Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Občas mi zamrzne PC

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Občas mi zamrzne PC

#1 Příspěvek od toox »

Zdravím párkrát za týden mi zamrzne PC jinak bych řekl že je vše v pořádku.

Logfile of random's system information tool 1.10 (written by random/random)
Run by YMER at 2018-09-08 11:56:08
Microsoft Windows 10 Education
System drive C: has 63 GB (27%) free of 229 GB
Total RAM: 8183 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:56:11, on 08.09.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe
E:\YMER\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
E:\YMER\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
C:\Program Files\trend micro\YMER.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [uTorrent] "E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Developer Tools Service (DeveloperToolsService) - Unknown owner - C:\Windows\System32\DeveloperToolsSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ManyCam Service - Visicom Media Inc. - C:\ProgramData\ManyCam\Service\service.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH SSH Server (sshd) - Unknown owner - C:\Windows\System32\OpenSSH\sshd.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing)

--
End of file - 8189 bytes

======Listing Processes======









c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-07ab6c05-a15d-4ce7-b6ff-9f1f1901cced -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-45a8f94a-685b-4437-8196-612df30bc13d -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f85f0a04-2cae-409c-a8fd-ef223aa18357 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-bf68b2da-7e2a-4a36-95e6-f91417d7925d -LifetimeId:e0314a8a-02ad-4ba9-a231-1fd1278ef512 -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\ProgramData\ManyCam\Service\service.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

C:\Windows\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c

c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc

C:\Windows\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
AvastUI.exe /nogui
C:\Windows\System32\RuntimeBroker.exe -Embedding
"E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"E:\YMER\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe" uTorrent_7552_00B7D5D0_1429741431 µTorrent4823DF041B09 uTorrent
"E:\YMER\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe" uTorrent_7552_00B7D9F8_1512618796 µTorrent4823DF041B09 uTorrent
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\system32\AUDIODG.EXE 0x248
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService

"E:\YMER\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-08-26 242392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe [2018-04-18 1983672]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-08-08 49762136]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
SshdPinAuthLsa

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"PromptOnSecureDesktop"=0
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=lvcod64.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-09-08 11:56:08 ----D---- C:\rsit
2018-09-08 11:56:08 ----D---- C:\Program Files\trend micro
2018-09-04 16:31:15 ----D---- C:\Program Files\Microsoft Mouse and Keyboard Center
2018-09-04 15:56:18 ----D---- C:\Program Files (x86)\Heroes of Might and Magic III HD Edition
2018-08-26 09:49:24 ----A---- C:\Windows\system32\aswBoot.exe
2018-08-23 21:47:04 ----D---- C:\Users\YMER\AppData\Roaming\Skype
2018-08-23 21:46:54 ----D---- C:\Program Files (x86)\Microsoft
2018-08-19 12:05:00 ----D---- C:\Users\YMER\AppData\Roaming\LOVE
2018-08-15 07:42:46 ----D---- C:\Program Files (x86)\VulkanRT
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvEncMFTH264.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvDecMFTMjpeg.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2018-08-15 07:40:05 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvopencl.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\NvIFR64.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\NvFBC64.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvEncMFTH264.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvdispgenco6439882.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvdispco6439882.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvDecMFTMjpeg.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvcuvid.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvcuda.dll
2018-08-15 07:40:05 ----A---- C:\Windows\system32\nvcompiler.dll
2018-08-12 16:16:05 ----D---- C:\Windows\Microsoft Antimalware
2018-08-12 15:01:17 ----A---- C:\Windows\system32\drivers\mbae64.sys
2018-08-12 15:01:11 ----D---- C:\ProgramData\Malwarebytes
2018-08-12 15:01:11 ----D---- C:\Program Files\Malwarebytes
2018-08-12 10:58:46 ----D---- C:\ProgramData\Socialclub
2018-08-12 10:58:00 ----D---- C:\Users\YMER\AppData\Roaming\A
2018-08-12 10:49:38 ----D---- C:\Program Files (x86)\Rockstar Games
2018-08-12 10:49:36 ----D---- C:\Program Files\Rockstar Games
2018-08-10 23:04:23 ----D---- C:\Users\YMER\AppData\Roaming\uplay
2018-08-10 20:03:53 ----D---- C:\ProgramData\Slightly Mad Studios

======List of files/folders modified in the last 1 month======

2018-09-08 11:56:08 ----RD---- C:\Program Files
2018-09-08 11:55:48 ----D---- C:\Windows\Temp
2018-09-08 11:52:43 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-09-08 11:10:00 ----D---- C:\Windows\system32\sru
2018-09-08 08:53:38 ----D---- C:\Windows\system32\SleepStudy
2018-09-08 08:16:55 ----D---- C:\Windows\system32\LogFiles
2018-09-08 08:16:54 ----D---- C:\Windows\AppReadiness
2018-09-08 08:16:43 ----RD---- C:\Windows\Microsoft.NET
2018-09-08 08:05:39 ----D---- C:\ProgramData\NVIDIA
2018-09-07 16:12:05 ----D---- C:\Windows\System32
2018-09-07 16:12:05 ----D---- C:\Windows\INF
2018-09-07 16:12:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-09-07 09:15:54 ----D---- C:\Windows\system32\drivers
2018-09-06 16:06:48 ----D---- C:\Windows\Logs
2018-09-05 08:13:12 ----D---- C:\Windows\system32\catroot2
2018-09-05 08:13:12 ----D---- C:\Windows\system32\CatRoot
2018-09-04 16:31:21 ----D---- C:\Windows\system32\Tasks
2018-09-04 16:31:19 ----SHD---- C:\Windows\Installer
2018-09-04 16:31:19 ----D---- C:\Windows\system32\DriverStore
2018-09-04 16:30:59 ----SHD---- C:\System Volume Information
2018-09-04 15:56:18 ----RD---- C:\Program Files (x86)
2018-09-04 14:35:46 ----D---- C:\Windows
2018-08-29 17:13:05 ----D---- C:\Windows\system32\config
2018-08-27 19:14:01 ----D---- C:\Windows\WinSxS
2018-08-26 09:49:24 ----HD---- C:\Windows\ELAMBKUP
2018-08-25 14:17:04 ----D---- C:\Windows\SoftwareDistribution
2018-08-25 13:23:26 ----D---- C:\Windows\LiveKernelReports
2018-08-24 10:52:24 ----D---- C:\Program Files (x86)\SpeedFan
2018-08-23 22:03:51 ----D---- C:\Windows\SysWOW64
2018-08-23 21:56:59 ----D---- C:\Temp
2018-08-23 21:47:05 ----SD---- C:\Users\YMER\AppData\Roaming\Microsoft
2018-08-21 09:54:11 ----HD---- C:\Program Files\WindowsApps
2018-08-19 12:09:26 ----D---- C:\Windows\CbsTemp
2018-08-19 12:09:08 ----D---- C:\Windows\system32\Macromed
2018-08-19 12:09:06 ----D---- C:\Windows\SYSWOW64\Macromed
2018-08-15 07:42:13 ----D---- C:\Program Files\NVIDIA Corporation
2018-08-15 07:37:40 ----D---- C:\ProgramData\NVIDIA Corporation
2018-08-12 16:16:52 ----SHD---- C:\Recovery
2018-08-12 15:01:11 ----HD---- C:\ProgramData
2018-08-12 10:51:27 ----D---- C:\ProgramData\Package Cache
2018-08-12 10:50:17 ----RSD---- C:\Windows\assembly
2018-08-10 23:10:12 ----D---- C:\Windows\system32\drivers\wd
2018-08-10 22:58:32 ----D---- C:\Program Files\Common Files\microsoft shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-08-26 201320]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-08-26 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-08-26 59568]
R0 aswElam;aswElam; C:\Windows\system32\drivers\aswElam.sys [2018-07-18 15360]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-08-28 87904]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-08-26 381560]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2018-04-12 58272]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2018-04-12 304032]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\Windows\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-08-26 199712]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-08-26 229384]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-08-26 249016]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-08-26 111864]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-08-26 1027720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-09-04 467320]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2018-05-24 27552]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-08-26 163272]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-09-05 215728]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2018-04-12 414208]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2018-04-12 43520]
R3 AmUStor;@oem29.inf,%AmUStor.SvcDesc%;Al USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2018-05-24 90560]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\System32\drivers\lvbflt64.sys [2018-05-24 26784]
R3 ETDSMBus;ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [2018-05-24 32840]
R3 LVRS64;@oem7.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-10-26 351520]
R3 LVUVC64;@oem6.inf,%PID_081D_DD%(UVC);Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-10-26 4758176]
R3 ManyCam;@oem35.inf,%ManyCam.DeviceDesc%;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-12-29 49272]
R3 mcaudrv_simple;@oem36.inf,%mcaudrv_simple.SvcDesc%;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-12-29 35960]
R3 NVHDA;@oem20.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-05-07 226280]
R3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52ac7eb8f32780d5\nvlddmkm.sys [2018-08-01 17211376]
R3 nvvad_WaveExtensible;@oem37.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-06-08 69544]
R3 nvvhci;@oem39.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys [2018-04-24 65792]
R3 rt640x64;@oem31.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2018-05-24 1024384]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2018-04-12 128416]
S1 kpolwntw;kpolwntw; \??\C:\Windows\system32\drivers\kpolwntw.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2018-04-12 127384]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2018-04-12 162712]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2018-04-12 143768]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-08-26 46968]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem30.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2018-05-24 131984]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2018-07-27 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2018-07-27 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2018-07-27 30528]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2018-04-12 73632]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-07-12 30656]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 smbdirect;smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [2018-04-12 152064]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-08-26 322464]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_2309f3;Uživatelská služba platformy připojených zařízení_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2018-04-12 51288]
R2 ManyCam Service;ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [2015-12-15 77528]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19 764456]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-07-30 767184]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-07-19 629800]
R2 OneSyncSvc_2309f3;Hostitel synchronizace_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2018-06-15 761440]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\Windows\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-08-26 7994520]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2018-04-12 51288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2018-04-12 51288]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2018-04-12 51288]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_2309f3;Data kontaktů_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S2 debugregsvc;@%SystemRoot%\system32\debugregsvc.dll,-200; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-14 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-19 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-08-26 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_2309f3;Uživatelská služba pro GameDVR a vysílání her_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_2309f3;Služba pro podporu uživatelů Bluetooth_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 CaptureService_2309f3;CaptureService_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 DeveloperToolsService;Developer Tools Service; C:\Windows\System32\DeveloperToolsSvc.exe [2018-04-10 151040]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_2309f3;DevicePicker_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_2309f3;Tok zařízení_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-04-12 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-02-14 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-14 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-12-21 177376]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_2309f3;Služba zasílání zpráv_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19 764456]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_2309f3;PrintWorkflow_2309f3; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2018-04-12 51288]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-04-12 4737448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2018-04-28 826776]
S4 dmwappushservice;dmwappushsvc; C:\Windows\system32\svchost.exe [2018-04-12 51288]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\Windows\System32\svchost.exe [2018-04-12 51288]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Občas mi zamrzne PC

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Re: Občas mi zamrzne PC

#3 Příspěvek od toox »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-08-2018
# Duration: 00:00:01
# OS: Windows 10 Education
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\YMER\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\b9d454989f239fa5b1e86101b6bde37b

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1370 octets] - [08/09/2018 13:25:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Občas mi zamrzne PC

#4 Příspěvek od Rudy »

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Re: Občas mi zamrzne PC

#5 Příspěvek od toox »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by YMER (administrator) on DESKTOP-00MKO9B (08-09-2018 15:30:46)
Running from E:\YMER\Downloads
Loaded Profiles: YMER (Available Profiles: YMER)
Platform: Windows 10 Education Version 1803 17134.165 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Users\YMER\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\YMER\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\YMER\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\YMER\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\YMER\AppData\Local\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Mozilla Corporation) C:\Users\YMER\AppData\Local\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\YMER\AppData\Local\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-26] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [uTorrent] => E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe [1983672 2018-04-18] (BitTorrent Inc.)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49762136 2018-08-08] (Skype Technologies S.A.)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{befebb7f-74f7-44af-93c9-456282bae772}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

FireFox:
========
FF DefaultProfile: undv1fpv.default
FF ProfilePath: C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\undv1fpv.default [2018-09-08]
FF Homepage: Mozilla\Firefox\Profiles\undv1fpv.default -> about:home
FF Extension: (YouTube to MP3) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\undv1fpv.default\Extensions\download.mp3@youtube.com.xpi [2018-08-25]
FF Extension: (Pinned Google Drive) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\undv1fpv.default\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2018-05-27]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\undv1fpv.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2018-06-27]
FF Extension: (YouTube High Definition) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\undv1fpv.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2018-07-29]
FF Extension: (Adblock Plus) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\undv1fpv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-19] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default [2018-09-05]
CHR Extension: (Prezentace) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-14]
CHR Extension: (Dokumenty) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-14]
CHR Extension: (Disk Google) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-14]
CHR Extension: (YouTube) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-14]
CHR Extension: (Unknown Space) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjdbdbhiomamecfnjahemfimgjamhjd [2018-07-03]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-05]
CHR Extension: (Tabulky) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-14]
CHR Extension: (Gmail) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-26] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-26] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-26] (AVAST Software)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel Corporation)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (Visicom Media Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 sshd; C:\Windows\System32\OpenSSH\sshd.exe [970240 2018-05-20] ()
S3 SshdBroker; C:\Windows\System32\SshdBroker.dll [286208 2018-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-10] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-10] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [90560 2018-05-24] (Alcorlink Corp.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-08-26] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-08-26] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-08-26] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-26] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-08-26] (AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15360 2018-07-18] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-08-26] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-08-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163272 2018-08-26] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-08-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-08-26] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215728 2018-09-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-08-26] (AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2018-05-24] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2018-05-24] (ELAN Microelectronic Corp.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-07-27] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-24] (REALiX(tm))
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52ac7eb8f32780d5\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1024384 2018-05-24] (Realtek )
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-08-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-08-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-10] (Microsoft Corporation)
S1 kpolwntw; \??\C:\Windows\system32\drivers\kpolwntw.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 15:30 - 2018-09-08 15:30 - 000000000 ____D C:\FRST
2018-09-08 13:25 - 2018-09-08 13:26 - 000000000 ____D C:\AdwCleaner
2018-09-08 11:56 - 2018-09-08 11:56 - 000000000 ____D C:\rsit
2018-09-08 11:56 - 2018-09-08 11:56 - 000000000 ____D C:\Program Files\trend micro
2018-09-04 16:31 - 2018-09-04 16:31 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center.lnk
2018-09-04 16:31 - 2018-09-04 16:31 - 000000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2018-09-04 15:57 - 2018-09-04 15:57 - 000000000 ____D C:\Users\YMER\Documents\Ubisoft
2018-09-04 15:56 - 2018-09-08 12:01 - 000000000 ____D C:\Program Files (x86)\Heroes of Might and Magic III HD Edition
2018-09-04 15:56 - 2018-09-04 15:56 - 000001050 _____ C:\Users\Public\Desktop\Heroes of Might and Magic III HD Edition.lnk
2018-08-26 09:49 - 2018-08-26 09:49 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-23 21:47 - 2018-08-23 21:47 - 000001382 _____ C:\Users\Public\Desktop\Skype.lnk
2018-08-23 21:47 - 2018-08-23 21:47 - 000000000 ____D C:\Users\YMER\AppData\Roaming\Skype
2018-08-23 21:47 - 2018-08-23 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-08-19 12:05 - 2018-08-19 12:05 - 000000000 ____D C:\Users\YMER\AppData\Roaming\LOVE
2018-08-17 09:27 - 2018-08-17 09:27 - 000000000 ____D C:\Users\YMER\AppData\LocalLow\TrinityTeam
2018-08-15 07:42 - 2018-08-15 07:42 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-08-15 07:40 - 2018-08-01 11:50 - 004352880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 003769016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 002002448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439882.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 001565048 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 001467920 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439882.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 001420576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 001218528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 001094128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 000749936 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 000628920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 000608544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2018-08-15 07:40 - 2018-08-01 11:50 - 000518488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 040346808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 035250008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 031250184 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 025966552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 013728728 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 011273816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 001159120 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 000906808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 000816392 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-08-15 07:40 - 2018-08-01 11:49 - 000654760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-08-15 07:40 - 2018-08-01 11:48 - 017756224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-08-15 07:40 - 2018-08-01 11:48 - 015170808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-08-15 07:40 - 2018-08-01 11:48 - 001349384 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2018-08-15 07:40 - 2018-08-01 11:48 - 001065688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2018-08-15 07:40 - 2018-08-01 11:47 - 004128280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-08-12 16:16 - 2018-09-08 13:26 - 075759616 _____ C:\Windows\system32\config\SOFTWARE
2018-08-12 16:16 - 2018-08-12 16:16 - 000000000 ____D C:\Windows\Microsoft Antimalware
2018-08-12 15:01 - 2018-08-12 15:01 - 000001915 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-08-12 15:01 - 2018-08-12 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-12 15:01 - 2018-08-12 15:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-12 15:01 - 2018-08-12 15:01 - 000000000 ____D C:\Program Files\Malwarebytes
2018-08-12 15:01 - 2018-06-19 14:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-08-12 10:58 - 2018-08-12 10:58 - 000000000 ____D C:\Users\YMER\Documents\Rockstar Games
2018-08-12 10:58 - 2018-08-12 10:58 - 000000000 ____D C:\Users\YMER\AppData\Roaming\A
2018-08-12 10:58 - 2018-08-12 10:58 - 000000000 ____D C:\Users\YMER\AppData\Local\Rockstar Games
2018-08-12 10:58 - 2018-08-12 10:58 - 000000000 ____D C:\ProgramData\Socialclub
2018-08-12 10:56 - 2018-08-12 10:56 - 000000499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2018-08-12 10:49 - 2018-08-12 10:49 - 000000000 ____D C:\Program Files\Rockstar Games
2018-08-12 10:49 - 2018-08-12 10:49 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-08-12 10:18 - 2018-08-12 10:56 - 000000499 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2018-08-12 09:28 - 2018-08-23 10:47 - 000000000 ____D C:\Users\YMER\Documents\American Truck Simulator
2018-08-11 18:10 - 2018-08-11 18:10 - 000000000 ____D C:\Users\YMER\AppData\Local\SKIDROW
2018-08-11 18:09 - 2018-08-11 18:09 - 000000708 _____ C:\Users\Public\Desktop\Hitman Absolution.lnk
2018-08-11 18:09 - 2018-08-11 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution
2018-08-10 23:04 - 2018-08-10 23:17 - 000000000 ____D C:\Users\YMER\Documents\Assassin's Creed Syndicate
2018-08-10 23:04 - 2018-08-10 23:04 - 000000000 ____D C:\Users\YMER\AppData\Roaming\uplay
2018-08-10 22:57 - 2018-08-10 22:57 - 000000756 _____ C:\Users\Public\Desktop\Assassins Creed - Syndicate.lnk
2018-08-10 22:57 - 2018-08-10 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed - Syndicate
2018-08-10 20:03 - 2018-08-10 20:10 - 000000000 ____D C:\Users\YMER\Documents\Project CARS 2
2018-08-10 20:03 - 2018-08-10 20:03 - 000000000 ____D C:\ProgramData\Slightly Mad Studios

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 15:23 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-08 15:13 - 2018-05-12 18:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-09-08 14:22 - 2018-05-13 09:14 - 000002896 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2018-09-08 14:22 - 2018-05-13 09:14 - 000002444 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2018-09-08 14:22 - 2018-05-13 09:14 - 000002392 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2018-09-08 14:22 - 2018-05-13 09:14 - 000002388 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2018-09-08 14:22 - 2018-05-13 09:14 - 000002374 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2018-09-08 14:22 - 2018-05-13 09:14 - 000002370 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2018-09-08 14:22 - 2018-05-12 23:25 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-09-08 14:14 - 2018-05-12 18:42 - 000000000 ____D C:\Users\YMER\AppData\LocalLow\Mozilla
2018-09-08 13:32 - 2018-05-12 18:24 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-08 13:32 - 2018-04-12 17:51 - 000715034 _____ C:\Windows\system32\perfh005.dat
2018-09-08 13:32 - 2018-04-12 17:51 - 000144328 _____ C:\Windows\system32\perfc005.dat
2018-09-08 13:32 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2018-09-08 13:27 - 2018-05-12 18:27 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-08 13:27 - 2018-05-12 18:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-08 13:26 - 2018-05-24 16:29 - 000000000 ____D C:\Users\YMER\AppData\Roaming\IObit
2018-09-08 13:26 - 2018-05-12 18:21 - 000000000 ____D C:\Users\YMER
2018-09-08 13:26 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2018-09-08 13:05 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2018-09-08 09:13 - 2018-05-12 18:42 - 000001273 _____ C:\Users\YMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-08 09:13 - 2018-05-12 18:42 - 000000000 ____D C:\Users\YMER\AppData\Local\Mozilla Firefox
2018-09-07 09:16 - 2018-05-12 23:25 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-06 19:45 - 2018-06-14 07:31 - 000000000 ____D C:\Users\YMER\AppData\Local\CrashDumps
2018-09-05 17:49 - 2018-05-12 23:25 - 000215728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-04 17:49 - 2018-05-12 23:25 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-08-30 16:56 - 2017-12-08 20:50 - 000000000 ____D C:\Users\YMER\Documents\ViberDownloads
2018-08-28 17:49 - 2018-05-12 23:25 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-08-27 16:51 - 2017-10-07 08:14 - 000000000 ____D C:\Users\YMER\Documents\fler 2018
2018-08-26 20:45 - 2018-05-13 09:13 - 000002342 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe
2018-08-26 09:49 - 2018-05-12 23:25 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000163272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-08-26 09:49 - 2018-05-12 23:25 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-08-26 09:49 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-08-25 20:33 - 2018-07-16 16:43 - 000000000 ____D C:\Users\YMER\AppData\Local\ManyCam
2018-08-25 13:23 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-08-24 10:52 - 2018-05-22 18:57 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-08-23 21:56 - 2018-05-12 18:27 - 000000000 ____D C:\Temp
2018-08-23 17:18 - 2017-11-22 01:24 - 000000000 ____D C:\Users\YMER\Documents\Tickets
2018-08-22 08:52 - 2018-05-12 18:21 - 000000000 ____D C:\Users\YMER\AppData\Local\ConnectedDevicesPlatform
2018-08-22 06:50 - 2018-05-12 18:23 - 000000000 ____D C:\Users\YMER\AppData\Local\PlaceholderTileLogoFolder
2018-08-21 09:54 - 2018-05-12 18:21 - 000000000 ____D C:\Users\YMER\AppData\Local\Packages
2018-08-21 09:54 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-19 12:09 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-19 12:09 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-19 12:09 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2018-08-19 11:04 - 2018-05-12 20:55 - 000000000 ____D C:\Users\YMER\AppData\Local\NVIDIA
2018-08-15 08:02 - 2018-05-12 19:38 - 000000000 ____D C:\Users\YMER\AppData\Local\D3DSCache
2018-08-15 07:42 - 2018-05-12 18:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-08-15 07:37 - 2018-05-12 18:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-08-12 10:51 - 2018-05-12 20:12 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-10 23:10 - 2018-05-12 18:16 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-08-10 22:58 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-08-10 20:12 - 2018-05-14 20:38 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 20:12 - 2018-05-14 20:38 - 000002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-05-28 23:58 - 2018-07-24 14:44 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2018-05-15 20:07 - 2018-06-02 12:16 - 000003584 _____ () C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-05-12 20:18 - 2018-05-12 20:18 - 000000017 _____ () C:\Users\YMER\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-12 18:16

==================== End of FRST.txt ============================


:arrow:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by YMER (08-09-2018 15:31:29)
Running from E:\YMER\Downloads
Windows 10 Education Version 1803 17134.165 (X64) (2018-05-12 16:18:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-169180647-2445698039-3035944160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169180647-2445698039-3035944160-503 - Limited - Disabled)
Guest (S-1-5-21-169180647-2445698039-3035944160-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-169180647-2445698039-3035944160-504 - Limited - Disabled)
YMER (S-1-5-21-169180647-2445698039-3035944160-1001 - Administrator - Enabled) => C:\Users\YMER

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Age of Empires: Definitive Edition [FULL REMOVAL] (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\{1F36588A-148D-4BED-AD83-12C63E1F780E}_is1) (Version: 1.3.5101.2 - Microsoft Studios)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Syndicate (HKLM-x32\...\Assassins Creed - Syndicate_is1) (Version: 1.12.0.0 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Batman Arkham Knight (HKLM-x32\...\Batman Arkham Knight_is1) (Version: 1.0.4.5 - Релиз от R.G. Steamgames)
Bud Spencer and Terence Hill Slaps And Beans (HKLM-x32\...\Bud Spencer and Terence Hill Slaps And Beans_is1) (Version: - )
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.29.5288 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Heroes of Might and Magic III HD Edition (HKLM-x32\...\SGVyb2Vzb2ZNaWdodGFuZE1hZ2ljSUlJSERFZGl0aW9u_is1) (Version: 1 - )
Hitman Absolution v1.0.446.0 (HKLM-x32\...\Hitman Absolution_is1) (Version: - )
Icecream Screen Recorder verze 5.30 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.30 - Icecream Apps)
Intel(R) Update Manager (HKLM-x32\...\{AA8BC571-E96E-4478-927F-CB44CC7D7D07}) (Version: 3.5.2247 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.5.2.400 - Intel Corporation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - )
Mozilla Firefox 62.0 (x64 en-US) (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Mozilla Firefox 62.0 (x64 en-US)) (Version: 62.0 - Mozilla)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.82 - NVIDIA Corporation) Hidden
Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Skype verze 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Ulož.to FileManager verze 2.40 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.40 - Uloz.to cloud a.s.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{F7773180-1A27-11E7-864D-C2A106E0D44C}) (Version: 14.0.252 - VEGAS)
WebM Project Directshow Filters (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinTools.net Premium version 18.3.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.3.1 - WinTools Software Engineering, Ltd.)
Wolfenstein The Old Blood (HKLM-x32\...\{1A6EABD2-7063-4879-909C-D2C567DE5AB9}) (Version: 1.0.0 - Bethesda)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-07-30] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1AC345DB-4580-4478-AC2F-20113B9AFBCB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {3ACCC9F8-B9D3-4120-8B9D-9AEA1940A74A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [2018-07-19] (Microsoft)
Task: {5F12F3BB-3A7D-4072-A1B4-C2DC3303F740} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-26] (AVAST Software)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {71D05E32-FE43-454E-8CF0-C6884B323213} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {72269900-38AC-424A-A4C5-D240FD6A71F0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2018-07-19] (Microsoft Corporation)
Task: {79D688C3-C226-4A6E-9C5A-82BB92E210C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-08-18] (AVAST Software)
Task: {8B9B833C-CD43-40F7-805D-0EE2276F6223} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => rundll32.exe url.dll,OpenURL hxxp://go.microsoft.com/fwlink/?LinkID=130644
Task: {A31E0422-AE8C-4A3E-8D0E-3C2E147358E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2018-07-19] (Microsoft Corporation)
Task: {BA275E91-D49A-4015-8201-246518447F57} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2018-07-19] (Microsoft Corporation)
Task: {E884A262-B17B-4797-870F-273D05121EF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {EBD9B64B-B57D-4380-852D-5A60FC817FEF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2018-07-19] (Microsoft Corporation)
Task: {EE287196-5399-4B11-B186-3251014985CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2018-07-19] (Microsoft)
Task: {FA211A20-E0C1-4156-8016-4AF3CC92CCF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-05-24 15:02 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-11 11:58 - 2018-07-06 08:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-12 18:54 - 2018-05-12 18:54 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-12 18:54 - 2018-05-12 18:54 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-12 18:54 - 2018-05-12 18:54 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntCommon.dll
2018-04-12 17:56 - 2018-04-12 17:56 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-12 18:54 - 2018-05-12 18:54 - 009283072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntPlat.dll
2018-05-12 23:25 - 2018-05-12 23:25 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-26 09:49 - 2018-08-26 09:49 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-169180647-2445698039-3035944160-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "LWS"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrace produktu.lnk"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{784F624B-98DE-4BAC-A79B-96EB57DD581C}C:\program files\fifa18\fifa18.exe] => (Block) C:\program files\fifa18\fifa18.exe
FirewallRules: [UDP Query User{4339F7F1-AE07-4AF2-97F1-940216ABF0FE}C:\program files\fifa18\fifa18.exe] => (Block) C:\program files\fifa18\fifa18.exe
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe
FirewallRules: [TCP Query User{9CC264C7-A724-4A17-B5E2-2DC55958B989}E:\ymer\appdata\roaming\utorrent\utorrent.exe] => (Allow) E:\ymer\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8076AA0B-D54B-4519-B483-2683973B12E4}E:\ymer\appdata\roaming\utorrent\utorrent.exe] => (Allow) E:\ymer\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{1E74BCD0-1DDC-4A02-94C0-248432757734}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{81E73763-65A6-4728-90D2-FA284683CB41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{FB600992-DB5B-4089-B1D1-F5E3B5628ECF}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe
FirewallRules: [UDP Query User{09799398-045D-4372-90AF-B687258EF541}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe
FirewallRules: [{E0E98292-19D0-4908-A1E6-85D174BD5CB8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E8724A30-F49C-4523-B27F-C5EE2DB8D87C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{6CC97A22-28F2-46F8-B229-940A1431664F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B2085A7A-8A96-4345-B2ED-016C48AEAE2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5448F61C-77A9-4632-9C7F-10A4AE759168}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{09E62CE4-9B49-43BA-B4BD-CB43ADBC79E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7328C70-8708-48D8-A4F6-CA6BB5F21FB8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8BE7BDBE-961F-424F-B862-D02B04DD896B}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{BDBE58D0-9D03-4302-9205-CA498D8F30D4}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{42F2BC32-AD05-44ED-B38C-FD04013351A3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{EFA8145A-A7DB-42A8-8591-798779B9B2A1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{02EF64D9-74D7-4167-843D-47B90FCF7595}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{235A9530-4752-4018-98BF-989F1C592166}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

19-08-2018 12:09:06 Windows Update
27-08-2018 15:22:11 Naplánovaný kontrolní bod
04-09-2018 16:30:48 DCInstallRestorePoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2018 01:28:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/08/2018 01:28:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/08/2018 12:59:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/08/2018 12:28:05 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-00MKO9B)
Description: httphttp-2147467263

Error: (09/08/2018 09:13:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.

Error: (09/08/2018 08:06:34 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/08/2018 08:06:33 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/08/2018 08:06:13 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=2


System errors:
=============
Error: (09/08/2018 02:01:44 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Uživatelská služba nabízených oznámení Windows_3fbc6, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (09/08/2018 02:01:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_3fbc6 byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/08/2018 01:35:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_3fbc6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/08/2018 01:26:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (09/08/2018 01:26:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ManyCam Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/08/2018 01:26:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (09/08/2018 01:26:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (09/08/2018 12:58:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:42:44, ‎08.‎09.‎2018) bylo neočekávané.


Windows Defender:
===================================
Date: 2018-08-12 13:53:08.881
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C31CD767-0A7D-481B-BC3E-6EA8999EB489}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-28 02:49:36.526
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {40FD5BC1-3BE3-45B2-91AE-87528C0A660B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-00MKO9B\YMER

Date: 2018-07-27 20:42:31.127
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:57.974
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:43.866
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 38%
Total physical RAM: 8183.49 MB
Available physical RAM: 5012.96 MB
Total Virtual: 10167.49 MB
Available Virtual: 5856.71 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:223.58 GB) (Free:60.81 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (HDD) (Fixed) (Total:931.41 GB) (Free:273.43 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0201E900)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7F2C3E95)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Občas mi zamrzne PC

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
S1 kpolwntw; \??\C:\Windows\system32\drivers\kpolwntw.sys [X]
C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
Uložte do E:\YMER\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Re: Občas mi zamrzne PC

#7 Příspěvek od toox »

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by YMER (08-09-2018 20:33:51) Run:1
Running from E:\YMER\Downloads
Loaded Profiles: YMER (Available Profiles: YMER)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
S1 kpolwntw; \??\C:\Windows\system32\drivers\kpolwntw.sys [X]
C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKLM\System\CurrentControlSet\Services\kpolwntw" => removed successfully
kpolwntw => service removed successfully
C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 147891227 B
Java, Flash, Steam htmlcache => 1443 B
Windows/system/drivers => 16656 B
Edge => 173056 B
Chrome => 67905179 B
Firefox => 1088915911 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 29058 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
YMER => 267529792 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:34:12 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Občas mi zamrzne PC

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Re: Občas mi zamrzne PC

#9 Příspěvek od toox »

řekl bych že v pořádku

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Občas mi zamrzne PC

#10 Příspěvek od Rudy »

Tak to jsem rád. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

toox
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 274
Registrován: 28 dub 2008 18:06
Bydliště: Tromaville

Re: Občas mi zamrzne PC

#11 Příspěvek od toox »

Díky moc, co tam bylo za havěť ? :boxed:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Občas mi zamrzne PC

#12 Příspěvek od Rudy »

Nemáte zač. Byl tam rootkit a nějaké zbytečnosti.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět