:56 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Enumeration.dll
2019-12-12 15:41:56 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:41:55 ----A---- C:\Windows\system32\Windows.Devices.Enumeration.dll
2019-12-12 15:41:55 ----A---- C:\Windows\system32\services.exe
2019-12-12 15:41:55 ----A---- C:\Windows\system32\edgehtml.dll
2019-12-12 15:41:52 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2019-12-12 15:41:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-12-12 15:41:51 ----A---- C:\Windows\system32\Chakra.dll
2019-12-12 15:41:50 ----A---- C:\Windows\SYSWOW64\user32.dll
2019-12-12 15:41:50 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2019-12-12 15:41:50 ----A---- C:\Windows\system32\user32.dll
2019-12-12 15:41:49 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2019-12-12 15:41:48 ----A---- C:\Windows\system32\win32kfull.sys
2019-12-12 15:41:48 ----A---- C:\Windows\system32\sppobjs.dll
2019-12-12 15:41:47 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2019-12-12 15:41:47 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2019-12-12 15:41:46 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2019-12-12 15:41:46 ----A---- C:\Windows\system32\usocore.dll
2019-12-12 15:41:46 ----A---- C:\Windows\system32\KernelBase.dll
2019-12-12 15:41:46 ----A---- C:\Windows\system32\hvix64.exe
2019-12-12 15:41:46 ----A---- C:\Windows\system32\hvax64.exe
2019-12-12 15:41:46 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2019-12-12 15:41:45 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2019-12-12 15:41:45 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-12-12 15:41:45 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2019-12-12 15:41:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2019-12-12 15:41:45 ----A---- C:\Windows\system32\updatehandlers.dll
2019-12-12 15:41:45 ----A---- C:\Windows\system32\MusNotification.exe
2019-12-12 15:41:45 ----A---- C:\Windows\system32\gdi32full.dll
2019-12-12 15:41:45 ----A---- C:\Windows\system32\EdgeManager.dll
2019-12-12 15:41:45 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 15:41:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-12-12 15:41:44 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-12-12 15:41:44 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2019-12-12 15:41:44 ----A---- C:\Windows\system32\winload.exe
2019-12-12 15:41:44 ----A---- C:\Windows\system32\webplatstorageserver.dll
2019-12-12 15:41:44 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-12 15:41:44 ----A---- C:\Windows\system32\oleaut32.dll
2019-12-12 15:41:44 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2019-12-12 15:41:44 ----A---- C:\Windows\system32\MusNotificationUx.exe
2019-12-12 15:41:44 ----A---- C:\Windows\system32\GdiPlus.dll
2019-12-12 15:41:44 ----A---- C:\Windows\system32\bcastdvruserservice.dll
2019-12-12 15:41:44 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 15:41:43 ----A---- C:\Windows\SYSWOW64\msvproc.dll
2019-12-12 15:41:43 ----A---- C:\Windows\SYSWOW64\MSVideoDSP.dll
2019-12-12 15:41:43 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2019-12-12 15:41:43 ----A---- C:\Windows\SYSWOW64\EdgeManager.dll
2019-12-12 15:41:43 ----A---- C:\Windows\system32\winresume.exe
2019-12-12 15:41:43 ----A---- C:\Windows\system32\vbscript.dll
2019-12-12 15:41:43 ----A---- C:\Windows\system32\tcblaunch.exe
2019-12-12 15:41:43 ----A---- C:\Windows\system32\rdpcorets.dll
2019-12-12 15:41:43 ----A---- C:\Windows\system32\MSVPXENC.dll
2019-12-12 15:41:43 ----A---- C:\Windows\system32\msvproc.dll
2019-12-12 15:41:43 ----A---- C:\Windows\system32\MSVideoDSP.dll
2019-12-12 15:41:43 ----A---- C:\Windows\system32\fontsub.dll
2019-12-12 15:41:43 ----A---- C:\Windows\system32\fontdrvhost.exe
2019-12-12 15:41:42 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-12 15:41:42 ----A---- C:\Windows\SYSWOW64\webplatstorageserver.dll
2019-12-12 15:41:42 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2019-12-12 15:41:42 ----A---- C:\Windows\SYSWOW64\MSVPXENC.dll
2019-12-12 15:41:42 ----A---- C:\Windows\SYSWOW64\MSPhotography.dll
2019-12-12 15:41:42 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2019-12-12 15:41:42 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2019-12-12 15:41:42 ----A---- C:\Windows\system32\wow64win.dll
2019-12-12 15:41:42 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-12 15:41:42 ----A---- C:\Windows\system32\t2embed.dll
2019-12-12 15:41:42 ----A---- C:\Windows\system32\rdpudd.dll
2019-12-12 15:41:42 ----A---- C:\Windows\system32\MSPhotography.dll
2019-12-12 15:41:42 ----A---- C:\Windows\system32\drivers\hvservice.sys
2019-12-12 15:41:42 ----A---- C:\Windows\system32\DevQueryBroker.dll
2019-12-12 15:41:42 ----A---- C:\Windows\system32\atmfd.dll

======List of files/folders modified in the last 1 month======

2020-01-09 07:32:24 ----D---- C:\Windows\Temp
2020-01-09 07:29:58 ----D---- C:\Windows\System32
2020-01-09 07:29:58 ----D---- C:\Windows\INF
2020-01-09 07:29:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-01-09 07:26:36 ----RD---- C:\Program Files
2020-01-09 07:24:39 ----D---- C:\ProgramData\NVIDIA
2020-01-09 07:24:26 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-01-09 07:24:25 ----D---- C:\Windows
2020-01-09 07:23:41 ----D---- C:\Windows\system32\sru
2020-01-09 07:17:14 ----D---- C:\Windows\Logs
2020-01-09 07:17:14 ----D---- C:\Windows\debug
2020-01-09 07:14:48 ----D---- C:\Windows\system32\SleepStudy
2020-01-09 07:10:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-08 06:35:47 ----D---- C:\Windows\system32\LogFiles
2020-01-07 18:30:27 ----RD---- C:\Windows\Microsoft.NET
2020-01-07 18:05:38 ----AD---- C:\Windows\SysWOW64
2020-01-07 17:37:04 ----SHD---- C:\Windows\Installer
2020-01-07 17:37:04 ----RSD---- C:\Windows\assembly
2020-01-07 17:37:00 ----RD---- C:\Program Files (x86)
2020-01-07 17:36:57 ----SHD---- C:\System Volume Information
2020-01-06 17:15:22 ----D---- C:\Windows\system32\drivers
2020-01-05 15:10:13 ----HD---- C:\ProgramData
2020-01-05 12:25:40 ----D---- C:\Users\YMER\AppData\Roaming\Winamp
2020-01-01 15:26:36 ----D---- C:\Windows\AppReadiness
2019-12-25 13:06:22 ----D---- C:\Windows\system32\catroot2
2019-12-24 01:47:17 ----D---- C:\Windows\system32\config
2019-12-24 01:00:06 ----D---- C:\Users\YMER\AppData\Roaming\qBittorrent
2019-12-23 02:51:10 ----D---- C:\Users\YMER\AppData\Roaming\.minecraft
2019-12-16 15:22:39 ----D---- C:\Windows\WinSxS
2019-12-12 18:10:13 ----SHD---- C:\Boot
2019-12-12 16:06:33 ----D---- C:\Windows\TextInput
2019-12-12 16:06:33 ----D---- C:\Windows\SYSWOW64\uk-UA
2019-12-12 16:06:33 ----D---- C:\Windows\SYSWOW64\pl-PL
2019-12-12 16:06:33 ----D---- C:\Windows\SYSWOW64\en-GB
2019-12-12 16:06:32 ----D---- C:\Windows\system32\uk-UA
2019-12-12 16:06:32 ----D---- C:\Windows\system32\pl-PL
2019-12-12 16:06:32 ----D---- C:\Windows\system32\migration
2019-12-12 16:06:32 ----D---- C:\Windows\system32\en-GB
2019-12-12 16:06:32 ----D---- C:\Windows\system32\Boot
2019-12-12 16:06:32 ----D---- C:\Windows\ShellExperiences
2019-12-12 16:06:32 ----D---- C:\Windows\bcastdvr
2019-12-12 16:06:31 ----D---- C:\Windows\system32\DriverStore
2019-12-12 15:45:33 ----D---- C:\Windows\CbsTemp
2019-12-12 15:41:26 ----D---- C:\Windows\system32\MRT
2019-12-12 15:38:37 ----AC---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2019-10-02 37616]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-10-02 209552]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-10-02 65120]
R0 aswElam;aswElam; C:\Windows\system32\drivers\aswElam.sys [2019-10-02 16304]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-10-02 83792]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-10-02 316528]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2018-12-08 58168]
R0 JRAID;JRAID; C:\Windows\System32\drivers\jraid.sys [2019-04-20 123704]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2019-09-13 228152]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\Windows\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-10-02 204824]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-10-02 274456]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2019-10-02 276952]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-10-02 42736]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-10-02 110320]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-10-02 848432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-10-02 460448]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2018-05-24 27552]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2013-08-01 91784]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2013-08-01 140736]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-11-02 161544]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-10-02 236024]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2019-07-09 414720]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2013-08-01 331328]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [2018-10-01 197648]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 AmUStor;@oem50.inf,%SERVICE_NAME%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2019-04-20 118088]
R3 dtlitescsibus;@oem118.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2019-06-17 30264]
R3 dtliteusbbus;@oem119.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2019-06-17 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2019-04-20 6486608]
R3 LHidFilt;@oem42.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2015-06-18 86672]
R3 LMouFilt;@oem42.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2015-06-18 69264]
R3 ManyCam;@oem35.inf,%ManyCam.DeviceDesc%;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-12-29 49272]
R3 mcaudrv_simple;@oem36.inf,%mcaudrv_simple.SvcDesc%;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-12-29 35960]
R3 NVHDA;@oem125.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2019-10-04 237208]
R3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [2019-10-04 22094728]
R3 nvvad_WaveExtensible;@oem51.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2019-04-20 70024]
R3 nvvhci;@oem39.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys [2018-10-01 74576]
R3 rt640x64;@oem53.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2019-04-20 1138136]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2018-04-12 127384]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2019-03-14 164664]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2018-04-12 143768]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2019-10-02 92472]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2018-04-12 123392]
S3 CompFilter64;UVCCompositeFilter; C:\Windows\System32\drivers\lvbflt64.sys [2018-05-24 26784]
S3 dg_ssudbus;@oem30.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-22 131984]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2018-07-27 25640]
S3 ETDSMBus;ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [2018-05-24 32840]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2018-11-07 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2018-07-27 30528]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2019-11-28 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-04-12 119808]
S3 LVRS64;@oem7.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-10-26 351520]
S3 LVUVC64;@oem6.inf,%PID_081D_DD%(UVC);Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-10-26 4758176]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-08-21 30792]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-10-02 996880]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-10-02 57504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_42be3;CDPUserSvc_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R2 hasplms;Sentinel LDK License Manager; C:\Windows\system32\hasplms.exe [2013-08-01 4609928]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10 773160]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-10-02 781680]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-10-10 645160]
R2 OneSyncSvc_42be3;OneSyncSvc_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\Windows\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-12-19 6259592]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2019-01-09 85472]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_42be3;PimIndexMaintenanceSvc_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S2 debugregsvc;@%SystemRoot%\system32\debugregsvc.dll,-200; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-14 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_42be3;BcastDVRUserService_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_42be3;BluetoothUserService_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 CaptureService_42be3;CaptureService_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DeveloperToolsService;Developer Tools Service; C:\Windows\System32\DeveloperToolsSvc.exe [2018-04-10 151040]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_42be3;DevicePickerUserSvc_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_42be3;DevicesFlowUserSvc_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 90112]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; E:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2291904]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-02-14 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe [2019-12-14 1113072]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-14 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-12-21 177376]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 ManyCam Service;ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [2015-12-15 77528]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_42be3;MessagingService_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-01-09 244936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10 773160]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_42be3;PrintWorkflowUserSvc_42be3; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2019-01-09 85472]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2019-09-13 5098408]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2019-01-09 85472]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2019-07-09 827920]
S4 dmwappushservice;dmwappushsvc; C:\Windows\system32\svchost.exe [2019-01-09 85472]

-----------------EOF-----------------


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 09 led 2020 07:41 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 28 dub 2008 18:06
Příspěvky: 250
Bydliště: Tromaville
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2020
Ran by YMER (administrator) on DESKTOP-00MKO9B (Gigabyte Technology Co., Ltd. P55-UD3L) (09-01-2020 07:37:04)
Running from E:\YMER\Downloads
Loaded Profiles: YMER (Available Profiles: YMER)
Platform: Windows 10 Education Version 1803 17134.1184 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-11-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Viber] => E:\YMER\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\Users\YMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gopher.exe [2020-01-07] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1AC345DB-4580-4478-AC2F-20113B9AFBCB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D55D620-C6D6-4F99-90C4-799ED234D581} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {3ACCC9F8-B9D3-4120-8B9D-9AEA1940A74A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {6EAE5442-49D6-41F6-8F87-A251ED86DAC6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {71D05E32-FE43-454E-8CF0-C6884B323213} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {72269900-38AC-424A-A4C5-D240FD6A71F0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {79D688C3-C226-4A6E-9C5A-82BB92E210C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {A095898A-66C1-4FD8-A126-C8DE339CBE7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {A31E0422-AE8C-4A3E-8D0E-3C2E147358E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA275E91-D49A-4015-8201-246518447F57} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6121979-6FC1-4129-831E-D88C41857A29} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
Task: {E7ED9A13-937A-4202-A57F-B8FBD2DF0BE4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E884A262-B17B-4797-870F-273D05121EF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBD9B64B-B57D-4380-852D-5A60FC817FEF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE287196-5399-4B11-B186-3251014985CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {FA211A20-E0C1-4156-8016-4AF3CC92CCF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{befebb7f-74f7-44af-93c9-456282bae772}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: orxdtu8e.default-1544966886308
FF ProfilePath: C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 [2020-01-09]
FF Notifications: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> hxxps://badoo.com; hxxps://www.reddit.com
FF Extension: (Pinned Google Drive) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2019-05-19]
FF Extension: (Double-click Image Downloader) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\jid1-xgtdawe3yyUeBQ@jetpack.xpi [2020-01-01]
FF Extension: (Avast Online Security) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\wrc@avast.com.xpi [2019-12-17]
FF Extension: (Blue Mozilla Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{250785ec-4aec-42b6-823f-05343d80e109}.xpi [2019-06-04]
FF Extension: (have a fox dream) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{3f1aff6b-0363-410f-b81b-9a286ffb4b10}.xpi [2019-05-13]
FF Extension: (Beach) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7668c7ca-266d-42af-8bb0-fff91d127aaf}.xpi [2019-05-14]
FF Extension: (YouTube High Definition) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2019-07-10]
FF Extension: (Mozilla: Firefox OS) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2019-07-12]
FF Extension: (YouTube Downloader Converter MP3) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi [2019-10-10]
FF Extension: (esafox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-06-02]
FF Extension: (Complete Black Theme for Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{c161a71c-fb42-4608-b001-5634b3f59a8b}.xpi [2019-06-04]
FF Extension: (No Name) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-17] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-17] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Notifications: Profile 1 -> hxxps://andalbrighth.pro
CHR Profile: C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-01-09]
CHR Extension: (Prezentace) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-10]
CHR Extension: (Dokumenty) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-12]
CHR Extension: (Disk Google) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (YouTube) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-12]
CHR Extension: (Tabulky) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-12]
CHR Extension: (Avast Online Security) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02]
CHR Extension: (Gmail) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; E:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
S3 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (ManyCam -> Visicom Media Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5098408 2019-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\Windows\System32\OpenSSH\sshd.exe [970240 2018-05-20] (Microsoft Windows -> )
S3 SshdBroker; C:\Windows\System32\SshdBroker.dll [285696 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [118088 2019-04-20] (Alcorlink Corp. -> )
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16304 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2018-07-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2018-05-24] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-11-07] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-07-27] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-24] (Martin Malik - REALiX -> REALiX(tm))
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2018-10-01] (NewSoftwares.net Inc. SDN. BHD. -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2019-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1138136 2019-04-20] (Realtek Semiconductor Corp. -> Realtek )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [56840 2019-04-20] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-09 07:26 - 2020-01-09 07:32 - 000000000 ____D C:\Program Files\trend micro
2020-01-09 07:26 - 2020-01-09 07:26 - 000000000 ____D C:\rsit
2020-01-09 06:25 - 2020-01-09 07:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-07 18:05 - 2020-01-07 18:05 - 000001438 _____ C:\Windows\SysWOW64\config.ini
2020-01-07 17:37 - 2020-01-07 17:37 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2019-12-26 14:55 - 2020-01-05 15:10 - 000000000 ____D C:\Program Files (x86)\EaseUS
2019-12-26 14:55 - 2019-12-26 14:55 - 000000000 ____D C:\ProgramData\SystemAcCrux
2019-12-26 14:55 - 2019-04-12 14:16 - 000030136 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\EPMVolFl0.sys
2019-12-25 16:33 - 2019-12-25 16:33 - 000000001 _____ C:\Users\YMER\AppData\Local\llftool.4.40.agreement
2019-12-21 19:34 - 2019-12-21 19:34 - 000000000 ____D C:\Users\YMER\AppData\Local\UnrealEngine
2019-12-21 19:34 - 2019-12-21 19:34 - 000000000 ____D C:\Users\YMER\AppData\Local\Microids
2019-12-19 07:41 - 2019-12-19 07:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-12-19 07:41 - 2019-12-19 07:41 - 000000000 ____D C:\Program Files\qBittorrent
2019-12-12 15:41 - 2019-11-28 11:52 - 000094216 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-12-12 15:41 - 2019-11-28 11:47 - 001641160 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-12 15:41 - 2019-11-28 11:47 - 000790928 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-12-12 15:41 - 2019-11-28 11:47 - 000490336 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-12 15:41 - 2019-11-28 11:47 - 000396304 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-12-12 15:41 - 2019-11-28 11:46 - 001632112 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-12-12 15:41 - 2019-11-28 11:46 - 001616608 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-12-12 15:41 - 2019-11-28 11:31 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-12 15:41 - 2019-11-28 11:31 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-12 15:41 - 2019-11-28 11:27 - 003614720 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-12-12 15:41 - 2019-11-28 11:27 - 001609216 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-12 15:41 - 2019-11-28 11:26 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-12 15:41 - 2019-11-28 11:25 - 001663488 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-12-12 15:41 - 2019-11-28 11:25 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-12-12 15:41 - 2019-11-28 10:09 - 001453624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-12-12 15:41 - 2019-11-28 10:07 - 000662840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-12-12 15:41 - 2019-11-28 10:06 - 001628704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-12 15:41 - 2019-11-28 10:06 - 000322360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-12-12 15:41 - 2019-11-28 09:53 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-12 15:41 - 2019-11-28 09:53 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-12 15:41 - 2019-11-28 09:48 - 002882048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-12-12 15:41 - 2019-11-28 09:47 - 001472000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-12-12 15:41 - 2019-11-28 06:20 - 001040744 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-12-12 15:41 - 2019-11-28 06:14 - 001224504 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-12-12 15:41 - 2019-11-28 06:13 - 000568104 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-12-12 15:41 - 2019-11-28 06:13 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-12-12 15:41 - 2019-11-28 06:12 - 001027384 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-12-12 15:41 - 2019-11-28 06:11 - 000498072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2019-12-12 15:41 - 2019-11-28 06:10 - 007520104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:41 - 2019-11-28 06:10 - 002571336 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-12 15:41 - 2019-11-28 06:10 - 002161072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2019-12-12 15:41 - 2019-11-28 06:10 - 001098272 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-12-12 15:41 - 2019-11-28 06:09 - 009080840 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-12 15:41 - 2019-11-28 06:09 - 001459120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-12 15:41 - 2019-11-28 06:09 - 001260784 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-12 15:41 - 2019-11-28 06:09 - 001141504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-12 15:41 - 2019-11-28 06:09 - 000983936 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-12-12 15:41 - 2019-11-28 06:09 - 000786080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-12 15:41 - 2019-11-28 06:09 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-12-12 15:41 - 2019-11-28 06:09 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-12 15:41 - 2019-11-28 05:52 - 025857024 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-12-12 15:41 - 2019-11-28 05:51 - 000424208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 15:41 - 2019-11-28 05:49 - 006567472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:41 - 2019-11-28 05:49 - 001979960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-12 15:41 - 2019-11-28 05:49 - 001651040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2019-12-12 15:41 - 2019-11-28 05:49 - 001130776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-12-12 15:41 - 2019-11-28 05:48 - 000603792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-12 15:41 - 2019-11-28 05:48 - 000581808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-12-12 15:41 - 2019-11-28 05:43 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-12-12 15:41 - 2019-11-28 05:41 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-12-12 15:41 - 2019-11-28 05:41 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\DevQueryBroker.dll
2019-12-12 15:41 - 2019-11-28 05:40 - 022016000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-12-12 15:41 - 2019-11-28 05:40 - 003403264 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-12-12 15:41 - 2019-11-28 05:40 - 001308160 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-12-12 15:41 - 2019-11-28 05:40 - 000369152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-12-12 15:41 - 2019-11-28 05:39 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2019-12-12 15:41 - 2019-11-28 05:39 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-12-12 15:41 - 2019-11-28 05:39 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-12-12 15:41 - 2019-11-28 05:38 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-12-12 15:41 - 2019-11-28 05:38 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-12-12 15:41 - 2019-11-28 05:37 - 002179072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 15:41 - 2019-11-28 05:36 - 001563648 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 15:41 - 2019-11-28 05:36 - 000629248 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-12-12 15:41 - 2019-11-28 05:36 - 000320000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-12 15:41 - 2019-11-28 05:35 - 001418752 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-12-12 15:41 - 2019-11-28 05:35 - 000545792 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-12 15:41 - 2019-11-28 05:34 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 15:41 - 2019-11-28 05:29 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2019-12-12 15:41 - 2019-11-28 05:28 - 005769728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-12-12 15:41 - 2019-11-28 05:28 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-12-12 15:41 - 2019-11-28 05:28 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-12-12 15:41 - 2019-11-28 05:28 - 000252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-12 15:41 - 2019-11-28 05:25 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-12 15:41 - 2019-11-28 04:13 - 000001312 _____ C:\Windows\system32\tcbres.wim
2019-12-12 15:41 - 2019-08-13 15:43 - 001295872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-09 07:37 - 2018-12-16 14:50 - 000000000 ____D C:\FRST
2020-01-09 07:36 - 2018-05-12 17:42 - 000000000 ____D C:\Users\YMER\AppData\LocalLow\Mozilla
2020-01-09 07:34 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-09 07:29 - 2018-05-12 17:24 - 001689054 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-09 07:29 - 2018-04-12 16:51 - 000715202 _____ C:\Windows\system32\perfh005.dat
2020-01-09 07:29 - 2018-04-12 16:51 - 000144496 _____ C:\Windows\system32\perfc005.dat
2020-01-09 07:29 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2020-01-09 07:24 - 2018-05-12 17:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-09 07:24 - 2018-05-12 17:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-09 07:23 - 2018-05-12 17:21 - 000000000 ____D C:\Users\YMER
2020-01-09 07:23 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI
2020-01-09 07:19 - 2018-07-19 14:53 - 000000000 ____D C:\Users\YMER\AppData\Local\AVAST Software
2020-01-09 07:17 - 2018-06-14 06:31 - 000000000 ____D C:\Users\YMER\AppData\Local\CrashDumps
2020-01-09 07:14 - 2018-05-12 17:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-01-09 07:10 - 2018-12-16 14:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-09 06:58 - 2018-12-16 12:56 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-09 06:41 - 2019-10-26 17:51 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-01-09 06:41 - 2019-10-26 17:51 - 000002236 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-01-09 06:41 - 2019-10-07 20:44 - 000003402 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-09 06:41 - 2019-10-07 20:44 - 000003178 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-09 06:41 - 2018-05-13 08:14 - 000002896 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-01-09 06:41 - 2018-05-13 08:14 - 000002444 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-01-09 06:41 - 2018-05-13 08:14 - 000002392 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-01-09 06:41 - 2018-05-13 08:14 - 000002388 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-01-09 06:41 - 2018-05-13 08:14 - 000002374 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-01-09 06:41 - 2018-05-13 08:14 - 000002370 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-01-09 06:41 - 2018-05-12 22:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-01-06 06:49 - 2018-05-12 22:25 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-01-05 15:14 - 2012-12-27 19:24 - 000000000 ___RD C:\Users\YMER\Documents\Ostatní dokumenty
2020-01-05 12:25 - 2018-07-27 07:48 - 000000000 ____D C:\Users\YMER\AppData\Roaming\Winamp
2020-01-01 15:26 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2019-12-31 10:40 - 2018-07-16 15:43 - 000000000 ____D C:\Users\YMER\AppData\Local\ManyCam
2019-12-24 01:00 - 2019-10-27 23:22 - 000000000 ____D C:\Users\YMER\AppData\Roaming\qBittorrent
2019-12-23 02:51 - 2019-11-30 11:06 - 000000000 ____D C:\Users\YMER\AppData\Roaming\.minecraft
2019-12-21 17:45 - 2018-05-12 17:21 - 000000000 ____D C:\Users\YMER\AppData\Local\Packages
2019-12-18 06:44 - 2018-05-14 19:38 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 06:44 - 2018-05-14 19:38 - 000002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-12 18:10 - 2018-05-12 17:16 - 001726504 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-12 16:06 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\TextInput
2019-12-12 16:06 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-12-12 16:06 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\bcastdvr
2019-12-12 15:45 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2019-12-12 15:41 - 2018-05-12 21:26 - 000000000 ____D C:\Windows\system32\MRT
2019-12-12 15:38 - 2018-05-12 21:25 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2019-10-20 21:15 - 2019-10-20 21:15 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
2018-05-28 22:58 - 2019-04-28 00:06 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2019-03-30 22:49 - 2019-03-30 22:53 - 000002971 _____ () C:\Users\YMER\AppData\Roaming\downloads.json
2018-11-05 15:33 - 2018-11-05 15:33 - 000001013 _____ () C:\Users\YMER\AppData\Roaming\pictur.jpeg
2019-04-21 10:22 - 2019-11-15 00:06 - 000005120 _____ () C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-12-25 16:33 - 2019-12-25 16:33 - 000000001 _____ () C:\Users\YMER\AppData\Local\llftool.4.40.agreement
2018-05-12 19:18 - 2018-05-12 19:18 - 000000017 _____ () C:\Users\YMER\AppData\Local\resmon.resmoncfg
2018-10-01 07:44 - 2019-02-25 06:14 - 000000700 ___SH () C:\Users\YMER\AppData\Local\systemFL7.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 09 led 2020 10:33 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110383
Bydliště: Plzeň
Zdravím!
Ještě potřebuji vidět obsah souboru addition.txt. Najdete ho v E:\YMER\Downloads. Jinak nemusíte u desítek dávat RSIT, ten je v nich nepoužitelný.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 09 led 2020 18:03 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 28 dub 2008 18:06
Příspěvky: 250
Bydliště: Tromaville
díky , ten RSIT byl zbytečný já vím.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by YMER (09-01-2020 07:38:28)
Running from E:\YMER\Downloads
Windows 10 Education Version 1803 17134.1184 (X64) (2018-05-12 16:18:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-169180647-2445698039-3035944160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169180647-2445698039-3035944160-503 - Limited - Disabled)
Guest (S-1-5-21-169180647-2445698039-3035944160-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-169180647-2445698039-3035944160-504 - Limited - Disabled)
YMER (S-1-5-21-169180647-2445698039-3035944160-1001 - Administrator - Enabled) => C:\Users\YMER

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Age of Empires: Definitive Edition [FULL REMOVAL] (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\{1F36588A-148D-4BED-AD83-12C63E1F780E}_is1) (Version: 1.3.5101.2 - Microsoft Studios)
Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Syndicate (HKLM-x32\...\Assassins Creed - Syndicate_is1) (Version: 1.12.0.0 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Batman Arkham Knight (HKLM-x32\...\Batman Arkham Knight_is1) (Version: 1.0.4.5 - Релиз от R.G. Steamgames)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Divinity: Original Sin Enhanced Edition (2.0.119.430_(hotfix)) (HKLM-x32\...\1445516929_is1) (Version: 0.1.1.310 - GOG.com)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.3.1 - Hotger)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.46.5308 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Icecream Screen Recorder verze 5.30 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.30 - Icecream Apps)
Intel(R) Update Manager (HKLM-x32\...\{AA8BC571-E96E-4478-927F-CB44CC7D7D07}) (Version: 3.5.2247 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.5.2.400 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - )
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Offroad Racing Buggy X ATV X Moto (HKLM-x32\...\Offroad Racing Buggy X ATV X Moto_is1) (Version: - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer)
Ulož.to FileManager 2.77 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.77 - Uloz.to cloud a.s.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{F7773180-1A27-11E7-864D-C2A106E0D44C}) (Version: 14.0.252 - VEGAS)
WebM Project Directshow Filters (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows KMS Activator Ultimate 2019 4.5 (HKLM\...\Windows KMS Activator Ultimate 2019 4.5_is1) (Version: 4.5 - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 18.3.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.3.1 - WinTools Software Engineering, Ltd.)
Wolfenstein The Old Blood (HKLM-x32\...\{1A6EABD2-7063-4879-909C-D2C567DE5AB9}) (Version: 1.0.0 - Bethesda)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.2.173.0_x64__rz1tebttyb220 [2018-05-12] (Dolby Laboratories)
EdgeDevtoolsPlugin -> C:\Windows\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2018-09-08] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_30.1604.3938.0_x86__8xx8rvfyw5nnt [2018-07-05] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x86__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
MPEG2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.6.0_x64__8wekyb3d8bbwe [2018-08-21] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.24.11294.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21295.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 [2019-08-25] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2019-07-29 22:49 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\YMER\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrace produktu.lnk"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Gopher.exe"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "WinFLTray"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "FLBackup"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{1E74BCD0-1DDC-4A02-94C0-248432757734}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{81E73763-65A6-4728-90D2-FA284683CB41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{FB600992-DB5B-4089-B1D1-F5E3B5628ECF}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{09799398-045D-4372-90AF-B687258EF541}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{E0E98292-19D0-4908-A1E6-85D174BD5CB8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E8724A30-F49C-4523-B27F-C5EE2DB8D87C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8BE7BDBE-961F-424F-B862-D02B04DD896B}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{BDBE58D0-9D03-4302-9205-CA498D8F30D4}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{075EFF2E-0864-4F96-9260-4D494470675E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0571D62C-24D6-415C-AE9D-434F041AB26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7AC80EB-9BEE-4AC6-B595-10C35778C6DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CA790C4-1511-4D12-B644-39EF1FA6CBC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2FF1CA7F-544A-48E2-84A3-BD453E05EA30}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D377EB3B-A0D9-44DC-8B5D-05AD8B64A629}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{1B473C89-987B-4CFC-8FAE-CC37A37E156D}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{E3D70879-BE59-4DA1-A415-00AA1111EFAD}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [{37BDB13B-2DD9-4B63-9A53-E7272750605E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C7452D39-903B-4898-83D7-9397CD15AF59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E173D714-A66D-408E-923D-6FA2841C2FCC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{872ECFA6-2368-46F3-95DA-6CAC8A5102AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FD978F39-CB2D-4BAA-8E9A-4262DA6F4825}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7D383B14-0B8A-49B4-AD08-521E3C8B872F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{820311FB-A5B6-4329-9C95-20EC0DEA16FF}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{F41A292A-E85A-4AD1-8E1F-D78A9C2ECD98}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [{39E80BF1-4733-4485-A038-0F1DD1DF5314}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [{E196FD93-EE7C-4EF2-A720-2A99FC0293F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{363EA2AB-78B6-4B2C-8BA8-2B1915AAFBB6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41A1BE93-094D-4E80-A035-2F89D3402052}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6D18CC0C-5ED6-4901-B80D-D2BB7CC001FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C4A022D-7C45-49B2-BD73-B1EB8A35C48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5C22394B-F3DB-49D9-A2E4-04D404A05E94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{58EB516F-F9AF-4ED8-A1EC-F2B3EA05EF7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{57D440A8-43C7-407C-80D6-25E05E5168A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{192F9CFB-72A4-43C4-83F8-9BE7CCE9D8AC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{543F9592-C384-4683-991F-DB3ADAF53075}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4BCFDDF4-B199-4552-B904-BFFF09105B9A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BFFF315B-2860-445E-8092-B7BA3603E414}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{3507F5D6-FF1A-471D-BB6B-678274798063}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{8983D30F-A5E6-42B7-ADA3-4714015F7458}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{EF84E1E3-0739-4BDE-8FB0-7ECC94D9B749}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\javaw.exe

==================== Restore Points =========================

20-12-2019 07:07:15 Naplánovaný kontrolní bod
29-12-2019 13:07:21 Naplánovaný kontrolní bod
05-01-2020 13:16:12 Naplánovaný kontrolní bod
07-01-2020 17:36:47 Installed Microsoft XNA Framework Redistributable 4.0

==================== Faulty Device Manager Devices ============

Name: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Description: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/09/2020 07:25:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/09/2020 07:24:59 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/09/2020 07:15:29 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/09/2020 07:15:29 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/09/2020 07:11:13 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/09/2020 07:11:11 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/09/2020 06:22:50 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/09/2020 06:22:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=4


System errors:
=============
Error: (01/09/2020 07:24:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/09/2020 07:24:53 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/09/2020 07:20:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/09/2020 07:15:29 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/09/2020 07:14:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (7:10:29, ‎09.‎01.‎2020) bylo neočekávané.

Error: (01/09/2020 07:11:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/09/2020 07:10:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (6:34:51, ‎09.‎01.‎2020) bylo neočekávané.

Error: (01/09/2020 06:22:43 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-08-12 13:53:08.881
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C31CD767-0A7D-481B-BC3E-6EA8999EB489}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-28 02:49:36.526
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {40FD5BC1-3BE3-45B2-91AE-87528C0A660B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-00MKO9B\YMER

Date: 2018-07-27 20:42:31.127
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:57.974
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:43.866
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

CodeIntegrity:
===================================

Date: 2020-01-09 07:36:17.989
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 07:36:17.985
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 07:35:58.687
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 07:35:58.682
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 07:35:58.670
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 07:35:58.664
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 07:35:22.846
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 07:35:22.842
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. FI 11/01/2010
Motherboard: Gigabyte Technology Co., Ltd. P55-UD3L
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 45%
Total physical RAM: 8183.49 MB
Available physical RAM: 4481.03 MB
Total Virtual: 9463.49 MB
Available Virtual: 5178.07 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:223.58 GB) (Free:23.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (HDD) (Fixed) (Total:931.41 GB) (Free:276.66 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0201E900)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7F2C3E95)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 09 led 2020 18:49 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110383
Bydliště: Plzeň
OK. Teď spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 10 led 2020 08:09 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 28 dub 2008 18:06
Příspěvky: 250
Bydliště: Tromaville
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-10-2020
# Duration: 00:00:00
# OS: Windows 10 Education
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1268 octets] - [16/12/2018 18:29:21]
AdwCleaner[C00].txt - [1434 octets] - [16/12/2018 18:29:32]
AdwCleaner[S01].txt - [1390 octets] - [03/03/2019 19:59:53]
AdwCleaner[C01].txt - [1556 octets] - [03/03/2019 20:00:08]
AdwCleaner[S02].txt - [2116 octets] - [29/07/2019 23:01:26]
AdwCleaner[C02].txt - [2154 octets] - [29/07/2019 23:01:52]
AdwCleaner[S03].txt - [1710 octets] - [10/01/2020 08:09:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 10 led 2020 10:22 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110383
Bydliště: Plzeň
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2D55D620-C6D6-4F99-90C4-799ED234D581} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {A095898A-66C1-4FD8-A126-C8DE339CBE7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End


Uložte do E:\YMER\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 10 led 2020 14:38 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 28 dub 2008 18:06
Příspěvky: 250
Bydliště: Tromaville
Fix result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by YMER (10-01-2020 14:39:07) Run:3
Running from E:\YMER\Downloads
Loaded Profiles: YMER (Available Profiles: YMER)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2D55D620-C6D6-4F99-90C4-799ED234D581} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {A095898A-66C1-4FD8-A126-C8DE339CBE7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\OpenSSH-Server-In-TCP" => removed successfully
"C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D55D620-C6D6-4F99-90C4-799ED234D581}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D55D620-C6D6-4F99-90C4-799ED234D581}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A095898A-66C1-4FD8-A126-C8DE339CBE7E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A095898A-66C1-4FD8-A126-C8DE339CBE7E}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 80379364 B
Java, Flash, Steam htmlcache => 1211 B
Windows/system/drivers => 42718612 B
Edge => 44544 B
Chrome => 39519164 B
Firefox => 1150269361 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2726 B
NetworkService => 2726 B
YMER => 7591771 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:39:46 ====


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 10 led 2020 14:54 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110383
Bydliště: Plzeň
Snazáno. Nastala nějaká změna?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 10 led 2020 16:31 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 28 dub 2008 18:06
Příspěvky: 250
Bydliště: Tromaville
vše v pohodě už běží! Moc havěti tam ale nebylo co? Díky moc za check :157:


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Zpomalený počítač
PříspěvekNapsal: 10 led 2020 16:48 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110383
Bydliště: Plzeň
Víceméně jen zbytečnosti. Nemáte zač! :)

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 11 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Kurz o prevenci před útoky a podvodníky na internetu
Přispějete na provoz fóra?