Prosím o kontrolu logu

Zpráva

_Daniel · #1 Příspěvek od **_Daniel** » 06 led 2018 10:26

Dobrý den

,
rád bych poprosil o kotrolu logu. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by PC (administrator) on DESKTOP-LFV6924 (06-01-2018 10:23:58)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Electronic Arts) D:\Program files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
() C:\Program Files (x86)\NZXT\CAM\CAM_Client_V3.exe
(KYE) C:\Program Files (x86)\Genius\Manticore\MTHid.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
() C:\Program Files (x86)\NZXT\CAM\FPS\CAMFPS.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSISvc32.exe
() C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSISvc64.exe
(GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor)
HKLM\...\Run: [NahimicMSIUILauncher] => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-07] ()
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1490624 2017-11-21] (COMODO)
HKLM-x32\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe [45680 2016-02-04] ()
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Genius\Manticore\MThid.exe [292864 2014-01-23] (KYE)
HKLM-x32\...\Run: [LWS] => D:\Program files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3291072 2016-07-01] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [Discord] => C:\Users\PC\AppData\Local\Discord\app-0.0.299\Discord.exe [57954808 2017-12-11] (Discord Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2017-09-02]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-09-06]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{2908ab1e-4065-4ed1-a74c-a18f1de39c9a}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3141721857-2675143599-3284954913-1001 -> hxxps://www.seznam.cz/
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2016-10-25]
Edge Extension: (BetterTTV) -> EdgeExtension_NightDevLLCBetterTTV_em2bntgxg4wdp => C:\Program Files\WindowsApps\NightDevLLC.BetterTTV_7.2.0.0_neutral__em2bntgxg4wdp [2017-09-28]

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2018-01-06]
CHR Extension: (Google Translate) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (BetterTTV) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-03]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-03]
CHR Extension: (Dark YouTube Theme - Black YouTube & FB Skin) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\djhcepodfooinnfhfccmoeabagbjchhg [2017-11-25]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-07]
CHR Extension: (Tiësto) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh [2017-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6998536 2017-12-14] ()
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10880832 2017-11-21] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-11-21] (COMODO)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [532552 2017-12-07] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8345672 2017-12-07] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2017-04-05] (Rivet Networks)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program files (x86)\Origin\OriginClientService.exe [2155328 2017-12-19] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program files (x86)\Origin\OriginWebHelperService.exe [3025224 2017-12-19] (Electronic Arts)
S3 OverwolfUpdater; D:\Program files (x86)\Overwolf\OverwolfUpdater.exe [1450824 2017-09-10] (Overwolf LTD)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [379192 2015-03-20] (NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3335008 2015-03-20] (NETGATE Technologies s.r.o.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-14] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-14] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [148200 2017-04-03] (Rivet Networks, LLC.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44088 2017-11-17] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [833096 2017-11-17] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-11-17] (COMODO)
R3 cpuz138; C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2017-12-14] (CPUID) <==== ATTENTION
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164584 2017-03-14] (Qualcomm Atheros, Inc.)
R3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] ()
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-11-17] (COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R1 MpKsl42c908ee; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1D8DEB82-4A27-4313-9C4D-F7D0C53369B0}\MpKsl42c908ee.sys [58120 2018-01-05] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d37ca5c2cde53609\nvlddmkm.sys [17028552 2017-12-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-11-14] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-28] (NVIDIA Corporation)
S3 SaiHFF04; C:\WINDOWS\system32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\WINDOWS\system32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2015-12-08] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51488 2015-12-08] (Saitek)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-14] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-14] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-14] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\NZXT\CAM\CAM_Client_V3.sys [14544 2017-12-14] (OpenLibSys.org)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [47096 2017-12-24] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-06 10:23 - 2018-01-06 10:24 - 000017561 _____ C:\Users\PC\Desktop\FRST.txt
2018-01-06 10:16 - 2018-01-06 10:16 - 002393088 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2017-12-20 17:47 - 2017-12-20 17:47 - 000002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-12-20 17:47 - 2017-12-20 17:47 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-12-20 17:47 - 2017-12-16 00:15 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-12-20 17:47 - 2017-12-15 23:47 - 000143960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-12-20 17:47 - 2017-09-14 00:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-12-20 17:47 - 2017-09-14 00:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-12-20 17:47 - 2017-09-14 00:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-12-20 17:47 - 2017-09-14 00:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-12-20 17:45 - 2017-12-16 01:23 - 040237456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 036350960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 035157488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 029381936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 023267096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 019040512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 013867656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 011781912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 004202992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 003615032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 001990128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438871.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 001674736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438871.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 001321448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 001101104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 001038496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000980880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000933360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000740144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-12-20 17:45 - 2017-12-16 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-12-17 20:44 - 2017-12-17 20:45 - 000000000 ____D C:\Users\PC\AppData\Roaming\DarkSoulsII
2017-12-14 11:03 - 2017-12-15 00:21 - 000000000 ____D C:\Users\PC\AppData\Roaming\discord
2017-12-14 11:03 - 2017-12-14 11:03 - 000000000 ____D C:\Users\PC\AppData\Local\Discord
2017-12-14 00:35 - 2018-01-04 21:16 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-14 00:35 - 2017-12-14 00:35 - 001129816 _____ (Google Inc.) C:\Users\PC\Downloads\ChromeSetup.exe
2017-12-14 00:30 - 2018-01-06 03:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2017-12-14 00:29 - 2017-12-14 00:29 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2017-12-14 00:29 - 2017-12-14 00:29 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2017-12-14 00:23 - 2017-12-08 07:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-14 00:23 - 2017-12-08 00:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-14 00:23 - 2017-12-08 00:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-14 00:23 - 2017-12-08 00:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-14 00:23 - 2017-12-08 00:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-14 00:23 - 2017-12-08 00:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-14 00:23 - 2017-12-08 00:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-14 00:23 - 2017-12-08 00:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-14 00:23 - 2017-12-08 00:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-14 00:23 - 2017-12-08 00:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-14 00:23 - 2017-12-08 00:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-14 00:23 - 2017-12-08 00:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-14 00:23 - 2017-12-08 00:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-14 00:23 - 2017-12-08 00:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-14 00:23 - 2017-12-08 00:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-14 00:23 - 2017-12-08 00:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-14 00:23 - 2017-12-08 00:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-14 00:23 - 2017-12-08 00:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-14 00:23 - 2017-12-08 00:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-14 00:23 - 2017-12-08 00:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-14 00:23 - 2017-12-08 00:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-14 00:23 - 2017-12-08 00:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-14 00:23 - 2017-12-08 00:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-14 00:23 - 2017-12-08 00:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-14 00:23 - 2017-12-08 00:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-14 00:23 - 2017-12-08 00:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-14 00:23 - 2017-12-08 00:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-14 00:23 - 2017-12-08 00:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-14 00:23 - 2017-12-08 00:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-14 00:23 - 2017-12-08 00:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-14 00:23 - 2017-12-08 00:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-14 00:23 - 2017-12-08 00:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-14 00:23 - 2017-12-08 00:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-14 00:23 - 2017-12-08 00:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-14 00:23 - 2017-12-08 00:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-14 00:23 - 2017-12-07 23:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-14 00:23 - 2017-12-07 23:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-14 00:23 - 2017-12-07 23:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-14 00:23 - 2017-12-07 23:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-14 00:23 - 2017-12-07 23:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-14 00:23 - 2017-12-07 23:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-14 00:23 - 2017-12-07 23:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-14 00:23 - 2017-12-07 23:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-14 00:23 - 2017-12-07 23:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-14 00:23 - 2017-12-07 23:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-14 00:23 - 2017-12-07 23:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-14 00:23 - 2017-12-07 23:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-14 00:23 - 2017-12-07 23:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-14 00:23 - 2017-12-07 23:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-14 00:23 - 2017-12-07 23:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-14 00:23 - 2017-12-07 23:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-14 00:23 - 2017-12-07 23:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-14 00:23 - 2017-12-07 23:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-14 00:23 - 2017-12-07 23:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-14 00:23 - 2017-12-07 23:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-14 00:23 - 2017-12-07 23:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-14 00:23 - 2017-12-07 23:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-14 00:23 - 2017-12-07 23:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 00:23 - 2017-12-07 23:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-14 00:23 - 2017-12-07 23:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-14 00:23 - 2017-12-07 23:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-14 00:23 - 2017-12-07 23:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-14 00:23 - 2017-12-07 23:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-14 00:23 - 2017-12-07 23:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-14 00:23 - 2017-12-07 23:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 00:23 - 2017-12-07 23:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-14 00:23 - 2017-12-07 23:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 00:23 - 2017-12-07 23:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-14 00:23 - 2017-12-07 23:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-14 00:23 - 2017-12-07 23:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 00:23 - 2017-12-07 23:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 00:23 - 2017-12-07 23:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-14 00:23 - 2017-12-07 23:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-14 00:23 - 2017-12-07 23:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 00:23 - 2017-12-07 23:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-14 00:23 - 2017-12-07 23:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-14 00:23 - 2017-12-07 23:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 00:23 - 2017-12-07 23:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-14 00:23 - 2017-12-07 23:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-14 00:23 - 2017-12-07 23:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-14 00:23 - 2017-12-07 23:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 00:23 - 2017-12-07 23:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-14 00:23 - 2017-12-07 23:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 00:23 - 2017-12-07 23:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-14 00:23 - 2017-12-07 23:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-14 00:23 - 2017-12-07 23:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-14 00:23 - 2017-12-07 23:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-14 00:23 - 2017-12-07 23:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-14 00:23 - 2017-12-07 23:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-14 00:23 - 2017-12-07 23:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 00:23 - 2017-12-07 23:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 00:23 - 2017-12-07 23:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 00:23 - 2017-12-07 23:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-14 00:23 - 2017-12-07 23:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-14 00:23 - 2017-12-07 23:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-14 00:23 - 2017-12-07 23:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-14 00:23 - 2017-12-07 23:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 00:23 - 2017-12-07 23:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-14 00:23 - 2017-12-07 23:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-14 00:23 - 2017-12-07 23:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-14 00:23 - 2017-12-07 23:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-14 00:23 - 2017-12-07 23:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-14 00:23 - 2017-12-07 23:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-14 00:23 - 2017-12-07 23:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-14 00:23 - 2017-12-07 23:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-14 00:23 - 2017-12-07 23:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-14 00:23 - 2017-12-07 23:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-14 00:23 - 2017-12-07 23:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-14 00:23 - 2017-12-07 23:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-14 00:23 - 2017-12-07 23:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-14 00:23 - 2017-12-07 23:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-14 00:23 - 2017-12-07 23:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-14 00:23 - 2017-12-07 22:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-14 00:23 - 2017-12-07 22:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-14 00:23 - 2017-12-07 22:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-14 00:23 - 2017-12-07 22:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-14 00:23 - 2017-12-07 22:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-14 00:23 - 2017-12-07 22:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-14 00:23 - 2017-12-07 22:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-14 00:23 - 2017-12-07 22:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-14 00:23 - 2017-12-07 22:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-14 00:23 - 2017-12-07 22:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-14 00:23 - 2017-12-07 22:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-14 00:23 - 2017-12-07 22:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-14 00:23 - 2017-12-07 22:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-14 00:23 - 2017-12-07 22:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-14 00:23 - 2017-12-07 22:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-14 00:23 - 2017-12-07 22:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-14 00:23 - 2017-12-07 22:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-14 00:23 - 2017-12-07 22:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-14 00:22 - 2017-12-14 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2017-12-14 00:22 - 2017-08-08 03:46 - 000256040 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2017-12-14 00:22 - 2017-08-08 03:46 - 000205536 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2017-12-14 00:22 - 2017-03-29 22:49 - 000062208 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2017-12-14 00:09 - 2017-12-05 22:17 - 001989944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438859.dll
2017-12-14 00:09 - 2017-12-05 22:17 - 001674736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438859.dll
2017-12-14 00:00 - 2017-12-14 00:00 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-13 23:59 - 2017-12-15 17:44 - 000000000 ____D C:\WINDOWS\Minidump
2017-12-13 23:52 - 2017-12-13 23:53 - 000000000 ____D C:\ProgramData\Avira
2017-12-13 23:52 - 2017-12-13 23:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira
2017-12-13 23:52 - 2017-12-13 23:52 - 000000000 ____D C:\Users\PC\AppData\Roaming\Mozilla
2017-12-13 23:49 - 2017-12-13 23:59 - 000000000 ____D C:\Program Files\Bitdefender Agent
2017-12-13 23:49 - 2017-12-13 23:49 - 000048789 _____ C:\ProgramData\agent.1513205392.bdinstall.bin
2017-12-13 23:49 - 2017-12-13 23:49 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2017-12-13 23:38 - 2017-12-14 00:38 - 000000000 ____D C:\Program Files (x86)\Comodo
2017-12-13 23:38 - 2017-12-13 23:38 - 000000000 ____D C:\Users\PC\AppData\Local\Comodo
2017-12-13 23:38 - 2017-12-13 23:38 - 000000000 ____D C:\Program Files\COMODO
2017-12-13 23:36 - 2017-12-13 23:36 - 000000000 ____D C:\ProgramData\Shared Space
2017-12-13 23:36 - 2017-12-13 23:36 - 000000000 ____D C:\ProgramData\Comodo Downloader
2017-12-13 15:38 - 2017-12-13 15:38 - 000015289 _____ C:\Users\PC\AppData\Local\recently-used.xbel

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-06 10:23 - 2016-06-20 17:04 - 000000000 ____D C:\FRST
2018-01-06 10:05 - 2017-12-01 18:51 - 000003254 _____ C:\WINDOWS\System32\Tasks\CAM
2018-01-06 10:04 - 2017-04-23 10:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-06 03:26 - 2017-09-02 07:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\obs-studio
2018-01-05 17:34 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-05 17:34 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-04 23:10 - 2016-04-10 13:21 - 000000000 ____D C:\ProgramData\Origin
2018-01-04 19:05 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-04 18:46 - 2016-04-10 13:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\Origin
2018-01-04 16:42 - 2017-12-01 18:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-01 04:11 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-01 03:47 - 2016-09-29 18:24 - 000000000 ____D C:\Users\PC\AppData\Local\UnrealEngine
2017-12-31 21:42 - 2016-04-03 08:29 - 000000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2017-12-28 21:57 - 2016-04-02 17:33 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2017-12-25 02:38 - 2016-04-02 19:31 - 000000000 ____D C:\Users\PC\AppData\Local\Ubisoft Game Launcher
2017-12-24 00:42 - 2016-04-02 15:21 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2017-12-24 00:35 - 2016-04-02 21:19 - 000047096 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-12-24 00:34 - 2016-04-02 19:43 - 000000000 ____D C:\Users\PC\AppData\Local\BlackDesertOnline
2017-12-23 20:28 - 2016-04-01 16:55 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-23 11:16 - 2016-04-27 17:11 - 000001124 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battle.lnk
2017-12-20 17:47 - 2017-11-19 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-20 17:47 - 2017-04-23 10:22 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-12-16 01:23 - 2017-11-19 09:49 - 004485376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-12-16 01:23 - 2017-11-19 09:49 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-12-16 01:23 - 2017-11-19 09:49 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-12-15 23:34 - 2017-11-19 09:46 - 005964688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-12-15 23:34 - 2017-11-19 09:46 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-12-15 23:34 - 2017-11-19 09:46 - 001767408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-12-15 23:34 - 2017-11-19 09:46 - 000608056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-12-15 23:34 - 2017-11-19 09:46 - 000450544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-12-15 23:34 - 2017-11-19 09:46 - 000123704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-12-15 23:34 - 2017-11-19 09:46 - 000082928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-12-15 17:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-14 19:17 - 2017-11-19 09:46 - 007917671 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-12-14 11:03 - 2017-08-09 17:07 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-12-14 11:03 - 2016-07-17 14:07 - 000000000 ____D C:\Users\PC\AppData\Local\SquirrelTemp
2017-12-14 00:39 - 2017-12-01 18:56 - 001888390 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-14 00:39 - 2017-09-30 15:31 - 000808206 _____ C:\WINDOWS\system32\perfh005.dat
2017-12-14 00:39 - 2017-09-30 15:31 - 000168034 _____ C:\WINDOWS\system32\perfc005.dat
2017-12-14 00:35 - 2016-08-20 18:51 - 000000000 ____D C:\Program Files (x86)\Google
2017-12-14 00:31 - 2016-04-01 11:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-14 00:30 - 2017-10-10 18:40 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-14 00:30 - 2016-04-01 11:29 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-14 00:25 - 2017-12-01 18:52 - 000000000 ___RD C:\Users\PC\3D Objects
2017-12-14 00:25 - 2017-12-01 18:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-14 00:25 - 2017-12-01 18:46 - 000310096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-14 00:25 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-14 00:24 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-14 00:24 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-14 00:24 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-14 00:24 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-14 00:24 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-14 00:24 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-14 00:22 - 2017-12-01 18:51 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-12-14 00:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-14 00:16 - 2016-04-02 15:15 - 000000000 ____D C:\ProgramData\AVAST Software
2017-12-14 00:07 - 2017-12-01 18:47 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2017-12-14 00:07 - 2016-04-01 11:30 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-14 00:00 - 2017-12-01 18:47 - 000000000 ____D C:\Users\PC
2017-12-14 00:00 - 2017-12-01 18:45 - 000000000 ____D C:\Windows.old
2017-12-14 00:00 - 2017-11-05 06:14 - 000045704 _____ () C:\WINDOWS\system32\Drivers\staport.sys
2017-12-14 00:00 - 2017-06-09 19:11 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-12-13 23:59 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2017-12-13 23:59 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2017-12-13 23:59 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2017-12-13 23:59 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2017-12-13 23:59 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2017-12-13 23:59 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2017-12-13 23:59 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2017-12-13 23:59 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\es-MX
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\com
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\L2Schemas
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2017-12-13 23:59 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-13 23:59 - 2017-09-16 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity - Original Sin 2 [GOG.com]
2017-12-13 23:59 - 2017-07-28 19:47 - 000000000 ____D C:\Users\PC\AppData\Roaming\KYE Manticore
2017-12-13 23:59 - 2016-04-03 17:24 - 000000000 ____D C:\Users\PC\AppData\Local\gtk-2.0
2017-12-13 23:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\registration
2017-12-13 23:49 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-13 23:38 - 2016-07-15 15:19 - 000000000 ____D C:\ProgramData\Comodo
2017-12-13 15:39 - 2016-04-03 17:06 - 000000000 ____D C:\Users\PC\.gimp-2.8
2017-12-09 11:04 - 2017-02-15 17:57 - 000000000 ____D C:\Users\PC\ansel
2017-12-07 20:17 - 2017-09-16 18:11 - 000001193 _____ C:\Users\Public\Desktop\Divinity - Original Sin 2.lnk

==================== Files in the root of some directories =======

2016-07-24 07:40 - 2017-09-06 21:11 - 000000000 _____ () C:\Users\PC\AppData\Local\Driver_LOM_8171Present.flag
2017-08-02 15:48 - 2017-08-02 15:48 - 000000291 _____ () C:\Users\PC\AppData\Local\ledConfiguration.config
2017-12-13 15:38 - 2017-12-13 15:38 - 000015289 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2016-07-14 18:03 - 2016-07-14 18:03 - 000007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-12-31 14:39 - 2018-01-05 21:45 - 000000000 _____ () C:\Users\PC\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2017-12-31 14:39 - 2018-01-05 21:45 - 000000017 _____ () C:\Users\PC\AppData\Local\Temp\41e698374c6ac53ba0fba31a0ac7c6af.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-05 21:06

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 07 led 2018 11:39

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

_Daniel · #3 Příspěvek od **_Daniel** » 07 led 2018 22:57

# AdwCleaner 7.0.6.0 - Logfile created on Sun Jan 07 21:55:20 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [1635 B] - [2016/6/20 14:12:45]
C:/AdwCleaner/AdwCleaner[C2].txt - [1177 B] - [2016/7/11 15:34:31]
C:/AdwCleaner/AdwCleaner[C3].txt - [1253 B] - [2016/9/9 15:32:29]
C:/AdwCleaner/AdwCleaner[C4].txt - [1733 B] - [2017/4/29 16:50:26]
C:/AdwCleaner/AdwCleaner[S1].txt - [1503 B] - [2016/6/20 14:12:3]
C:/AdwCleaner/AdwCleaner[S2].txt - [1081 B] - [2016/7/11 15:33:47]
C:/AdwCleaner/AdwCleaner[S3].txt - [1421 B] - [2016/9/9 15:32:20]
C:/AdwCleaner/AdwCleaner[S4].txt - [1486 B] - [2017/4/29 16:48:30]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt ##########

#4 Příspěvek od **Rudy** » 08 led 2018 14:44

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
C:\Users\PC\AppData\Local\Temp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
Task: {20748208-5238-434E-9916-9669848EFA41} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A915E02F-6845-4B4E-952E-B501B4A3F23C} - System32\Tasks\{719FB112-371C-418D-B2AD-F4645794BC06} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\PC\Downloads\RAT_3_Mouse_7_0_45_2_x64_Drivers.exe -d C:\Users\PC\Downloads

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_Daniel · #5 Příspěvek od **_Daniel** » 08 led 2018 16:43

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by PC (08-01-2018 16:39:26) Run:6
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
C:\Users\PC\AppData\Local\Temp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
Task: {20748208-5238-434E-9916-9669848EFA41} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A915E02F-6845-4B4E-952E-B501B4A3F23C} - System32\Tasks\{719FB112-371C-418D-B2AD-F4645794BC06} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\PC\Downloads\RAT_3_Mouse_7_0_45_2_x64_Drivers.exe -d C:\Users\PC\Downloads

EmptyTemp:
End
*****************

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully

"C:\Users\PC\AppData\Local\Temp" folder move:

C:\Users\PC\AppData\Local\Temp => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20748208-5238-434E-9916-9669848EFA41} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20748208-5238-434E-9916-9669848EFA41}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A915E02F-6845-4B4E-952E-B501B4A3F23C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A915E02F-6845-4B4E-952E-B501B4A3F23C}" => removed successfully
C:\WINDOWS\System32\Tasks\{719FB112-371C-418D-B2AD-F4645794BC06} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{719FB112-371C-418D-B2AD-F4645794BC06}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22444113 B
Java, Flash, Steam htmlcache => 348576460 B
Windows/system/drivers => 2351209 B
Edge => 15467371 B
Chrome => 454721972 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 12098 B
NetworkService => 221374 B
PC => 1155340 B

RecycleBin => 0 B
EmptyTemp: => 812.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:40:07 ====

#6 Příspěvek od **Rudy** » 08 led 2018 17:54

Smazáno. Log by již měl být OK.

_Daniel · #7 Příspěvek od **_Daniel** » 08 led 2018 21:34

Ok, mockrát děkuji za váš čas a ochotu.

#8 Příspěvek od **Rudy** » 08 led 2018 22:07

Rádo se stalo!

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu