Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu mého PC

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
tomik258
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 kvě 2009 17:53

Prosím o kontrolu logu mého PC

#1 Příspěvek od tomik258 »

Ahoj,

od poslední preventivky to jsou už skoro neuvěřitelné 2 roky, tak jsem si řekl že je čas opět trochu zkontrolovat systém.
Žádné problémy nepozoruji, NTB se chová standardně, startuje svižně, zvládá s grácií i náročnější úkony (na svůj věk). Minulý týden mi vyběhla BlueScreen po probuzení z hibernace či spánku, ale neopakuje se, ani nepozoruji žádné následky.

Předem díky!

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2018-07-16 09:43:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 145 GB (35%) free of 420 GB
Total RAM: 6088 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:43:52, on 16.7.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
C:\Users\Tom\Downloads\Core Temp.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\windows\SysWOW64\RunDll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Tom.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.2.2:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll,C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - E:\GAMES\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - E:\GAMES\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10717 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\windows\system32\WLANExt.exe 37866768
\??\C:\windows\system32\conhost.exe "-1821563594-2046208573-818623955-13635863581445873451170962677017199948391166946566
C:\windows\System32\spoolsv.exe
taskeng.exe {EFA85A18-5A8D-435A-A266-7DC5C5EB0E27}
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
taskeng.exe {FE5F8B43-CD24-412C-B821-4612D79B3D06}
"C:\Users\Tom\Downloads\Core Temp.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3064
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\windows\system32\SearchIndexer.exe /Embedding
rundll32 "C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgHooks.dll",Proc32_HooksLoop
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\windows\system32\conhost.exe "1050368073-395723525-1638757815-1006957578-2090538269574972045-746518467339009159
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\windows\system32\wuauclt.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Users\Tom\Desktop\RSITx64.exe"
"C:\windows\system32\RunDll32.exe" "C:\windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
C:\windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11 13776088]
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-05-02 1935120]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-28 2841896]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-05-19 789920]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2012-05-19 206176]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-05-19 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-05-19 5908928]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2013-11-07 171992]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2013-11-07 399832]
"Persistence"=C:\windows\system32\igfxpers.exe [2013-11-07 442328]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-11 1391472]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-11 1391472]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2017-09-19 1923008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-05-19 329056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-12 283160]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll C:\Windows\System32\nvinitx.dll,C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2013-11-07 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux9"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2018-07-11 16:59:54 ----A---- C:\windows\system32\mshtml.dll
2018-07-11 16:59:53 ----A---- C:\windows\SYSWOW64\mshtml.dll
2018-07-11 16:59:52 ----A---- C:\windows\system32\ieframe.dll
2018-07-11 16:59:51 ----A---- C:\windows\SYSWOW64\ieframe.dll
2018-07-11 16:59:50 ----A---- C:\windows\SYSWOW64\jscript9.dll
2018-07-11 16:59:50 ----A---- C:\windows\system32\shell32.dll
2018-07-11 16:59:50 ----A---- C:\windows\system32\jscript9.dll
2018-07-11 16:59:49 ----A---- C:\windows\SYSWOW64\shell32.dll
2018-07-11 16:59:49 ----A---- C:\windows\system32\drivers\tcpip.sys
2018-07-11 16:59:48 ----A---- C:\windows\SYSWOW64\vbscript.dll
2018-07-11 16:59:48 ----A---- C:\windows\SYSWOW64\urlmon.dll
2018-07-11 16:59:48 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2018-07-11 16:59:48 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2018-07-11 16:59:48 ----A---- C:\windows\system32\win32k.sys
2018-07-11 16:59:48 ----A---- C:\windows\system32\vbscript.dll
2018-07-11 16:59:48 ----A---- C:\windows\system32\urlmon.dll
2018-07-11 16:59:48 ----A---- C:\windows\system32\ucrtbase.dll
2018-07-11 16:59:48 ----A---- C:\windows\system32\ExplorerFrame.dll
2018-07-11 16:59:47 ----A---- C:\windows\SYSWOW64\zipfldr.dll
2018-07-11 16:59:47 ----A---- C:\windows\SYSWOW64\iertutil.dll
2018-07-11 16:59:47 ----A---- C:\windows\system32\zipfldr.dll
2018-07-11 16:59:47 ----A---- C:\windows\system32\wkssvc.dll
2018-07-11 16:59:47 ----A---- C:\windows\system32\iertutil.dll
2018-07-11 16:59:47 ----A---- C:\windows\system32\drivers\usbport.sys
2018-07-11 16:59:47 ----A---- C:\windows\system32\drivers\dfsc.sys
2018-07-11 16:59:47 ----A---- C:\windows\system32\dnsapi.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\ntdll.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\ntdll.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\iedkcs32.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2018-07-11 16:59:46 ----A---- C:\windows\system32\dnsrslvr.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 16:59:46 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 16:59:45 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2018-07-11 16:59:45 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2018-07-11 16:59:45 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 16:59:45 ----A---- C:\windows\system32\ntoskrnl.exe
2018-07-11 16:59:45 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2018-07-11 16:59:45 ----A---- C:\windows\system32\drivers\netio.sys
2018-07-11 16:59:45 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 16:59:45 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 16:59:45 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 16:59:44 ----A---- C:\windows\SYSWOW64\wininet.dll
2018-07-11 16:59:44 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2018-07-11 16:59:44 ----A---- C:\windows\SYSWOW64\dnscacheugc.exe
2018-07-11 16:59:44 ----A---- C:\windows\SYSWOW64\certcli.dll
2018-07-11 16:59:44 ----A---- C:\windows\system32\wininet.dll
2018-07-11 16:59:44 ----A---- C:\windows\system32\msrating.dll
2018-07-11 16:59:44 ----A---- C:\windows\system32\hal.dll
2018-07-11 16:59:44 ----A---- C:\windows\system32\dxtmsft.dll
2018-07-11 16:59:44 ----A---- C:\windows\system32\drivers\mpsdrv.sys
2018-07-11 16:59:44 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2018-07-11 16:59:44 ----A---- C:\windows\system32\drivers\ksecdd.sys
2018-07-11 16:59:44 ----A---- C:\windows\system32\dnscacheugc.exe
2018-07-11 16:59:44 ----A---- C:\windows\system32\certcli.dll
2018-07-11 16:59:43 ----A---- C:\windows\SYSWOW64\webcheck.dll
2018-07-11 16:59:43 ----A---- C:\windows\SYSWOW64\ole32.dll
2018-07-11 16:59:43 ----A---- C:\windows\SYSWOW64\msrating.dll
2018-07-11 16:59:43 ----A---- C:\windows\system32\webcheck.dll
2018-07-11 16:59:43 ----A---- C:\windows\system32\ole32.dll
2018-07-11 16:59:43 ----A---- C:\windows\system32\mshtmlmedia.dll
2018-07-11 16:59:43 ----A---- C:\windows\system32\msfeeds.dll
2018-07-11 16:59:43 ----A---- C:\windows\system32\inseng.dll
2018-07-11 16:59:43 ----A---- C:\windows\system32\dxtrans.dll
2018-07-11 16:59:43 ----A---- C:\windows\system32\drivers\usbhub.sys
2018-07-11 16:59:42 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2018-07-11 16:59:41 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2018-07-11 16:59:41 ----A---- C:\windows\system32\rstrui.exe
2018-07-11 16:59:41 ----A---- C:\windows\system32\rpcrt4.dll
2018-07-11 16:59:41 ----A---- C:\windows\system32\iesetup.dll
2018-07-11 16:59:41 ----A---- C:\windows\system32\drivers\usbccgp.sys
2018-07-11 16:59:41 ----A---- C:\windows\system32\conhost.exe
2018-07-11 16:59:40 ----A---- C:\windows\SYSWOW64\wdigest.dll
2018-07-11 16:59:40 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2018-07-11 16:59:40 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2018-07-11 16:59:40 ----A---- C:\windows\SYSWOW64\ieui.dll
2018-07-11 16:59:40 ----A---- C:\windows\SYSWOW64\iesetup.dll
2018-07-11 16:59:40 ----A---- C:\windows\SYSWOW64\advapi32.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\winsrv.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\wdigest.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\srcore.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\schannel.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\occache.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\mshtmled.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\lsasrv.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\kernel32.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\kerberos.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\jscript9diag.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\ieui.dll
2018-07-11 16:59:40 ----A---- C:\windows\system32\ie4uinit.exe
2018-07-11 16:59:40 ----A---- C:\windows\system32\advapi32.dll
2018-07-11 16:59:39 ----A---- C:\windows\SYSWOW64\schannel.dll
2018-07-11 16:59:39 ----A---- C:\windows\SYSWOW64\occache.dll
2018-07-11 16:59:39 ----A---- C:\windows\SYSWOW64\kerberos.dll
2018-07-11 16:59:39 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2018-07-11 16:59:39 ----A---- C:\windows\system32\TSpkg.dll
2018-07-11 16:59:39 ----A---- C:\windows\system32\smss.exe
2018-07-11 16:59:39 ----A---- C:\windows\system32\ncrypt.dll
2018-07-11 16:59:39 ----A---- C:\windows\system32\msv1_0.dll
2018-07-11 16:59:39 ----A---- C:\windows\system32\KernelBase.dll
2018-07-11 16:59:39 ----A---- C:\windows\system32\ieUnatt.exe
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\kernel32.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\inseng.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\iernonce.dll
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\auditpol.exe
2018-07-11 16:59:38 ----A---- C:\windows\SYSWOW64\appidapi.dll
2018-07-11 16:59:38 ----A---- C:\windows\system32\rpchttp.dll
2018-07-11 16:59:38 ----A---- C:\windows\system32\rpcss.dll
2018-07-11 16:59:38 ----A---- C:\windows\system32\ntvdm64.dll
2018-07-11 16:59:38 ----A---- C:\windows\system32\jsproxy.dll
2018-07-11 16:59:38 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 16:59:38 ----A---- C:\windows\system32\iernonce.dll
2018-07-11 16:59:38 ----A---- C:\windows\system32\drivers\videoprt.sys
2018-07-11 16:59:38 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2018-07-11 16:59:38 ----A---- C:\windows\system32\csrsrv.dll
2018-07-11 16:59:38 ----A---- C:\windows\system32\auditpol.exe
2018-07-11 16:59:38 ----A---- C:\windows\system32\appidsvc.dll
2018-07-11 16:59:38 ----A---- C:\windows\system32\appidapi.dll
2018-07-11 16:59:37 ----A---- C:\windows\SYSWOW64\sspicli.dll
2018-07-11 16:59:37 ----A---- C:\windows\SYSWOW64\setup16.exe
2018-07-11 16:59:37 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2018-07-11 16:59:37 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2018-07-11 16:59:37 ----A---- C:\windows\SYSWOW64\jscript.dll
2018-07-11 16:59:37 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\wow64win.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\wow64cpu.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\wow64.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\sspisrv.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\sspicli.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\secur32.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\MshtmlDac.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\lsass.exe
2018-07-11 16:59:37 ----A---- C:\windows\system32\jscript.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\ieetwproxystub.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\ieetwcollector.exe
2018-07-11 16:59:37 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2018-07-11 16:59:37 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2018-07-11 16:59:37 ----A---- C:\windows\system32\drivers\appid.sys
2018-07-11 16:59:37 ----A---- C:\windows\system32\cryptbase.dll
2018-07-11 16:59:37 ----A---- C:\windows\system32\bcrypt.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 16:59:36 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\wow32.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\srclient.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\secur32.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\FirewallAPI.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\credssp.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\comcat.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\bcrypt.dll
2018-07-11 16:59:36 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2018-07-11 16:59:36 ----A---- C:\windows\system32\srclient.dll
2018-07-11 16:59:36 ----A---- C:\windows\system32\setbcdlocale.dll
2018-07-11 16:59:36 ----A---- C:\windows\system32\MPSSVC.dll
2018-07-11 16:59:36 ----A---- C:\windows\system32\ieapfltr.dll
2018-07-11 16:59:36 ----A---- C:\windows\system32\icfupgd.dll
2018-07-11 16:59:36 ----A---- C:\windows\system32\FirewallAPI.dll
2018-07-11 16:59:36 ----A---- C:\windows\system32\drivers\usbehci.sys
2018-07-11 16:59:36 ----A---- C:\windows\system32\credssp.dll
2018-07-11 16:59:36 ----A---- C:\windows\system32\comcat.dll
2018-07-11 16:59:36 ----A---- C:\windows\system32\appidpolicyconverter.exe
2018-07-11 16:59:36 ----A---- C:\windows\system32\appidcertstorecheck.exe
2018-07-11 16:59:36 ----A---- C:\windows\system32\apisetschema.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 16:59:35 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 16:59:35 ----A---- C:\windows\SYSWOW64\wfapigp.dll
2018-07-11 16:59:35 ----A---- C:\windows\SYSWOW64\user.exe
2018-07-11 16:59:35 ----A---- C:\windows\SYSWOW64\oleres.dll
2018-07-11 16:59:35 ----A---- C:\windows\SYSWOW64\msobjs.dll
2018-07-11 16:59:35 ----A---- C:\windows\SYSWOW64\msaudite.dll
2018-07-11 16:59:35 ----A---- C:\windows\SYSWOW64\instnm.exe
2018-07-11 16:59:35 ----A---- C:\windows\SYSWOW64\adtschema.dll
2018-07-11 16:59:35 ----A---- C:\windows\system32\wfapigp.dll
2018-07-11 16:59:35 ----A---- C:\windows\system32\oleres.dll
2018-07-11 16:59:35 ----A---- C:\windows\system32\msobjs.dll
2018-07-11 16:59:35 ----A---- C:\windows\system32\msaudite.dll
2018-07-11 16:59:35 ----A---- C:\windows\system32\ieetwcollectorres.dll
2018-07-11 16:59:35 ----A---- C:\windows\system32\drivers\usbuhci.sys
2018-07-11 16:59:35 ----A---- C:\windows\system32\drivers\usbohci.sys
2018-07-11 16:59:35 ----A---- C:\windows\system32\drivers\usbd.sys
2018-07-11 16:59:35 ----A---- C:\windows\system32\adtschema.dll
2018-07-11 16:56:47 ----A---- C:\windows\system32\generaltel.dll
2018-07-11 16:56:47 ----A---- C:\windows\system32\appraiser.dll
2018-07-11 16:56:47 ----A---- C:\windows\system32\aitstatic.exe
2018-07-11 16:56:47 ----A---- C:\windows\system32\aeinv.dll
2018-07-11 16:56:46 ----A---- C:\windows\system32\invagent.dll
2018-07-11 16:56:46 ----A---- C:\windows\system32\devinv.dll
2018-07-11 16:56:46 ----A---- C:\windows\system32\CompatTelRunner.exe
2018-07-11 16:56:46 ----A---- C:\windows\system32\centel.dll
2018-07-11 16:56:46 ----A---- C:\windows\system32\aepic.dll
2018-07-11 16:56:46 ----A---- C:\windows\system32\acmigration.dll
2018-06-18 15:12:26 ----A---- C:\windows\SYSWOW64\webservices.dll
2018-06-18 15:12:26 ----A---- C:\windows\system32\webservices.dll
2018-06-18 15:12:21 ----A---- C:\windows\SYSWOW64\mf.dll
2018-06-18 15:12:21 ----A---- C:\windows\system32\mf.dll
2018-06-18 15:12:20 ----A---- C:\windows\SYSWOW64\hlink.dll
2018-06-18 15:12:20 ----A---- C:\windows\system32\winload.exe
2018-06-18 15:12:20 ----A---- C:\windows\system32\hlink.dll
2018-06-18 15:12:20 ----A---- C:\windows\system32\drivers\cng.sys
2018-06-18 15:12:20 ----A---- C:\windows\system32\ci.dll
2018-06-18 15:12:19 ----A---- C:\windows\system32\drivers\ntfs.sys
2018-06-18 15:12:18 ----A---- C:\windows\SYSWOW64\tzres.dll
2018-06-18 15:12:18 ----A---- C:\windows\SYSWOW64\mfps.dll
2018-06-18 15:12:18 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2018-06-18 15:12:18 ----A---- C:\windows\system32\tzres.dll
2018-06-18 15:12:18 ----A---- C:\windows\system32\mfps.dll
2018-06-18 15:12:18 ----A---- C:\windows\system32\mfpmp.exe
2018-06-18 15:12:18 ----A---- C:\windows\system32\drivers\hidparse.sys
2018-06-18 15:12:18 ----A---- C:\windows\system32\drivers\hidclass.sys
2018-06-18 15:12:17 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2018-06-18 15:12:17 ----A---- C:\windows\system32\inetcomm.dll
2018-06-18 15:12:17 ----A---- C:\windows\system32\drivers\hidusb.sys
2018-06-18 15:12:12 ----A---- C:\windows\system32\rrinstaller.exe
2018-06-18 15:12:11 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2018-06-18 15:12:10 ----A---- C:\windows\SYSWOW64\mferror.dll
2018-06-18 15:12:10 ----A---- C:\windows\SYSWOW64\INETRES.dll
2018-06-18 15:12:10 ----A---- C:\windows\system32\mferror.dll
2018-06-18 15:12:10 ----A---- C:\windows\system32\INETRES.dll

======List of files/folders modified in the last 1 month======

2018-07-16 09:43:48 ----D---- C:\Program Files\trend micro
2018-07-16 09:35:57 ----D---- C:\windows\System32
2018-07-16 09:35:57 ----A---- C:\windows\system32\PerfStringBackup.INI
2018-07-16 09:35:56 ----D---- C:\windows\inf
2018-07-16 09:33:45 ----A---- C:\windows\SYSWOW64\log.txt
2018-07-16 09:33:25 ----D---- C:\ProgramData\NVIDIA
2018-07-16 09:32:02 ----D---- C:\windows\temp
2018-07-16 09:31:48 ----D---- C:\windows\system32\config
2018-07-15 22:18:30 ----D---- C:\Users\Tom\AppData\Roaming\vlc
2018-07-15 18:49:04 ----D---- C:\windows\Microsoft.NET
2018-07-14 08:42:51 ----D---- C:\windows\Prefetch
2018-07-13 21:53:36 ----SHD---- C:\windows\Installer
2018-07-13 21:53:04 ----D---- C:\windows\SysWOW64
2018-07-13 21:40:06 ----D---- C:\windows\Minidump
2018-07-13 21:39:55 ----D---- C:\Windows
2018-07-13 18:40:00 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2018-07-13 18:36:48 ----SHD---- C:\System Volume Information
2018-07-12 20:48:44 ----D---- C:\Program Files\Google
2018-07-11 19:22:51 ----D---- C:\windows\rescache
2018-07-11 18:26:59 ----RSD---- C:\windows\assembly
2018-07-11 17:23:05 ----D---- C:\windows\winsxs
2018-07-11 17:17:07 ----D---- C:\windows\system32\appraiser
2018-07-11 17:17:04 ----D---- C:\Program Files\Internet Explorer
2018-07-11 17:17:03 ----D---- C:\windows\SYSWOW64\cs-CZ
2018-07-11 17:17:03 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-11 17:17:02 ----D---- C:\windows\SYSWOW64\en-US
2018-07-11 17:17:01 ----D---- C:\windows\system32\en-US
2018-07-11 17:17:01 ----D---- C:\windows\system32\drivers\cs-CZ
2018-07-11 17:17:01 ----D---- C:\windows\system32\drivers
2018-07-11 17:17:01 ----D---- C:\windows\system32\cs-CZ
2018-07-11 17:17:00 ----RSD---- C:\windows\Fonts
2018-07-11 17:16:59 ----D---- C:\windows\system32\Boot
2018-07-11 17:16:59 ----D---- C:\windows\AppPatch
2018-07-11 17:16:57 ----D---- C:\windows\system32\DriverStore
2018-07-11 17:07:31 ----D---- C:\windows\system32\MRT
2018-07-11 17:01:30 ----AC---- C:\windows\system32\MRT.exe
2018-07-11 16:49:43 ----D---- C:\windows\system32\catroot2
2018-07-10 16:38:12 ----D---- C:\windows\system32\NDF
2018-07-09 22:24:34 ----D---- C:\Program Files (x86)\Adobe
2018-07-09 22:23:51 ----D---- C:\windows\system32\Tasks
2018-06-18 21:26:20 ----D---- C:\Users\Tom\AppData\Roaming\Skype
2018-06-18 15:17:41 ----AC---- C:\windows\system32\MRT-KB890830.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2012-05-19 57952]
R0 fltsrv;Acronis Storage Filter Management; C:\windows\system32\DRIVERS\fltsrv.sys [2012-08-30 132704]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-05-19 39008]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2017-10-06 38336]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2012-05-19 13408]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2018-05-26 267304]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2018-05-26 200360]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R1 winioex;winioex; C:\windows\system32\drivers\winioex.sys [2012-05-19 15456]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2018-05-26 184184]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2012-05-19 29792]
R3 ALSysIO;ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys []
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 DelayMan;ACPI DelayMan Filter Service; C:\windows\system32\DRIVERS\delayman.sys [2012-05-19 20064]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 iwdbus;IWD Bus Enumerator; C:\windows\system32\DRIVERS\iwdbus.sys [2014-04-24 25528]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2011-05-09 425000]
R3 LgBttPort;LGE Bluetooth TransPort; C:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2017-09-19 48064]
R3 nvvhci;NVVHCI Enumerator Service; C:\windows\system32\DRIVERS\nvvhci.sys [2017-10-06 57792]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-10-28 398896]
R3 usb3Hub;UoIP Hub; C:\windows\system32\DRIVERS\usb3Hub.sys [2014-03-04 204184]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AF15BDA;AF9015 BDA Device; C:\windows\system32\DRIVERS\AF15BDA.sys [2014-05-19 507392]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2013-04-18 29184]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-09-29 80384]
S3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2011-05-13 437288]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2011-05-13 150568]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2011-05-13 164392]
S3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2011-05-13 89640]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2011-05-13 39976]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2011-05-13 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\windows\system32\DRIVERS\CtClsFlt.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-04-24 35256]
S3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2010-12-13 174168]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-09-19 30144]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 wdkmd;Intel WiDi KMD; C:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2011-05-12 970016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2018-06-14 2794224]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-02 1517328]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-06 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-09-19 449984]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2014-11-18 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-02 844560]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-12-11 292568]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; E:\GAMES\Origin\OriginWebHelperService.exe [2018-01-22 3025224]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-04-05 1860616]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
S3 Origin Client Service;Origin Client Service; E:\GAMES\Origin\OriginClientService.exe [2018-01-22 2155328]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-06-09 1673504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-08-29 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu mého PC

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomik258
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 kvě 2009 17:53

Re: Prosím o kontrolu logu mého PC

#3 Příspěvek od tomik258 »

Ahoj a díky za tvůj čas ! :)

Log je níže...


# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build: 07-04-2018
# Database: 2018-07-16.3
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-17-2018
# Duration: 00:00:03
# OS: Windows 7 Home Premium
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted davesviewpointdo

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1264 octets] - [17/07/2018 15:12:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu mého PC

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomik258
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 kvě 2009 17:53

Re: Prosím o kontrolu logu mého PC

#5 Příspěvek od tomik258 »

Ahoj, log je zde:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by Tom (administrator) on TOMES-PC (18-07-2018 15:27:51)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Users\Tom\Downloads\Core Temp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2841896 2011-10-28] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2012-05-19] (Lenovo)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-05-19] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2012-05-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-05-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [171896 2017-10-06] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [171896 2017-10-06] (NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [171896 2017-10-06] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2017-10-06] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2017-10-06] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2017-10-06] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [149736 2017-10-06] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-05-19]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1506385281-2691020431-3212168025-1001] => 192.168.2.2:3128
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 213.168.176.3
Tcpip\..\Interfaces\{35861DEA-3F8E-4240-9B0D-714BE33F0309}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{891B5BDE-F6EE-4528-AA0E-F647F6FE4342}: [DhcpNameServer] 192.168.88.1 213.168.176.3

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
SearchScopes: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-18] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\windows\SysWOW64\npDeployJava1.dll [2012-08-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1506385281-2691020431-3212168025-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-18] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://google.cz/"
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default [2018-07-18]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-09-30]
CHR Extension: (AdBlock) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-06-14]
CHR Extension: (Převod měn) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2014-08-29]
CHR Extension: (StayFocusd) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2018-03-14]
CHR Extension: (Twitch Now) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-18]
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-09-11]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-05] ()
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [970016 2011-05-12] (Broadcom Corporation.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2794224 2018-06-14] (ESET)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 Origin Client Service; E:\GAMES\Origin\OriginClientService.exe [2155328 2018-01-22] (Electronic Arts)
S2 Origin Web Helper Service; E:\GAMES\Origin\OriginWebHelperService.exe [3025224 2018-01-22] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2014-11-18] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.) [File not signed]
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BTWDPAN; C:\windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-13] (Broadcom Corporation.)
R3 DelayMan; C:\windows\System32\DRIVERS\delayman.sys [20064 2012-05-19] (Ensurebit Inc.)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [267304 2018-05-26] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [200360 2018-05-26] (ESET)
R2 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [184184 2018-05-26] (ESET)
R3 LgBttPort; C:\windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\DRIVERS\nvvhci.sys [57792 2017-10-06] (NVIDIA Corporation)
R3 SPUVCbv; C:\windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R3 usb3Hub; C:\windows\System32\DRIVERS\usb3Hub.sys [204184 2014-03-04] (Windows (R) Win 7 DDK provider)
R1 winioex; C:\windows\System32\drivers\winioex.sys [15456 2012-05-19] (Ensurebit Inc.)
S3 XSplit_Dummy; C:\windows\System32\drivers\xspltspk.sys [26200 2015-05-26] (SplitmediaLabs Limited)
R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-18 15:27 - 2018-07-18 15:30 - 000017697 _____ C:\Users\Tom\Desktop\FRST.txt
2018-07-18 15:26 - 2018-07-18 15:27 - 000000000 ____D C:\FRST
2018-07-18 15:24 - 2018-07-18 15:25 - 000112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
2018-07-18 15:23 - 2018-07-18 15:24 - 002412544 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2018-07-17 15:11 - 2018-07-17 15:12 - 000000000 ____D C:\AdwCleaner
2018-07-17 15:10 - 2018-07-17 15:10 - 007402192 _____ (Malwarebytes) C:\Users\Tom\Desktop\adwcleaner_7.2.1.exe
2018-07-16 09:39 - 2018-07-16 09:39 - 000001122 _____ C:\Users\Tom\Desktop\Dokumenty.lnk
2018-07-13 21:40 - 2018-07-13 21:40 - 000344536 _____ C:\windows\Minidump\071318-25677-01.dmp
2018-07-13 21:39 - 2018-07-13 21:39 - 765520150 _____ C:\windows\MEMORY.DMP
2018-07-12 20:48 - 2018-07-12 20:48 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-07-12 20:48 - 2018-07-12 20:48 - 000002164 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-07-11 21:09 - 2018-07-11 21:10 - 000000000 ____D C:\Users\Tom\Desktop\CrystalDiskInfo7_6_1
2018-07-11 21:09 - 2018-07-11 21:09 - 000000024 _____ C:\Users\Tom\Desktop\DiskInfo.ini
2018-07-11 16:59 - 2018-06-21 02:58 - 000398376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-07-11 16:59 - 2018-06-21 02:00 - 000348824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-07-11 16:59 - 2018-06-16 19:07 - 025743872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-07-11 16:59 - 2018-06-16 18:46 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-07-11 16:59 - 2018-06-16 18:46 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-07-11 16:59 - 2018-06-16 18:36 - 020286464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-07-11 16:59 - 2018-06-16 18:33 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-07-11 16:59 - 2018-06-16 18:32 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-07-11 16:59 - 2018-06-16 18:31 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-07-11 16:59 - 2018-06-16 18:31 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-07-11 16:59 - 2018-06-16 18:31 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-07-11 16:59 - 2018-06-16 18:30 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-07-11 16:59 - 2018-06-16 18:27 - 005779968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-07-11 16:59 - 2018-06-16 18:24 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-07-11 16:59 - 2018-06-16 18:23 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-07-11 16:59 - 2018-06-16 18:20 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-07-11 16:59 - 2018-06-16 18:19 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2018-07-11 16:59 - 2018-06-16 18:19 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-07-11 16:59 - 2018-06-16 18:19 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-07-11 16:59 - 2018-06-16 18:19 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-07-11 16:59 - 2018-06-16 18:19 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-07-11 16:59 - 2018-06-16 18:12 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-07-11 16:59 - 2018-06-16 18:08 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-07-11 16:59 - 2018-06-16 18:06 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-07-11 16:59 - 2018-06-16 18:06 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2018-07-11 16:59 - 2018-06-16 18:05 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2018-07-11 16:59 - 2018-06-16 18:05 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2018-07-11 16:59 - 2018-06-16 18:04 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-07-11 16:59 - 2018-06-16 18:02 - 002295296 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-07-11 16:59 - 2018-06-16 18:02 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-07-11 16:59 - 2018-06-16 18:02 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 16:59 - 2018-06-16 18:01 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-07-11 16:59 - 2018-06-16 17:59 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2018-07-11 16:59 - 2018-06-16 17:59 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2018-07-11 16:59 - 2018-06-16 17:58 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-07-11 16:59 - 2018-06-16 17:57 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2018-07-11 16:59 - 2018-06-16 17:57 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-07-11 16:59 - 2018-06-16 17:56 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-07-11 16:59 - 2018-06-16 17:56 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2018-07-11 16:59 - 2018-06-16 17:55 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-07-11 16:59 - 2018-06-16 17:55 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-07-11 16:59 - 2018-06-16 17:53 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-07-11 16:59 - 2018-06-16 17:47 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2018-07-11 16:59 - 2018-06-16 17:46 - 015283200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-07-11 16:59 - 2018-06-16 17:44 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-07-11 16:59 - 2018-06-16 17:42 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-07-11 16:59 - 2018-06-16 17:42 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-07-11 16:59 - 2018-06-16 17:42 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2018-07-11 16:59 - 2018-06-16 17:42 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 16:59 - 2018-06-16 17:41 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2018-07-11 16:59 - 2018-06-16 17:40 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-07-11 16:59 - 2018-06-16 17:39 - 002135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-07-11 16:59 - 2018-06-16 17:39 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2018-07-11 16:59 - 2018-06-16 17:38 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-07-11 16:59 - 2018-06-16 17:37 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-07-11 16:59 - 2018-06-16 17:36 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2018-07-11 16:59 - 2018-06-16 17:34 - 004496384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-07-11 16:59 - 2018-06-16 17:32 - 013680128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-07-11 16:59 - 2018-06-16 17:30 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2018-07-11 16:59 - 2018-06-16 17:29 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-07-11 16:59 - 2018-06-16 17:28 - 002060288 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-07-11 16:59 - 2018-06-16 17:27 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-07-11 16:59 - 2018-06-16 17:27 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2018-07-11 16:59 - 2018-06-16 17:16 - 001545216 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-07-11 16:59 - 2018-06-16 17:08 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-07-11 16:59 - 2018-06-16 17:05 - 001313792 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-07-11 16:59 - 2018-06-16 17:04 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-07-11 16:59 - 2018-06-16 17:04 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-07-11 16:59 - 2018-06-13 18:20 - 014185984 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-07-11 16:59 - 2018-06-13 18:19 - 001867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2018-07-11 16:59 - 2018-06-13 17:55 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-07-11 16:59 - 2018-06-13 17:54 - 001499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2018-07-11 16:59 - 2018-06-13 17:40 - 003226112 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-07-11 16:59 - 2018-06-08 18:27 - 005577408 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-07-11 16:59 - 2018-06-08 18:27 - 000708288 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-07-11 16:59 - 2018-06-08 18:27 - 000262336 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-07-11 16:59 - 2018-06-08 18:27 - 000154816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-07-11 16:59 - 2018-06-08 18:27 - 000095424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-07-11 16:59 - 2018-06-08 18:23 - 000631640 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-07-11 16:59 - 2018-06-08 18:22 - 001665344 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-07-11 16:59 - 2018-06-08 18:21 - 000369664 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
2018-07-11 16:59 - 2018-06-08 18:21 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2018-07-11 16:59 - 2018-06-08 18:21 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2018-07-11 16:59 - 2018-06-08 18:21 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-07-11 16:59 - 2018-06-08 18:21 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-07-11 16:59 - 2018-06-08 18:21 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 002066432 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2018-07-11 16:59 - 2018-06-08 18:20 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2018-07-11 16:59 - 2018-06-08 18:19 - 000357888 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2018-07-11 16:59 - 2018-06-08 18:19 - 000182272 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2018-07-11 16:59 - 2018-06-08 18:19 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-07-11 16:59 - 2018-06-08 18:19 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-07-11 16:59 - 2018-06-08 18:19 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-07-11 16:59 - 2018-06-08 18:19 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 18:02 - 004050624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2018-07-11 16:59 - 2018-06-08 18:02 - 003962048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2018-07-11 16:59 - 2018-06-08 17:57 - 001314072 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 001417728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000330240 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2018-07-11 16:59 - 2018-06-08 17:55 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:44 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-07-11 16:59 - 2018-06-08 17:44 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-07-11 16:59 - 2018-06-08 17:44 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\dnscacheugc.exe
2018-07-11 16:59 - 2018-06-08 17:44 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-07-11 16:59 - 2018-06-08 17:43 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-07-11 16:59 - 2018-06-08 17:39 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2018-07-11 16:59 - 2018-06-08 17:38 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-07-11 16:59 - 2018-06-08 17:38 - 000129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-07-11 16:59 - 2018-06-08 17:34 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-07-11 16:59 - 2018-06-08 17:34 - 000159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-07-11 16:59 - 2018-06-08 17:34 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-07-11 16:59 - 2018-06-08 17:33 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-07-11 16:59 - 2018-06-08 17:33 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-07-11 16:59 - 2018-06-08 17:29 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2018-07-11 16:59 - 2018-06-08 17:28 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscacheugc.exe
2018-07-11 16:59 - 2018-06-08 17:27 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2018-07-11 16:59 - 2018-06-08 17:21 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2018-07-11 16:59 - 2018-06-08 17:21 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2018-07-11 16:59 - 2018-06-08 17:21 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2018-07-11 16:59 - 2018-06-08 17:21 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2018-07-11 16:59 - 2018-06-08 17:19 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2018-07-11 16:59 - 2018-06-08 17:19 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:19 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 16:59 - 2018-06-08 17:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 16:59 - 2018-06-07 18:20 - 000022528 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll
2018-07-11 16:59 - 2018-06-07 18:19 - 000828928 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2018-07-11 16:59 - 2018-06-07 18:19 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2018-07-11 16:59 - 2018-06-07 18:19 - 000108544 _____ (Microsoft Corporation) C:\windows\system32\icfupgd.dll
2018-07-11 16:59 - 2018-06-07 17:57 - 000463360 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2018-07-11 16:59 - 2018-06-07 17:49 - 000077312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-07-11 16:59 - 2018-06-07 17:34 - 000018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfapigp.dll
2018-07-11 16:59 - 2018-05-31 18:28 - 001893568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-07-11 16:59 - 2018-05-31 18:28 - 000377024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-07-11 16:59 - 2018-05-31 18:28 - 000287936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 16:59 - 2018-05-02 17:32 - 000344064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2018-07-11 16:59 - 2018-05-02 17:32 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2018-07-11 16:59 - 2018-05-02 17:32 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2018-07-11 16:59 - 2018-05-02 17:32 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2018-07-11 16:59 - 2018-05-02 17:32 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2018-07-11 16:59 - 2018-05-02 17:32 - 000025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2018-07-11 16:59 - 2018-05-02 17:32 - 000007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2018-07-11 16:59 - 2018-04-26 15:05 - 000998912 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000918296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000065880 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000063832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000021848 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000020824 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000019288 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000018776 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000016216 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000015704 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000015704 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000015192 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000013152 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012632 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 16:59 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 16:59 - 2018-04-25 18:02 - 000124416 _____ (Microsoft Corporation) C:\windows\system32\wkssvc.dll
2018-07-11 16:59 - 2018-04-25 17:18 - 000115200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2018-07-11 16:56 - 2018-06-13 18:23 - 000140992 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-07-11 16:56 - 2018-06-13 18:18 - 000680960 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2018-07-11 16:56 - 2018-06-08 15:05 - 002860032 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2018-07-11 16:56 - 2018-06-08 15:05 - 001602048 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2018-07-11 16:56 - 2018-06-08 15:05 - 000783872 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2018-07-11 16:56 - 2018-06-08 15:05 - 000612352 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2018-07-11 16:56 - 2018-06-08 15:05 - 000470016 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2018-07-11 16:56 - 2018-06-08 15:05 - 000443392 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2018-07-11 16:56 - 2018-06-08 15:05 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2018-07-11 16:56 - 2018-06-08 15:05 - 000246272 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2018-07-11 16:48 - 2018-07-11 16:48 - 001222144 _____ C:\Users\Tom\Desktop\RSITx64.exe
2018-07-01 15:29 - 2018-07-01 15:29 - 000025088 ____H C:\Users\Tom\Desktop\~WRL1736.tmp
2018-07-01 10:30 - 2018-07-01 10:30 - 000000738 _____ C:\Users\Tom\Downloads\Eset Internet Security & NOD32 Antivirus - keys [flvdbm].txt
2018-06-30 14:35 - 2018-06-30 14:35 - 000221344 _____ C:\Users\Tom\Downloads\slevomat-cz-voucher-pobyt-v-np-velka-fatra-polopenze-wellness-tury-7328095330G-188.pdf
2018-06-22 10:52 - 2018-06-22 10:52 - 000060296 _____ C:\Users\Tom\Downloads\servisni_interval.pdf
2018-06-22 10:44 - 2018-06-22 10:44 - 000000696 _____ C:\Users\Tom\Downloads\LCM_YX000000.toaf
2018-06-22 10:29 - 2018-06-22 10:29 - 002659726 _____ C:\Users\Tom\Downloads\Rover 75-MG ZT – Trippling-Trojblik - Návod instalace modulu (v1.1a).pdf
2018-06-18 15:12 - 2018-05-29 02:04 - 000634272 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-06-18 15:12 - 2018-05-15 06:16 - 001681088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2018-06-18 15:12 - 2018-05-15 05:44 - 004120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2018-06-18 15:12 - 2018-05-15 05:44 - 001159680 _____ (Microsoft Corporation) C:\windows\system32\webservices.dll
2018-06-18 15:12 - 2018-05-15 05:44 - 000206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2018-06-18 15:12 - 2018-05-15 05:44 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2018-06-18 15:12 - 2018-05-15 05:24 - 000055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2018-06-18 15:12 - 2018-05-15 05:23 - 000024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2018-06-18 15:12 - 2018-05-15 05:13 - 003207168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2018-06-18 15:12 - 2018-05-15 05:13 - 000782848 _____ (Microsoft Corporation) C:\windows\SysWOW64\webservices.dll
2018-06-18 15:12 - 2018-05-15 05:13 - 000103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2018-06-18 15:12 - 2018-05-15 05:13 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2018-06-18 15:12 - 2018-05-15 05:01 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2018-06-18 15:12 - 2018-05-15 05:01 - 000023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2018-06-18 15:12 - 2018-05-15 03:20 - 000467856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2018-06-18 15:12 - 2018-05-15 03:20 - 000459632 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2018-06-18 15:12 - 2018-05-12 04:07 - 000076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2018-06-18 15:12 - 2018-05-12 04:07 - 000033152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2018-06-18 15:12 - 2018-05-12 04:07 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2018-06-18 15:12 - 2018-05-11 23:19 - 000977408 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-06-18 15:12 - 2018-05-11 23:19 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2018-06-18 15:12 - 2018-05-11 23:19 - 000084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2018-06-18 15:12 - 2018-05-11 02:40 - 000741888 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-06-18 15:12 - 2018-05-11 02:40 - 000084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2018-06-18 15:12 - 2018-05-11 02:39 - 000084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2018-06-18 15:12 - 2018-04-06 18:39 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2018-06-18 15:12 - 2018-04-06 18:38 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-18 12:25 - 2012-05-19 12:47 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-18 12:08 - 2016-12-24 21:46 - 000000000 ____D C:\Users\Tom\AppData\Roaming\vlc
2018-07-17 15:23 - 2009-07-14 06:45 - 000028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-17 15:23 - 2009-07-14 06:45 - 000028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-17 15:14 - 2012-05-19 13:36 - 000217978 _____ C:\windows\system32\fastboot.set
2018-07-17 15:13 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-07-17 10:05 - 2012-09-19 07:51 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-07-16 13:37 - 2012-05-19 04:13 - 000669070 _____ C:\windows\system32\perfh005.dat
2018-07-16 13:37 - 2012-05-19 04:13 - 000141696 _____ C:\windows\system32\perfc005.dat
2018-07-16 13:37 - 2009-07-14 07:13 - 001584368 _____ C:\windows\system32\PerfStringBackup.INI
2018-07-16 13:37 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2018-07-16 12:01 - 2017-07-02 13:11 - 000000000 ____D C:\Users\Tom\AppData\Local\TurmoilSteam
2018-07-16 09:43 - 2013-08-30 23:13 - 000000000 ____D C:\Program Files\trend micro
2018-07-14 09:11 - 2017-10-25 15:07 - 000004130 _____ C:\windows\System32\Tasks\CCleaner Update
2018-07-13 21:40 - 2013-09-20 15:20 - 000000000 ____D C:\windows\Minidump
2018-07-13 18:40 - 2012-05-19 13:13 - 001560018 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2018-07-12 20:48 - 2012-05-19 13:35 - 000000000 ____D C:\Program Files\Google
2018-07-11 19:22 - 2009-07-14 05:20 - 000000000 ____D C:\windows\rescache
2018-07-11 17:21 - 2009-07-14 06:45 - 000380064 _____ C:\windows\system32\FNTCACHE.DAT
2018-07-11 17:17 - 2014-12-10 13:53 - 000000000 ____D C:\windows\system32\appraiser
2018-07-11 17:07 - 2013-07-21 00:41 - 000000000 ____D C:\windows\system32\MRT
2018-07-11 17:01 - 2012-08-29 11:51 - 134675576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-07-10 20:54 - 2016-12-05 20:34 - 000000000 ____D C:\Users\Tom\Downloads\Dáša
2018-07-10 16:38 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF
2018-07-09 22:23 - 2015-11-24 22:23 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-06 11:30 - 2016-05-18 16:34 - 001597865 _____ C:\Users\Tom\Documents\Životopis_tomas_vaculik.pdf
2018-06-30 13:53 - 2012-05-19 13:35 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-20 23:58 - 2017-09-18 16:09 - 000000000 ____D C:\Users\Tom\Documents\American Truck Simulator
2018-06-18 21:26 - 2012-09-07 09:08 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Skype
2018-06-18 15:17 - 2017-10-12 16:09 - 133315992 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe

==================== Files in the root of some directories =======

2015-02-19 09:32 - 2015-11-06 15:06 - 000008192 _____ () C:\Users\Tom\AppData\Roaming\records_db
2014-05-07 16:58 - 2017-01-26 15:50 - 000005632 _____ () C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-27 13:30 - 2014-05-27 13:30 - 000004096 ____H () C:\Users\Tom\AppData\Local\keyfile3.drm
2012-08-28 23:38 - 2012-08-28 23:38 - 000001567 _____ () C:\Users\Tom\AppData\Local\PDLSetup.20120828.233811.txt
2012-09-03 15:07 - 2012-09-03 15:07 - 000001541 _____ () C:\Users\Tom\AppData\Local\PDLSetup.20120903.150709.txt
2012-10-31 12:48 - 2012-10-31 12:48 - 000001541 _____ () C:\Users\Tom\AppData\Local\PDLSetup.20121031.114803.txt
2018-06-09 18:45 - 2018-06-09 18:45 - 000001565 _____ () C:\Users\Tom\AppData\Local\PDLSetup.20180609.184538.txt
2013-10-06 13:05 - 2016-04-26 15:10 - 000007601 _____ () C:\Users\Tom\AppData\Local\Resmon.ResmonCfg
2018-06-09 19:06 - 2018-06-09 19:09 - 000035874 _____ () C:\Users\Tom\AppData\Local\WiDiSetupLog.20180609.190641.wdl

Some files in TEMP:
====================
2018-01-23 21:48 - 2018-06-18 17:57 - 063222472 _____ (Skype Technologies S.A.) C:\Users\Tom\AppData\Local\Temp\SkypeSetup.exe
2018-06-04 20:37 - 2018-06-04 20:37 - 040184976 _____ () C:\Users\Tom\AppData\Local\Temp\vlc-3.0.3-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom\Desktop" je 302 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Tom (18-07-2018 15:31:24)
Running from C:\Users\Tom\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-08-28 07:12:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1506385281-2691020431-3212168025-500 - Administrator - Disabled)
Guest (S-1-5-21-1506385281-2691020431-3212168025-501 - Limited - Disabled)
Tom (S-1-5-21-1506385281-2691020431-3212168025-1001 - Administrator - Enabled) => C:\Users\Tom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 387.92 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 03.12.2014) (HKLM-x32\...\Anti-Twin 2014-12-03 16.20.14) (Version: - Jorg Rosenthal, Germany)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1025 - DsNET Corp)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
BeamNG-Techdemo-0.3 (remove only) (HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\BeamNG-Techdemo-0.3) (Version: - )
BlazeDTV 6.0 (HKLM-x32\...\BlazeDTV 6.0_is1) (Version: - )
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.3.3 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2300 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Colin McRae Rally 2 (HKLM-x32\...\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: 7.3.393 - Softland)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
ESET NOD32 Antivirus (HKLM\...\{A14277DC-AB21-499B-832B-A3AF51D5DBF6}) (Version: 9.0.376.1 - ESET, spol. s r.o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fotogaléria (HKLM-x32\...\{4FA8AECA-ECB4-4A7F-A400-8CCBA745FA6A}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{B4299C72-D4BF-4F29-A5A6-63294B1C0368}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Earth Pro (HKLM\...\{B29B4ACE-362A-47D2-AB37-87C721D09803}) (Version: 7.3.2.5487 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{78091D68-706D-4893-B287-9F1DFB24F7AF}) (Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{9C798E99-094E-4289-A6C8-1D5EE63AFFE3}) (Version: 4.2.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{24758B1D-9345-4538-A69A-05660F63A296}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2300 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo R.I.C. (Robust Intelligent Companion) (HKLM\...\Lenovo R.I.C. (Robust Intelligent Companion)) (Version: 1.0.10.1220 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.3.80.20121017 - LG Electronics)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{750E0BB5-CB46-4B52-8C42-77D4168DD786}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8C22A294-DBBA-445F-B55C-E26817CCFE69}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9A0C0A74-8AC8-4216-8E1F-B9AD2E14C950}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{C95AEB53-7FAE-4257-97AF-7136E8D9F9CA}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 387.92 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.8 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.8 - Lenovo)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 387.92 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QIP 2005 8097 (HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\QIP 2005) (Version: 8097 - )
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SpinTires Tech Demo (June 060613) (HKLM-x32\...\{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}) (Version: 1.3 - Oovee)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.31.1 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Luxusní bydlení – Kolekce (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Po setmění (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ulož.to FileManager verze 1.96 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 1.96 - Uloz.to cloud a.s.)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.0126 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.0-git - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoner Photo Studio 14 FREE (HKLM-x32\...\ZonerPhotoStudio14_EN_is1) (Version: 14.0.1.4 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2012-05-19] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-06-14] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-06-14] (ESET)
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\windows\system32\SimpleExt.dll [2012-05-19] ()
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2013-11-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2017-10-06] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-06-14] (ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0466820B-4920-49F9-9264-380356C09013} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {05D0AD63-E77C-4EB8-9CFE-45458FA15559} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {0ED482D1-5EFA-40C8-97AC-92DE84080780} - System32\Tasks\{8453E696-3F41-43F4-ABBD-D3722FACAFFC} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1
Task: {0F0906D2-BB41-4B81-9C2D-2A229FFE194B} - System32\Tasks\{6944A968-5A13-4494-AA26-14756A05E4B9} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4
Task: {0F7977C2-EEE7-4535-8C89-840307208467} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {148A28B0-1D3F-48EC-A6A0-AA7410AE7E20} - System32\Tasks\Core Temp Autostart Tom => C:\Users\Tom\Downloads\Core Temp.exe [2012-10-14] ()
Task: {1A390744-9EC3-410D-A8FB-FABF7C8C8D47} - System32\Tasks\{A2BF6C48-AC2E-47B0-870A-B4674FB2F9C6} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u2\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u2
Task: {2F6EFC4D-7DC8-4A63-A0F6-8AE4FAD0EE5F} - System32\Tasks\{8CE12931-829B-49A0-93A6-6E519D273381} => E:\GAMES\gta4\GTA IV\NetFrameWork 3.5\dotNetFx35setup.exe
Task: {355C1071-3993-4127-A893-C09B3F3C261C} - System32\Tasks\{E0ABC03A-E476-42F0-A720-81BC15FA6A27} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {4621BC6C-C307-4A70-B8D1-0477AA49DAEA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {558C54A1-7EDF-4766-95CB-4AB6BF62438E} - System32\Tasks\{AC06B616-79BC-4895-8F44-4150DEF50A81} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {55D51F65-B1F0-4FAD-9FED-0D1B0450954B} - System32\Tasks\{2791A409-68B2-40A0-AA23-DC98E3223CE8} => E:\GAMES\Codemasters\Colin McRae Rally 2\CMR2.exe [2000-12-05] (Codemasters Software Ltd)
Task: {5B3974E1-925D-4851-8BD8-9C03372DD766} - System32\Tasks\{2D1483F0-C4C4-4F5A-BADC-93F96B2FE4ED} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\gta-san-andreas-cz\gtasa120cz.exe -d C:\Users\Tom\Downloads\gta-san-andreas-cz
Task: {5EBD2115-8B51-4AD5-BA72-6084BFA12E83} - System32\Tasks\{1B09AFCF-D059-4836-BD91-F75E9260905D} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.86u1
Task: {6E99EEAB-AD13-4E77-B9DE-3ED8CC267825} - System32\Tasks\{475B6180-3305-4371-A6A7-A0B6C3013BF7} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
Task: {802ED491-9DAA-40B1-9B70-FF6CD0190A6B} - System32\Tasks\{7BC455D8-F090-4642-911E-3ABF3612026A} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {84272220-1ACA-4DA7-854A-6B028EF33F85} - System32\Tasks\{E2693A60-0A16-489F-B7CC-63DD818C767D} => E:\GAMES\Steam\SteamApps\common\Grand Theft Auto San Andreas\GGMM.exe [2007-02-07] ()
Task: {8B6EF466-61A6-4FCC-8BD6-740F8B0B3A13} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-13] (Piriform Ltd)
Task: {8FAC9CAB-B2EA-48CD-9910-776E0970EF92} - System32\Tasks\{A366F92F-CBF8-4351-B119-47674AC5A47B} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {9F6FD1A0-E811-4748-A2F5-086D0CC75635} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {A6796298-A130-4871-B552-FE3B08D169AC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)
Task: {AA906B77-B786-4B3F-9486-1C62E43A056B} - System32\Tasks\{5C838CFD-F1EE-4879-B06F-DA0A5B1EB07D} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {ABEAF157-B949-4FB7-B9EB-958AEC896ABD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {AC47D6B5-BE48-43E1-9D6D-6EEE6807137A} - System32\Tasks\{5E0F5161-30E6-4B7A-A5A7-7CB14C29237B} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
Task: {ACA6EE14-A19E-4446-B2D9-4D492EB87714} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {B147E8F1-AFB0-4542-81AB-BFF32959B839} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {B27DB9A6-DCE9-435F-B13A-9A6E55206B8E} - System32\Tasks\{57C8033F-ED4E-44A1-A6BF-FE137298D757} => C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe
Task: {B8BC4641-1AE3-4BDB-8E17-A3D3211FBD72} - System32\Tasks\{ADD6B716-615B-4D59-B5BE-69C40C0E4B7E} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {BC2ED5BB-CD99-42DA-87BE-5ACA84458EB6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
Task: {C19A997A-2A44-4FFC-8674-C6E5B8F3E0A8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {C8990319-C2D6-43FE-A60F-BD20CE82FDCE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {CDE79D39-A386-40E5-B070-4BF1266B1C17} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D2C037EC-ED0D-4819-AC06-A07512EAD688} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {E04AA0AA-E08D-4B0A-BC15-A44F83F13111} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E96F7A64-270A-4761-9BB0-1585B8624EF9} - System32\Tasks\{E6ADF29F-3280-4516-9B6E-793E9715B836} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\dotNetFx35setup(1).exe -d C:\Users\Tom\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) ==============

2017-10-10 19:15 - 2017-10-06 13:44 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-05-02 15:41 - 2011-05-02 15:41 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2016-09-30 14:25 - 2017-09-19 09:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2011-02-16 19:56 - 2011-02-16 19:56 - 000202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2011-02-16 20:01 - 2011-02-16 20:01 - 000156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2013-09-19 21:24 - 2012-10-14 21:21 - 000763856 _____ () C:\Users\Tom\Downloads\Core Temp.exe
2012-05-19 13:29 - 2012-05-19 13:29 - 001508192 _____ () C:\windows\system32\IcnOvrly.dll
2012-05-19 13:29 - 2012-05-19 13:29 - 000628064 _____ () C:\windows\system32\SimpleExt.dll
2017-08-29 02:43 - 2017-08-29 02:43 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2008-12-20 05:20 - 2012-05-19 13:38 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 05:20 - 2012-05-19 13:38 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-05-19 12:43 - 2011-07-27 00:37 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-03-31 17:13 - 2014-11-18 15:41 - 000075136 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-05-19 13:29 - 2012-05-19 13:29 - 000100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2011-02-16 19:51 - 2011-02-16 19:51 - 000161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2011-02-16 19:53 - 2011-02-16 19:53 - 000133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2016-09-30 14:25 - 2017-09-19 09:23 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-11 18:25 - 2018-07-11 18:25 - 000169984 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\594417d5b13f08f96f8022a361484c61\IsdiInterop.ni.dll
2012-05-19 12:41 - 2011-01-12 19:56 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-04-17 09:34 - 2016-09-18 23:42 - 000000027 _____ C:\windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1 - 213.168.176.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C9EF5F82-8173-41F4-A5EB-E136FD7766E5}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\Backgammon.exe
FirewallRules: [{569D6764-E26A-4452-84AD-A108C8E5EDA3}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\Checkers.exe
FirewallRules: [{D4FD7CEA-8552-4AE1-84AD-C7A778C26D81}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\Chess.exe
FirewallRules: [{6AF790A6-7BAB-4418-BD74-9F855F256D71}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\EasyChat.exe
FirewallRules: [{D4A40F07-D5E2-4B59-A1D6-9CF6122D9A4B}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\SeaBattle.exe
FirewallRules: [{DFC949B5-2DAF-4198-AA88-26951BD00558}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\TicTacToe.exe
FirewallRules: [{95E30951-F743-4E02-8BAA-17B03DBCC741}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F725ABB5-CE0A-471C-89A1-E815C36E3924}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{B08C65CF-964E-4E42-B27A-B8DFC812C193}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{FBA49717-8BE2-49C6-A097-577BAAA55DC9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BEBE0D42-FB10-4B21-A2D7-3D2EBB85A2CC}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{6BFC0368-A17C-4505-A6D2-F0396398B0C8}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Allow) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [UDP Query User{28DE854D-8CCF-4757-9AA4-B6AA3B7F7373}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Allow) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [TCP Query User{664F6674-95E0-433C-9C81-BA9D6E914994}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{67480F39-4F44-4025-91CE-B60ACBE0695E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{C7943361-D394-4809-AFE5-63EF86032788}] => (Allow) E:\GAMES\Steam\Steam.exe
FirewallRules: [{71333F8D-AD17-4A83-B0C3-166D278489B1}] => (Allow) E:\GAMES\Steam\Steam.exe
FirewallRules: [{0B4FC421-E9AF-4C41-9141-EC166A2C2CDD}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{EBB0F69A-4735-4641-B3A6-3530E26B3C09}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{7F90B883-6059-4C37-8481-74A29CEA4D3D}] => (Allow) C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{B7F96A1D-CA14-4C0E-9D2C-023B627DC69C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{435144DB-29E2-47C8-BDAE-0861656257B9}] => (Allow) LPort=2869
FirewallRules: [{8359B2B7-7BB6-4B54-B271-AF57E07C6A7B}] => (Allow) LPort=1900
FirewallRules: [{3E7CD4C6-8074-47FE-AE65-F45116027537}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A9A517B6-0E89-4935-A40D-DCC84E1B5AE6}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{CADD335D-2671-4CC8-A229-3E64E56DEA2F}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{87EF61EB-898C-4EA1-8C57-0324161F8956}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{752080A9-82F2-4F7D-9659-73AE101A9535}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{5B52C0A8-78AE-4524-A285-88439BE0709E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E035E9D0-922A-43D6-9463-E549EAB87D55}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2A6D932F-1ECD-49B6-9F14-22D891B93864}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{87D4C357-D37C-459D-869C-DCEAEAF6AF51}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CED05BA4-A4EC-4578-B45E-E3BD9A4D6411}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{33876578-3710-44D2-A6CC-BF2F0F522297}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{A2844A5B-1DAF-4D46-9305-6AA2F3105027}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9D00CE9C-66D9-4866-BA8E-5BAD813AF063}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{0DAF8A93-8064-4BBF-9BDF-88E0F395DC83}] => (Allow) E:\GAMES\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{CFFA3F81-7E3A-4C69-ACEB-FB1274F1C0A0}] => (Allow) E:\GAMES\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{68C294BD-ABCF-41E5-8440-0275D20C95C9}E:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\games\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{D80410AB-211E-4BC8-9F4F-C21C517EE9B2}E:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\games\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{E1925BBF-4D02-446D-833D-3F44F08779B7}] => (Allow) E:\GAMES\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C2D34EDF-9FF6-43D8-B5E6-038C7B446E5E}] => (Allow) E:\GAMES\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{20F5995C-BB5D-468C-8BB6-8AF81B634D29}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{7176CE15-EAAF-42F1-9344-462F8A8BC66A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{537B42D1-F59F-4F72-ADE4-878FE7054C53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{872ECDDF-0F06-4E63-89D5-C7BEF6608DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A4628EAD-F8A4-4B0C-8E15-50189D0C0C7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D80546E-2F18-4003-AB84-65E46D3151A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{65B69093-C099-4F8B-AA01-A0041C7F951A}] => (Allow) E:\GAMES\Steam\SteamApps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{2B373AF0-5C01-4F0F-8C39-06DF0C2EF607}] => (Allow) E:\GAMES\Steam\SteamApps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{B6AEA471-F280-4DF3-9D0C-79CBA4C55003}] => (Allow) LPort=5556
FirewallRules: [{1F8C38D2-4016-4865-8C0F-37FA5DF31DB0}] => (Allow) LPort=5558
FirewallRules: [{16008351-6666-44F4-9CD8-DBC5EC1D305C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C8F954E2-F90C-4AD3-8047-272B113E27F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A9963324-1CF9-420E-9898-1AA59410FDD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BFEF3E4E-4A8A-4A97-864A-53181A37A061}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{272D6D65-CEDE-41C3-987D-DADB1D15A8FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5F327316-F91B-4E1E-953E-686544E6D85F}] => (Allow) E:\GAMES\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{C0D9F89B-A58A-4EF2-AD82-C69FA455E7B2}] => (Allow) E:\GAMES\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{950015F3-75DB-46A7-B861-DF70A747E304}E:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\games\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{27E1426B-5D8A-4B06-8DBF-EF38C313C0F8}E:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\games\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{2C169132-7C36-48BA-96AC-445C5B60EC4E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3BB9E91C-95DE-4D9A-8EC8-630540D05C51}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{0C529D30-96E9-4F68-8F60-8B74A20FFFDC}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2FD14296-758E-4B5C-A72E-DFE976520464}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{09370E05-8732-4715-BC6E-EA0BFC900455}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E0F3D080-33A8-4ECF-BE38-C8B587191C1F}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D70996B5-2220-47E6-81DA-CB9E971487E8}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{C803D645-06C1-4C01-AF95-F2BD12B1D887}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F02A7995-5EBA-42D8-B53F-320830AA4414}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E576E916-59AF-4B82-B688-084CE25156CC}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{2273AD00-65DB-4985-B9A1-1364F7C431A9}] => (Allow) E:\GAMES\Steam\SteamApps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{08DBF4A7-339E-4757-9F51-F52861BA8717}] => (Allow) E:\GAMES\Steam\SteamApps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{DFCF25B7-C6D5-4F32-86B3-BD979FF5CC60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{069E673B-555E-46A9-A6B8-E6F49CC91FDE}] => (Allow) E:\GAMES\Steam\SteamApps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{B580F1E3-9F74-41F0-B70C-B8E6608E85D8}] => (Allow) E:\GAMES\Steam\SteamApps\common\American Truck Simulator\bin\win_x64\amtrucks.exe

==================== Restore Points =========================

11-07-2018 11:25:26 Naplánovaný kontrolní bod
11-07-2018 17:00:32 Windows Update
13-07-2018 18:36:06 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2018 03:14:54 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/17/2018 10:04:59 AM) (Source: MsiInstaller) (EventID: 11402) (User: TOMES-PC)
Description: Produkt: Adobe Acrobat Reader DC - Czech -- Chyba 1402.Nelze otevřít klíč: HKEY_LOCAL_MACHINE32\Software\MozillaPlugins\Adobe Reader\MimeTypes\application/pdf. System error 5. Zkontrolujte, zda máte ke klíči dostatečná přístupová práva, nebo kontaktujte vaše oddělení podpory.

Error: (07/17/2018 10:04:48 AM) (Source: MsiInstaller) (EventID: 11402) (User: TOMES-PC)
Description: Produkt: Adobe Reader X (10.1.12) - Czech -- Chyba 1402.Nelze otevřít klíč: HKEY_LOCAL_MACHINE32\Software\MozillaPlugins\Adobe Reader\MimeTypes\application/vnd.adobe.xfd+xml. System error 5. Zkontrolujte, zda máte ke klíči dostatečná přístupová práva, nebo kontaktujte vaše oddělení podpory.

Error: (07/17/2018 09:52:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/16/2018 09:31:26 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/15/2018 07:00:03 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy G:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (07/15/2018 01:05:30 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu mého PC

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    Zip: C:\windows\Minidump
    FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll [No File]
    CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
    CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://google.cz/"
    U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
    R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
    2018-07-11 16:48 - 2018-07-11 16:48 - 001222144 _____ C:\Users\Tom\Desktop\RSITx64.exe
    2018-07-01 15:29 - 2018-07-01 15:29 - 000025088 ____H C:\Users\Tom\Desktop\~WRL1736.tmp
    ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
    ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
    Task: {0ED482D1-5EFA-40C8-97AC-92DE84080780} - System32\Tasks\{8453E696-3F41-43F4-ABBD-D3722FACAFFC} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1
    Task: {0F0906D2-BB41-4B81-9C2D-2A229FFE194B} - System32\Tasks\{6944A968-5A13-4494-AA26-14756A05E4B9} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4
    Task: {1A390744-9EC3-410D-A8FB-FABF7C8C8D47} - System32\Tasks\{A2BF6C48-AC2E-47B0-870A-B4674FB2F9C6} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u2\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u2
    Task: {2F6EFC4D-7DC8-4A63-A0F6-8AE4FAD0EE5F} - System32\Tasks\{8CE12931-829B-49A0-93A6-6E519D273381} => E:\GAMES\gta4\GTA IV\NetFrameWork 3.5\dotNetFx35setup.exe
    Task: {355C1071-3993-4127-A893-C09B3F3C261C} - System32\Tasks\{E0ABC03A-E476-42F0-A720-81BC15FA6A27} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {558C54A1-7EDF-4766-95CB-4AB6BF62438E} - System32\Tasks\{AC06B616-79BC-4895-8F44-4150DEF50A81} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {5B3974E1-925D-4851-8BD8-9C03372DD766} - System32\Tasks\{2D1483F0-C4C4-4F5A-BADC-93F96B2FE4ED} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\gta-san-andreas-cz\gtasa120cz.exe -d C:\Users\Tom\Downloads\gta-san-andreas-cz
    Task: {5EBD2115-8B51-4AD5-BA72-6084BFA12E83} - System32\Tasks\{1B09AFCF-D059-4836-BD91-F75E9260905D} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.86u1
    Task: {6E99EEAB-AD13-4E77-B9DE-3ED8CC267825} - System32\Tasks\{475B6180-3305-4371-A6A7-A0B6C3013BF7} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
    Task: {802ED491-9DAA-40B1-9B70-FF6CD0190A6B} - System32\Tasks\{7BC455D8-F090-4642-911E-3ABF3612026A} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3
    Task: {8FAC9CAB-B2EA-48CD-9910-776E0970EF92} - System32\Tasks\{A366F92F-CBF8-4351-B119-47674AC5A47B} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {AA906B77-B786-4B3F-9486-1C62E43A056B} - System32\Tasks\{5C838CFD-F1EE-4879-B06F-DA0A5B1EB07D} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {AC47D6B5-BE48-43E1-9D6D-6EEE6807137A} - System32\Tasks\{5E0F5161-30E6-4B7A-A5A7-7CB14C29237B} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
    Task: {B27DB9A6-DCE9-435F-B13A-9A6E55206B8E} - System32\Tasks\{57C8033F-ED4E-44A1-A6BF-FE137298D757} => C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe
    Task: {B8BC4641-1AE3-4BDB-8E17-A3D3211FBD72} - System32\Tasks\{ADD6B716-615B-4D59-B5BE-69C40C0E4B7E} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {E96F7A64-270A-4761-9BB0-1585B8624EF9} - System32\Tasks\{E6ADF29F-3280-4516-9B6E-793E9715B836} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\dotNetFx35setup(1).exe -d C:\Users\Tom\Downloads
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
:arrow: Na ploche sa vytvori ZIP archiv s aktualnym datumom a casom v nazve, nahraj ho napr. na leteckaposta.cz a posli odkaz na stiahnutie.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomik258
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 kvě 2009 17:53

Re: Prosím o kontrolu logu mého PC

#7 Příspěvek od tomik258 »

FRST stále píše Fixing in progress, please wait...

příčemž běží už 2,5 hodiny, na ploše je soubor Fixlog i ZIP s datem.... Mám restartovat ručně nebo čekat na program?

Vše spuštěno dle návodu, všechny programy jsem zavřel...

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu mého PC

#8 Příspěvek od Conder »

:arrow: Rucne restartuj PC a nasledne posli fixlog, niekde sa to zrejme zaseklo.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomik258
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 kvě 2009 17:53

Re: Prosím o kontrolu logu mého PC

#9 Příspěvek od tomik258 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Tom (18-07-2018 18:14:05) Run:1
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Zip: C:\windows\Minidump
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll [No File]
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://google.cz/"
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
2018-07-11 16:48 - 2018-07-11 16:48 - 001222144 _____ C:\Users\Tom\Desktop\RSITx64.exe
2018-07-01 15:29 - 2018-07-01 15:29 - 000025088 ____H C:\Users\Tom\Desktop\~WRL1736.tmp
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {0ED482D1-5EFA-40C8-97AC-92DE84080780} - System32\Tasks\{8453E696-3F41-43F4-ABBD-D3722FACAFFC} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1
Task: {0F0906D2-BB41-4B81-9C2D-2A229FFE194B} - System32\Tasks\{6944A968-5A13-4494-AA26-14756A05E4B9} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4
Task: {1A390744-9EC3-410D-A8FB-FABF7C8C8D47} - System32\Tasks\{A2BF6C48-AC2E-47B0-870A-B4674FB2F9C6} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u2\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u2
Task: {2F6EFC4D-7DC8-4A63-A0F6-8AE4FAD0EE5F} - System32\Tasks\{8CE12931-829B-49A0-93A6-6E519D273381} => E:\GAMES\gta4\GTA IV\NetFrameWork 3.5\dotNetFx35setup.exe
Task: {355C1071-3993-4127-A893-C09B3F3C261C} - System32\Tasks\{E0ABC03A-E476-42F0-A720-81BC15FA6A27} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {558C54A1-7EDF-4766-95CB-4AB6BF62438E} - System32\Tasks\{AC06B616-79BC-4895-8F44-4150DEF50A81} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {5B3974E1-925D-4851-8BD8-9C03372DD766} - System32\Tasks\{2D1483F0-C4C4-4F5A-BADC-93F96B2FE4ED} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\gta-san-andreas-cz\gtasa120cz.exe -d C:\Users\Tom\Downloads\gta-san-andreas-cz
Task: {5EBD2115-8B51-4AD5-BA72-6084BFA12E83} - System32\Tasks\{1B09AFCF-D059-4836-BD91-F75E9260905D} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.86u1
Task: {6E99EEAB-AD13-4E77-B9DE-3ED8CC267825} - System32\Tasks\{475B6180-3305-4371-A6A7-A0B6C3013BF7} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
Task: {802ED491-9DAA-40B1-9B70-FF6CD0190A6B} - System32\Tasks\{7BC455D8-F090-4642-911E-3ABF3612026A} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {8FAC9CAB-B2EA-48CD-9910-776E0970EF92} - System32\Tasks\{A366F92F-CBF8-4351-B119-47674AC5A47B} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {AA906B77-B786-4B3F-9486-1C62E43A056B} - System32\Tasks\{5C838CFD-F1EE-4879-B06F-DA0A5B1EB07D} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {AC47D6B5-BE48-43E1-9D6D-6EEE6807137A} - System32\Tasks\{5E0F5161-30E6-4B7A-A5A7-7CB14C29237B} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
Task: {B27DB9A6-DCE9-435F-B13A-9A6E55206B8E} - System32\Tasks\{57C8033F-ED4E-44A1-A6BF-FE137298D757} => C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe
Task: {B8BC4641-1AE3-4BDB-8E17-A3D3211FBD72} - System32\Tasks\{ADD6B716-615B-4D59-B5BE-69C40C0E4B7E} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {E96F7A64-270A-4761-9BB0-1585B8624EF9} - System32\Tasks\{E6ADF29F-3280-4516-9B6E-793E9715B836} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\dotNetFx35setup(1).exe -d C:\Users\Tom\Downloads

Hosts:
EmptyTemp:
End

*****************

Processes closed successfully.
Restore point was successfully created.
================== Zip: ===================
C:\windows\Minidump -> copied successfully to C:\Users\Tom\Desktop\18.07.2018_18.14.42.zip
=========== Zip: End ===========
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully

a odkaz je níže... :) díky


http://leteckaposta.cz/412238350

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu mého PC

#10 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain ... &bmod=LENN
    CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://google.cz/"
    U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
    R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
    2018-07-11 16:48 - 2018-07-11 16:48 - 001222144 _____ C:\Users\Tom\Desktop\RSITx64.exe
    2018-07-01 15:29 - 2018-07-01 15:29 - 000025088 ____H C:\Users\Tom\Desktop\~WRL1736.tmp
    ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
    ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
    Task: {0ED482D1-5EFA-40C8-97AC-92DE84080780} - System32\Tasks\{8453E696-3F41-43F4-ABBD-D3722FACAFFC} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1
    Task: {0F0906D2-BB41-4B81-9C2D-2A229FFE194B} - System32\Tasks\{6944A968-5A13-4494-AA26-14756A05E4B9} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4
    Task: {1A390744-9EC3-410D-A8FB-FABF7C8C8D47} - System32\Tasks\{A2BF6C48-AC2E-47B0-870A-B4674FB2F9C6} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u2\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u2
    Task: {2F6EFC4D-7DC8-4A63-A0F6-8AE4FAD0EE5F} - System32\Tasks\{8CE12931-829B-49A0-93A6-6E519D273381} => E:\GAMES\gta4\GTA IV\NetFrameWork 3.5\dotNetFx35setup.exe
    Task: {355C1071-3993-4127-A893-C09B3F3C261C} - System32\Tasks\{E0ABC03A-E476-42F0-A720-81BC15FA6A27} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {558C54A1-7EDF-4766-95CB-4AB6BF62438E} - System32\Tasks\{AC06B616-79BC-4895-8F44-4150DEF50A81} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {5B3974E1-925D-4851-8BD8-9C03372DD766} - System32\Tasks\{2D1483F0-C4C4-4F5A-BADC-93F96B2FE4ED} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\gta-san-andreas-cz\gtasa120cz.exe -d C:\Users\Tom\Downloads\gta-san-andreas-cz
    Task: {5EBD2115-8B51-4AD5-BA72-6084BFA12E83} - System32\Tasks\{1B09AFCF-D059-4836-BD91-F75E9260905D} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.86u1
    Task: {6E99EEAB-AD13-4E77-B9DE-3ED8CC267825} - System32\Tasks\{475B6180-3305-4371-A6A7-A0B6C3013BF7} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
    Task: {802ED491-9DAA-40B1-9B70-FF6CD0190A6B} - System32\Tasks\{7BC455D8-F090-4642-911E-3ABF3612026A} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3
    Task: {8FAC9CAB-B2EA-48CD-9910-776E0970EF92} - System32\Tasks\{A366F92F-CBF8-4351-B119-47674AC5A47B} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {AA906B77-B786-4B3F-9486-1C62E43A056B} - System32\Tasks\{5C838CFD-F1EE-4879-B06F-DA0A5B1EB07D} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {AC47D6B5-BE48-43E1-9D6D-6EEE6807137A} - System32\Tasks\{5E0F5161-30E6-4B7A-A5A7-7CB14C29237B} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
    Task: {B27DB9A6-DCE9-435F-B13A-9A6E55206B8E} - System32\Tasks\{57C8033F-ED4E-44A1-A6BF-FE137298D757} => C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe
    Task: {B8BC4641-1AE3-4BDB-8E17-A3D3211FBD72} - System32\Tasks\{ADD6B716-615B-4D59-B5BE-69C40C0E4B7E} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
    Task: {E96F7A64-270A-4761-9BB0-1585B8624EF9} - System32\Tasks\{E6ADF29F-3280-4516-9B6E-793E9715B836} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\dotNetFx35setup(1).exe -d C:\Users\Tom\Downloads
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomik258
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 kvě 2009 17:53

Re: Prosím o kontrolu logu mého PC

#11 Příspěvek od tomik258 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Tom (20-07-2018 14:34:14) Run:2
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain ... &bmod=LENN
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://google.cz/"
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
2018-07-11 16:48 - 2018-07-11 16:48 - 001222144 _____ C:\Users\Tom\Desktop\RSITx64.exe
2018-07-01 15:29 - 2018-07-01 15:29 - 000025088 ____H C:\Users\Tom\Desktop\~WRL1736.tmp
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {0ED482D1-5EFA-40C8-97AC-92DE84080780} - System32\Tasks\{8453E696-3F41-43F4-ABBD-D3722FACAFFC} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u1\FreeRapid-0.9u1
Task: {0F0906D2-BB41-4B81-9C2D-2A229FFE194B} - System32\Tasks\{6944A968-5A13-4494-AA26-14756A05E4B9} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u4\FreeRapid-0.9u4
Task: {1A390744-9EC3-410D-A8FB-FABF7C8C8D47} - System32\Tasks\{A2BF6C48-AC2E-47B0-870A-B4674FB2F9C6} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u2\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u2
Task: {2F6EFC4D-7DC8-4A63-A0F6-8AE4FAD0EE5F} - System32\Tasks\{8CE12931-829B-49A0-93A6-6E519D273381} => E:\GAMES\gta4\GTA IV\NetFrameWork 3.5\dotNetFx35setup.exe
Task: {355C1071-3993-4127-A893-C09B3F3C261C} - System32\Tasks\{E0ABC03A-E476-42F0-A720-81BC15FA6A27} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {558C54A1-7EDF-4766-95CB-4AB6BF62438E} - System32\Tasks\{AC06B616-79BC-4895-8F44-4150DEF50A81} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {5B3974E1-925D-4851-8BD8-9C03372DD766} - System32\Tasks\{2D1483F0-C4C4-4F5A-BADC-93F96B2FE4ED} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\gta-san-andreas-cz\gtasa120cz.exe -d C:\Users\Tom\Downloads\gta-san-andreas-cz
Task: {5EBD2115-8B51-4AD5-BA72-6084BFA12E83} - System32\Tasks\{1B09AFCF-D059-4836-BD91-F75E9260905D} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.86u1
Task: {6E99EEAB-AD13-4E77-B9DE-3ED8CC267825} - System32\Tasks\{475B6180-3305-4371-A6A7-A0B6C3013BF7} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
Task: {802ED491-9DAA-40B1-9B70-FF6CD0190A6B} - System32\Tasks\{7BC455D8-F090-4642-911E-3ABF3612026A} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\Tom\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {8FAC9CAB-B2EA-48CD-9910-776E0970EF92} - System32\Tasks\{A366F92F-CBF8-4351-B119-47674AC5A47B} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {AA906B77-B786-4B3F-9486-1C62E43A056B} - System32\Tasks\{5C838CFD-F1EE-4879-B06F-DA0A5B1EB07D} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {AC47D6B5-BE48-43E1-9D6D-6EEE6807137A} - System32\Tasks\{5E0F5161-30E6-4B7A-A5A7-7CB14C29237B} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\GTAIV.exe
Task: {B27DB9A6-DCE9-435F-B13A-9A6E55206B8E} - System32\Tasks\{57C8033F-ED4E-44A1-A6BF-FE137298D757} => C:\Users\Tom\Downloads\FreeRapid-0.86u1\frd.exe
Task: {B8BC4641-1AE3-4BDB-8E17-A3D3211FBD72} - System32\Tasks\{ADD6B716-615B-4D59-B5BE-69C40C0E4B7E} => E:\GAMES\Warthog\Rally Championship Xtreme\Rally.exe
Task: {E96F7A64-270A-4761-9BB0-1585B8624EF9} - System32\Tasks\{E6ADF29F-3280-4516-9B6E-793E9715B836} => C:\windows\system32\pcalua.exe -a C:\Users\Tom\Downloads\dotNetFx35setup(1).exe -d C:\Users\Tom\Downloads

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"HKLM\System\CurrentControlSet\Services\AppMgmt" => removed successfully
AppMgmt => service removed successfully
ALSysIO => Service stopped successfully.
"HKLM\System\CurrentControlSet\Services\ALSysIO" => removed successfully
ALSysIO => service removed successfully
"HKLM\System\CurrentControlSet\Services\catchme" => removed successfully
catchme => service removed successfully
"HKLM\System\CurrentControlSet\Services\CtClsFlt" => removed successfully
CtClsFlt => service removed successfully
C:\Users\Tom\Desktop\RSITx64.exe => moved successfully
C:\Users\Tom\Desktop\~WRL1736.tmp => moved successfully
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files" => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files" => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0ED482D1-5EFA-40C8-97AC-92DE84080780}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ED482D1-5EFA-40C8-97AC-92DE84080780}" => removed successfully
C:\windows\System32\Tasks\{8453E696-3F41-43F4-ABBD-D3722FACAFFC} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8453E696-3F41-43F4-ABBD-D3722FACAFFC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F0906D2-BB41-4B81-9C2D-2A229FFE194B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F0906D2-BB41-4B81-9C2D-2A229FFE194B}" => removed successfully
C:\windows\System32\Tasks\{6944A968-5A13-4494-AA26-14756A05E4B9} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6944A968-5A13-4494-AA26-14756A05E4B9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A390744-9EC3-410D-A8FB-FABF7C8C8D47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A390744-9EC3-410D-A8FB-FABF7C8C8D47}" => removed successfully
C:\windows\System32\Tasks\{A2BF6C48-AC2E-47B0-870A-B4674FB2F9C6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A2BF6C48-AC2E-47B0-870A-B4674FB2F9C6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F6EFC4D-7DC8-4A63-A0F6-8AE4FAD0EE5F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F6EFC4D-7DC8-4A63-A0F6-8AE4FAD0EE5F}" => removed successfully
C:\windows\System32\Tasks\{8CE12931-829B-49A0-93A6-6E519D273381} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8CE12931-829B-49A0-93A6-6E519D273381}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{355C1071-3993-4127-A893-C09B3F3C261C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{355C1071-3993-4127-A893-C09B3F3C261C}" => removed successfully
C:\windows\System32\Tasks\{E0ABC03A-E476-42F0-A720-81BC15FA6A27} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E0ABC03A-E476-42F0-A720-81BC15FA6A27}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{558C54A1-7EDF-4766-95CB-4AB6BF62438E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{558C54A1-7EDF-4766-95CB-4AB6BF62438E}" => removed successfully
C:\windows\System32\Tasks\{AC06B616-79BC-4895-8F44-4150DEF50A81} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AC06B616-79BC-4895-8F44-4150DEF50A81}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B3974E1-925D-4851-8BD8-9C03372DD766}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B3974E1-925D-4851-8BD8-9C03372DD766}" => removed successfully
C:\windows\System32\Tasks\{2D1483F0-C4C4-4F5A-BADC-93F96B2FE4ED} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D1483F0-C4C4-4F5A-BADC-93F96B2FE4ED}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EBD2115-8B51-4AD5-BA72-6084BFA12E83}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EBD2115-8B51-4AD5-BA72-6084BFA12E83}" => removed successfully
C:\windows\System32\Tasks\{1B09AFCF-D059-4836-BD91-F75E9260905D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1B09AFCF-D059-4836-BD91-F75E9260905D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E99EEAB-AD13-4E77-B9DE-3ED8CC267825}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E99EEAB-AD13-4E77-B9DE-3ED8CC267825}" => removed successfully
C:\windows\System32\Tasks\{475B6180-3305-4371-A6A7-A0B6C3013BF7} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{475B6180-3305-4371-A6A7-A0B6C3013BF7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{802ED491-9DAA-40B1-9B70-FF6CD0190A6B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{802ED491-9DAA-40B1-9B70-FF6CD0190A6B}" => removed successfully
C:\windows\System32\Tasks\{7BC455D8-F090-4642-911E-3ABF3612026A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7BC455D8-F090-4642-911E-3ABF3612026A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FAC9CAB-B2EA-48CD-9910-776E0970EF92}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FAC9CAB-B2EA-48CD-9910-776E0970EF92}" => removed successfully
C:\windows\System32\Tasks\{A366F92F-CBF8-4351-B119-47674AC5A47B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A366F92F-CBF8-4351-B119-47674AC5A47B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA906B77-B786-4B3F-9486-1C62E43A056B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA906B77-B786-4B3F-9486-1C62E43A056B}" => removed successfully
C:\windows\System32\Tasks\{5C838CFD-F1EE-4879-B06F-DA0A5B1EB07D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5C838CFD-F1EE-4879-B06F-DA0A5B1EB07D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC47D6B5-BE48-43E1-9D6D-6EEE6807137A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC47D6B5-BE48-43E1-9D6D-6EEE6807137A}" => removed successfully
C:\windows\System32\Tasks\{5E0F5161-30E6-4B7A-A5A7-7CB14C29237B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5E0F5161-30E6-4B7A-A5A7-7CB14C29237B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B27DB9A6-DCE9-435F-B13A-9A6E55206B8E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B27DB9A6-DCE9-435F-B13A-9A6E55206B8E}" => removed successfully
C:\windows\System32\Tasks\{57C8033F-ED4E-44A1-A6BF-FE137298D757} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57C8033F-ED4E-44A1-A6BF-FE137298D757}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8BC4641-1AE3-4BDB-8E17-A3D3211FBD72}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8BC4641-1AE3-4BDB-8E17-A3D3211FBD72}" => removed successfully
C:\windows\System32\Tasks\{ADD6B716-615B-4D59-B5BE-69C40C0E4B7E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ADD6B716-615B-4D59-B5BE-69C40C0E4B7E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E96F7A64-270A-4761-9BB0-1585B8624EF9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E96F7A64-270A-4761-9BB0-1585B8624EF9}" => removed successfully
C:\windows\System32\Tasks\{E6ADF29F-3280-4516-9B6E-793E9715B836} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E6ADF29F-3280-4516-9B6E-793E9715B836}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40153554 B
Java, Flash, Steam htmlcache => 222495354 B
Windows/system/drivers => 59845947 B
Edge => 0 B
Chrome => 78969603 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Tom => 22248977770 B
UpdatusUser => 0 B

RecycleBin => 10696 B
EmptyTemp: => 21.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:36:58 ====

Ahoj, tentokrát už všechno OK :)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu mého PC

#12 Příspěvek od Conder »

:arrow: Aka graficka karta je v PC? Aktualizuj NVIDIA ovladace - stiahni a nainstaluj aktualnu verziu z http://www.nvidia.com/drivers

:arrow: V PC je nainstalovana zastarala verzia Javy (Java 8 Update 111), odporucam odinstalovat. Ak Javu potrebujes, nainsntaluj aktualnu verziu (momentalne Java 8 Update 171) z https://java.com/en/download/

:arrow: Su este s PC nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomik258
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 kvě 2009 17:53

Re: Prosím o kontrolu logu mého PC

#13 Příspěvek od tomik258 »

Ahoj,

zmíněné ovladače aktualizovány. Díky moc.

PC běží dobře, také děkuji.

Poslední věc, čas od času mi vyskočí ve spodní liště aktualizace Adobe, které se automaticky spouští. Vyskočí pouze hláška že klepnutím se zobrazí průběh aktualizace. Aktualizace se nikdy nedokončí, vypadne chyba, že chybí klíč (HA KEY LOCAL MACHINE - něco takového) od programu Mozilla Firefox, který jsem v PC měl a nahradil ho Chrome - už před několika lety. Takže jestli se zbytky Mozilly promazaly teď při čištění, nebo tam ještě něco je?

Díky Tom

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu mého PC

#14 Příspěvek od Conder »

:arrow: Skus stiahnut a manualne nainstalovat aktualnu verziu Adobe Reader: https://get.adobe.com/sk/reader/otherversions/

:arrow: Ak by to stale ukazovalo ten error, tak urob a posli screenshot.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

tomik258
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 kvě 2009 17:53

Re: Prosím o kontrolu logu mého PC

#15 Příspěvek od tomik258 »

Ahoj,

teď jsem zapnul počítač a zrovna mi vyskočila ta automatická aktualizace, průběh neúspěšný, viz screen.

Obrázek

Poté jsem zkusit přes stránky podle odkazu co jsi posílal, šlo to do nějakých 57% pak vyskočila chyba viz screen

Obrázek
a

Obrázek

Zamčeno