Dobrý den, prosím o preventivní kontrolu logu, děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01
Ran by PC (administrator) on DESKTOP-LFV6924 (12-01-2019 15:44:39)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Electronic Arts) D:\Program files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
(NZXT) C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe
(NZXT) C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
() C:\Program Files (x86)\NZXT\CAM\CAM.Desktop.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(KYE) C:\Program Files (x86)\Genius\Manticore\MTHid.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(NZXT) C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Valve Corporation) D:\Program files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) D:\Program files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) D:\Program files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Valve Corporation) D:\Program files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1490624 2017-11-21] (COMODO)
HKLM-x32\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe -autostart
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Genius\Manticore\MThid.exe [292864 2014-01-23] (KYE)
HKLM-x32\...\Run: [LWS] => D:\Program files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3291072 2016-07-01] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [EpicGamesLauncher] => "D:\Program files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe [67662960 2018-11-07] (NZXT)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L)
HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [67072 2018-04-12] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech Inc.)
HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-09-06]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{2908ab1e-4065-4ed1-a74c-a18f1de39c9a}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3141721857-2675143599-3284954913-1001 -> hxxps://www.seznam.cz/
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.11.0_neutral__d55gg7py3s0m0 [2018-06-04]
Edge Extension: (BetterTTV) -> EdgeExtension_NightDevLLCBetterTTV_em2bntgxg4wdp => C:\Program Files\WindowsApps\NightDevLLC.BetterTTV_7.2.0.0_neutral__em2bntgxg4wdp [2017-09-28]
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2019-01-12]
CHR Extension: (Google Translate) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-03]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-03]
CHR Extension: (Dark YouTube Theme - Black YouTube & FB Skin) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\djhcepodfooinnfhfccmoeabagbjchhg [2018-08-23]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-04]
CHR Extension: (Tiësto) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh [2017-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-05]
CHR Extension: (Dark Theme for YouTube™) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaomggoeegeonccimekobnhkikoapog [2019-01-04]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8348064 2019-01-04] ()
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10880832 2017-11-21] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-11-21] (COMODO)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-01-04] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2018-12-05] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-05] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2017-04-05] (Rivet Networks)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program files (x86)\Origin\OriginClientService.exe [2270528 2018-12-04] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program files (x86)\Origin\OriginWebHelperService.exe [3131208 2018-12-04] (Electronic Arts)
S3 OverwolfUpdater; D:\Program files (x86)\Overwolf\OverwolfUpdater.exe [1450824 2017-09-10] (Overwolf LTD)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [379192 2015-03-20] (NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3335008 2015-03-20] (NETGATE Technologies s.r.o.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [148200 2017-04-03] (Rivet Networks, LLC.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44088 2017-11-17] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [833096 2017-11-17] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-11-17] (COMODO)
S3 cpuz138; C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2019-01-05] (CPUID) <==== ATTENTION
R3 cpuz147; C:\WINDOWS\temp\cpuz147\cpuz147_x64.sys [53848 2019-01-12] (CPUID)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164584 2017-03-14] (Qualcomm Atheros, Inc.)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-11-17] (COMODO)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_01c064f3d89f92be\nvlddmkm.sys [20424640 2018-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-11-03] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 SaiHFF04; C:\WINDOWS\system32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\WINDOWS\system32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2015-12-08] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51488 2015-12-08] (Saitek)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\NZXT\CAM\OpenHardwareMonitorLib.sys [14544 2019-01-12] (OpenLibSys.org)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [55704 2018-12-13] (Wellbia.com Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-12 15:44 - 2019-01-12 15:45 - 000018923 _____ C:\Users\PC\Desktop\FRST.txt
2019-01-12 15:43 - 2019-01-12 15:43 - 002425856 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2019-01-09 16:39 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 16:39 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 16:39 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 16:39 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 16:39 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 16:39 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 16:39 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 16:39 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 16:39 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 16:39 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 16:39 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 16:39 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 16:39 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 16:39 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 16:39 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 16:39 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 16:39 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 16:39 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 16:39 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 16:39 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 16:39 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 16:39 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 16:39 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 16:39 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 16:39 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 16:39 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 16:39 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 16:39 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 16:39 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 16:39 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 16:39 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 16:39 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 16:39 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 16:39 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 16:39 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 16:39 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 16:39 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 16:39 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 16:39 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 16:39 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 16:39 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 16:39 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 16:39 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 16:39 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 16:39 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 16:39 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 16:39 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 16:39 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 16:39 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 16:39 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 16:39 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 16:39 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 16:39 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 16:39 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-06 11:42 - 2019-01-06 11:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\Tencent
2019-01-06 01:11 - 2019-01-12 15:19 - 000003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2019-01-06 00:43 - 2019-01-06 00:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-01-06 00:42 - 2019-01-08 16:30 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-01-05 15:06 - 2019-01-12 15:21 - 000308736 _____ C:\WINDOWS\SysWOW64\NVAPIHelper.dll
2019-01-05 15:06 - 2019-01-12 15:21 - 000000000 ____D C:\Users\PC\AppData\Roaming\CAM
2019-01-05 15:06 - 2019-01-11 17:09 - 000003360 _____ C:\WINDOWS\System32\Tasks\CAM.Desktop
2019-01-05 15:06 - 2019-01-05 15:06 - 000001184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAM.lnk
2019-01-05 15:06 - 2019-01-05 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAM
2019-01-05 15:06 - 2019-01-05 15:06 - 000000000 ____D C:\Program Files (x86)\NZXT
2019-01-05 15:04 - 2019-01-05 15:06 - 000000000 __SHD C:\AI_RecycleBin
2019-01-04 22:14 - 2019-01-04 22:14 - 000000000 ____D C:\Users\PC\AppData\Local\BattlEye
2019-01-04 21:51 - 2019-01-04 21:51 - 000000222 _____ C:\Users\PC\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2019-01-04 21:42 - 2019-01-04 21:43 - 000000000 ____D C:\Users\PC\AppData\Local\QuantumBreak
2019-01-02 19:27 - 2019-01-02 19:27 - 000000222 _____ C:\Users\PC\Desktop\Middle-earth Shadow of War.url
2019-01-02 18:39 - 2019-01-02 18:39 - 000000222 _____ C:\Users\PC\Desktop\Quantum Break.url
2018-12-20 20:00 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 20:00 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 20:00 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 20:00 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 20:00 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 20:00 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 20:00 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 20:00 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 20:00 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 20:00 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 20:00 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 20:00 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 20:00 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 20:00 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 20:00 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 20:00 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 20:00 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 00:20 - 2018-12-20 00:20 - 000003472 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-20 00:20 - 2018-12-20 00:20 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-13 18:54 - 2018-12-13 18:55 - 000000000 ____D C:\Program Files\CCleaner
2018-12-13 18:54 - 2018-12-13 18:54 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-13 18:54 - 2018-12-13 18:54 - 000002882 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-13 18:54 - 2018-12-13 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-13 10:09 - 2018-12-13 10:09 - 000012300 _____ C:\ProgramData\wsmievvg.cpx
2018-12-13 10:09 - 2018-12-13 10:09 - 000000000 _____ C:\ProgramData\1523053137
2018-12-13 08:38 - 2018-12-13 08:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-12-13 08:30 - 2018-12-13 08:30 - 000000000 ____D C:\WINDOWS\pss
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-12 15:44 - 2016-06-20 17:04 - 000000000 ____D C:\FRST
2019-01-12 15:39 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-12 15:26 - 2018-05-14 15:55 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-12 15:26 - 2018-04-12 16:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-12 15:26 - 2018-04-12 16:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-12 15:26 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-12 15:24 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-12 15:22 - 2017-04-23 10:22 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-12 15:20 - 2018-05-14 15:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-12 15:19 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-12 15:15 - 2018-05-14 15:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-10 04:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-10 04:57 - 2018-05-14 15:46 - 000000000 ____D C:\Users\PC
2019-01-09 19:25 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 19:25 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 16:41 - 2016-04-01 11:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 16:40 - 2016-04-01 11:29 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-08 18:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-06 17:29 - 2016-04-01 11:11 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2019-01-06 17:20 - 2016-04-02 19:31 - 000000000 ____D C:\Users\PC\AppData\Local\Ubisoft Game Launcher
2019-01-06 01:17 - 2018-06-03 03:05 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2019-01-06 00:42 - 2018-05-14 15:50 - 000003358 _____ C:\WINDOWS\System32\Tasks\GIGABYTE OC GURU
2019-01-06 00:42 - 2016-04-01 16:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-06 00:42 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-05 22:30 - 2016-04-02 15:21 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2019-01-05 15:15 - 2016-04-01 17:01 - 000000000 ____D C:\ProgramData\Intel
2019-01-05 15:06 - 2016-04-01 17:01 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-05 15:05 - 2016-04-01 11:19 - 000000000 ____D C:\Users\PC\AppData\Roaming\NZXT
2019-01-05 14:44 - 2018-05-14 15:50 - 000003254 _____ C:\WINDOWS\System32\Tasks\CAM
2019-01-05 14:09 - 2016-04-10 13:21 - 000000000 ____D C:\ProgramData\Origin
2019-01-05 13:58 - 2016-04-10 13:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\Origin
2019-01-05 02:34 - 2016-04-01 16:55 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-05 02:05 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-04 21:44 - 2016-04-06 17:33 - 000000000 ____D C:\Users\PC\AppData\Local\WB Games
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-21 16:23 - 2018-06-30 11:36 - 000000000 ____D C:\Users\PC\AppData\Local\Spotify
2018-12-21 15:05 - 2017-09-02 07:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\obs-studio
2018-12-21 14:53 - 2018-06-30 11:36 - 000000000 ____D C:\Users\PC\AppData\Roaming\Spotify
2018-12-20 09:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-12-13 20:17 - 2016-04-03 08:29 - 000000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2018-12-13 10:09 - 2016-04-02 21:19 - 000055704 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2018-12-13 09:46 - 2016-04-02 19:43 - 000000000 ____D C:\Users\PC\AppData\Local\BlackDesertOnline
==================== Files in the root of some directories =======
2016-07-24 07:40 - 2017-09-06 21:11 - 000000000 _____ () C:\Users\PC\AppData\Local\Driver_LOM_8171Present.flag
2017-08-02 15:48 - 2017-08-02 15:48 - 000000291 _____ () C:\Users\PC\AppData\Local\ledConfiguration.config
2018-11-26 16:44 - 2018-11-26 16:44 - 000023594 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2016-07-14 18:03 - 2016-07-14 18:03 - 000007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2019-01-04 22:14 - 2019-01-04 22:14 - 000000180 _____ () C:\Users\PC\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2019-01-04 22:14 - 2019-01-06 20:43 - 000000017 _____ () C:\Users\PC\AppData\Local\Temp\c20f0e1b74ffff6915ec15271621c058.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-14 15:43
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o preventivní kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
prosím o preventivní kontrolu logu
- Přílohy
-
- Addition.rar
- (18 KiB) Staženo 75 x
Re: prosím o preventivní kontrolu logu
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, klikni na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, klikni na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: prosím o preventivní kontrolu logu
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-12-2019
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\PC\AppData\Roaming\Tencent
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1242 octets] - [11/06/2018 18:25:52]
AdwCleaner[S01].txt - [1303 octets] - [11/06/2018 18:32:29]
AdwCleaner[C01].txt - [1489 octets] - [11/06/2018 18:35:20]
AdwCleaner[S02].txt - [1473 octets] - [09/12/2018 22:17:06]
AdwCleaner[C02].txt - [1639 octets] - [09/12/2018 22:17:56]
AdwCleaner[S03].txt - [1595 octets] - [12/01/2019 16:47:06]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-12-2019
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\PC\AppData\Roaming\Tencent
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1242 octets] - [11/06/2018 18:25:52]
AdwCleaner[S01].txt - [1303 octets] - [11/06/2018 18:32:29]
AdwCleaner[C01].txt - [1489 octets] - [11/06/2018 18:35:20]
AdwCleaner[S02].txt - [1473 octets] - [09/12/2018 22:17:06]
AdwCleaner[C02].txt - [1639 octets] - [09/12/2018 22:17:56]
AdwCleaner[S03].txt - [1595 octets] - [12/01/2019 16:47:06]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
Re: prosím o preventivní kontrolu logu
poprosim o nove logy z FRST a ADDITION
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: prosím o preventivní kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01
Ran by PC (administrator) on DESKTOP-LFV6924 (12-01-2019 16:58:47)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Electronic Arts) D:\Program files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(KYE) C:\Program Files (x86)\Genius\Manticore\MTHid.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MpCmdRun.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.283.2815.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1490624 2017-11-21] (COMODO)
HKLM-x32\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe -autostart
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Genius\Manticore\MThid.exe [292864 2014-01-23] (KYE)
HKLM-x32\...\Run: [LWS] => D:\Program files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3291072 2016-07-01] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [EpicGamesLauncher] => "D:\Program files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe [67662960 2018-11-07] (NZXT)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L)
HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [67072 2018-04-12] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech Inc.)
HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-09-06]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{2908ab1e-4065-4ed1-a74c-a18f1de39c9a}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3141721857-2675143599-3284954913-1001 -> hxxps://www.seznam.cz/
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.11.0_neutral__d55gg7py3s0m0 [2018-06-04]
Edge Extension: (BetterTTV) -> EdgeExtension_NightDevLLCBetterTTV_em2bntgxg4wdp => C:\Program Files\WindowsApps\NightDevLLC.BetterTTV_7.2.0.0_neutral__em2bntgxg4wdp [2017-09-28]
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2019-01-12]
CHR Extension: (Google Translate) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-03]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-03]
CHR Extension: (Dark YouTube Theme - Black YouTube & FB Skin) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\djhcepodfooinnfhfccmoeabagbjchhg [2018-08-23]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-04]
CHR Extension: (Tiësto) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh [2017-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-05]
CHR Extension: (Dark Theme for YouTube™) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaomggoeegeonccimekobnhkikoapog [2019-01-12]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8348064 2019-01-04] ()
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10880832 2017-11-21] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-11-21] (COMODO)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-01-04] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2018-12-05] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-05] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2017-04-05] (Rivet Networks)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program files (x86)\Origin\OriginClientService.exe [2270528 2018-12-04] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program files (x86)\Origin\OriginWebHelperService.exe [3131208 2018-12-04] (Electronic Arts)
S3 OverwolfUpdater; D:\Program files (x86)\Overwolf\OverwolfUpdater.exe [1450824 2017-09-10] (Overwolf LTD)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [379192 2015-03-20] (NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3335008 2015-03-20] (NETGATE Technologies s.r.o.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [148200 2017-04-03] (Rivet Networks, LLC.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44088 2017-11-17] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [833096 2017-11-17] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-11-17] (COMODO)
R3 cpuz147; C:\WINDOWS\temp\cpuz147\cpuz147_x64.sys [53848 2019-01-12] (CPUID)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164584 2017-03-14] (Qualcomm Atheros, Inc.)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-11-17] (COMODO)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_01c064f3d89f92be\nvlddmkm.sys [20424640 2018-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-11-03] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 SaiHFF04; C:\WINDOWS\system32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\WINDOWS\system32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2015-12-08] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51488 2015-12-08] (Saitek)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\NZXT\CAM\OpenHardwareMonitorLib.sys [14544 2019-01-12] (OpenLibSys.org)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [55704 2018-12-13] (Wellbia.com Co., Ltd.)
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-12 16:42 - 2019-01-12 16:42 - 007320272 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.6.0.exe
2019-01-12 15:48 - 2019-01-12 15:48 - 000018435 _____ C:\Users\PC\Desktop\Addition.rar
2019-01-12 15:46 - 2019-01-12 15:47 - 000080225 _____ C:\Users\PC\Desktop\Addition.txt
2019-01-12 15:44 - 2019-01-12 16:59 - 000018333 _____ C:\Users\PC\Desktop\FRST.txt
2019-01-12 15:43 - 2019-01-12 15:43 - 002425856 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2019-01-12 15:25 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-09 16:39 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 16:39 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 16:39 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 16:39 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 16:39 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 16:39 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 16:39 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 16:39 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 16:39 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 16:39 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 16:39 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 16:39 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 16:39 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 16:39 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 16:39 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 16:39 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 16:39 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 16:39 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 16:39 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 16:39 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 16:39 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 16:39 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 16:39 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 16:39 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 16:39 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 16:39 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 16:39 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 16:39 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 16:39 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 16:39 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 16:39 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 16:39 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 16:39 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 16:39 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 16:39 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 16:39 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 16:39 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 16:39 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 16:39 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 16:39 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 16:39 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 16:39 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 16:39 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 16:39 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 16:39 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 16:39 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 16:39 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 16:39 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 16:39 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 16:39 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 16:39 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 16:39 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 16:39 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 16:39 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-06 01:11 - 2019-01-12 15:57 - 000003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2019-01-06 00:43 - 2019-01-06 00:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-01-06 00:42 - 2019-01-08 16:30 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-01-05 15:06 - 2019-01-12 16:51 - 000000000 ____D C:\Users\PC\AppData\Roaming\CAM
2019-01-05 15:06 - 2019-01-12 16:49 - 000308736 _____ C:\WINDOWS\SysWOW64\NVAPIHelper.dll
2019-01-05 15:06 - 2019-01-11 17:09 - 000003360 _____ C:\WINDOWS\System32\Tasks\CAM.Desktop
2019-01-05 15:06 - 2019-01-05 15:06 - 000001184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAM.lnk
2019-01-05 15:06 - 2019-01-05 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAM
2019-01-05 15:06 - 2019-01-05 15:06 - 000000000 ____D C:\Program Files (x86)\NZXT
2019-01-05 15:04 - 2019-01-05 15:06 - 000000000 __SHD C:\AI_RecycleBin
2019-01-04 22:14 - 2019-01-04 22:14 - 000000000 ____D C:\Users\PC\AppData\Local\BattlEye
2019-01-04 21:51 - 2019-01-04 21:51 - 000000222 _____ C:\Users\PC\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2019-01-04 21:42 - 2019-01-04 21:43 - 000000000 ____D C:\Users\PC\AppData\Local\QuantumBreak
2019-01-02 19:27 - 2019-01-02 19:27 - 000000222 _____ C:\Users\PC\Desktop\Middle-earth Shadow of War.url
2019-01-02 18:39 - 2019-01-02 18:39 - 000000222 _____ C:\Users\PC\Desktop\Quantum Break.url
2018-12-20 20:00 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 20:00 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 20:00 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 20:00 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 20:00 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 20:00 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 20:00 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 20:00 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 20:00 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 20:00 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 20:00 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 20:00 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 20:00 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 20:00 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 20:00 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 20:00 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 20:00 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 00:20 - 2018-12-20 00:20 - 000003472 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-20 00:20 - 2018-12-20 00:20 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-13 18:54 - 2018-12-13 18:55 - 000000000 ____D C:\Program Files\CCleaner
2018-12-13 18:54 - 2018-12-13 18:54 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-13 18:54 - 2018-12-13 18:54 - 000002882 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-13 18:54 - 2018-12-13 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-13 10:09 - 2018-12-13 10:09 - 000012300 _____ C:\ProgramData\wsmievvg.cpx
2018-12-13 10:09 - 2018-12-13 10:09 - 000000000 _____ C:\ProgramData\1523053137
2018-12-13 08:38 - 2018-12-13 08:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-12-13 08:30 - 2018-12-13 08:30 - 000000000 ____D C:\WINDOWS\pss
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-12 16:58 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-12 16:58 - 2016-06-20 17:04 - 000000000 ____D C:\FRST
2019-01-12 16:55 - 2018-05-14 15:55 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-12 16:55 - 2018-04-12 16:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-12 16:55 - 2018-04-12 16:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-12 16:55 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-12 16:51 - 2017-04-23 10:22 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-12 16:48 - 2018-05-14 15:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-12 16:47 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-12 15:52 - 2016-04-02 15:21 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2019-01-12 15:39 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-12 15:15 - 2018-05-14 15:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-10 04:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-10 04:57 - 2018-05-14 15:46 - 000000000 ____D C:\Users\PC
2019-01-09 19:25 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 19:25 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 16:41 - 2016-04-01 11:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 16:40 - 2016-04-01 11:29 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-08 18:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-06 17:29 - 2016-04-01 11:11 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2019-01-06 17:20 - 2016-04-02 19:31 - 000000000 ____D C:\Users\PC\AppData\Local\Ubisoft Game Launcher
2019-01-06 01:17 - 2018-06-03 03:05 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2019-01-06 00:42 - 2018-05-14 15:50 - 000003358 _____ C:\WINDOWS\System32\Tasks\GIGABYTE OC GURU
2019-01-06 00:42 - 2016-04-01 16:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-06 00:42 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-05 15:15 - 2016-04-01 17:01 - 000000000 ____D C:\ProgramData\Intel
2019-01-05 15:06 - 2016-04-01 17:01 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-05 15:05 - 2016-04-01 11:19 - 000000000 ____D C:\Users\PC\AppData\Roaming\NZXT
2019-01-05 14:44 - 2018-05-14 15:50 - 000003254 _____ C:\WINDOWS\System32\Tasks\CAM
2019-01-05 14:09 - 2016-04-10 13:21 - 000000000 ____D C:\ProgramData\Origin
2019-01-05 13:58 - 2016-04-10 13:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\Origin
2019-01-05 02:34 - 2016-04-01 16:55 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-05 02:05 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-04 21:44 - 2016-04-06 17:33 - 000000000 ____D C:\Users\PC\AppData\Local\WB Games
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-21 16:23 - 2018-06-30 11:36 - 000000000 ____D C:\Users\PC\AppData\Local\Spotify
2018-12-21 15:05 - 2017-09-02 07:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\obs-studio
2018-12-21 14:53 - 2018-06-30 11:36 - 000000000 ____D C:\Users\PC\AppData\Roaming\Spotify
2018-12-20 09:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-12-13 20:17 - 2016-04-03 08:29 - 000000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2018-12-13 10:09 - 2016-04-02 21:19 - 000055704 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2018-12-13 09:46 - 2016-04-02 19:43 - 000000000 ____D C:\Users\PC\AppData\Local\BlackDesertOnline
==================== Files in the root of some directories =======
2016-07-24 07:40 - 2017-09-06 21:11 - 000000000 _____ () C:\Users\PC\AppData\Local\Driver_LOM_8171Present.flag
2017-08-02 15:48 - 2017-08-02 15:48 - 000000291 _____ () C:\Users\PC\AppData\Local\ledConfiguration.config
2018-11-26 16:44 - 2018-11-26 16:44 - 000023594 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2016-07-14 18:03 - 2016-07-14 18:03 - 000007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-14 15:43
==================== End of FRST.txt ============================
Ran by PC (administrator) on DESKTOP-LFV6924 (12-01-2019 16:58:47)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Electronic Arts) D:\Program files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(KYE) C:\Program Files (x86)\Genius\Manticore\MTHid.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MpCmdRun.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.283.2815.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1490624 2017-11-21] (COMODO)
HKLM-x32\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe -autostart
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Genius\Manticore\MThid.exe [292864 2014-01-23] (KYE)
HKLM-x32\...\Run: [LWS] => D:\Program files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3291072 2016-07-01] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [EpicGamesLauncher] => "D:\Program files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe [67662960 2018-11-07] (NZXT)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L)
HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [67072 2018-04-12] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech Inc.)
HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2017-09-06]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OC_GURU – zástupce.lnk [2017-10-09]
ShortcutTarget: OC_GURU – zástupce.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{2908ab1e-4065-4ed1-a74c-a18f1de39c9a}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3141721857-2675143599-3284954913-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3141721857-2675143599-3284954913-1001 -> hxxps://www.seznam.cz/
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.11.0_neutral__d55gg7py3s0m0 [2018-06-04]
Edge Extension: (BetterTTV) -> EdgeExtension_NightDevLLCBetterTTV_em2bntgxg4wdp => C:\Program Files\WindowsApps\NightDevLLC.BetterTTV_7.2.0.0_neutral__em2bntgxg4wdp [2017-09-28]
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2019-01-12]
CHR Extension: (Google Translate) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-03]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-03]
CHR Extension: (Dark YouTube Theme - Black YouTube & FB Skin) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\djhcepodfooinnfhfccmoeabagbjchhg [2018-08-23]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-04]
CHR Extension: (Tiësto) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh [2017-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-05]
CHR Extension: (Dark Theme for YouTube™) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaomggoeegeonccimekobnhkikoapog [2019-01-12]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8348064 2019-01-04] ()
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10880832 2017-11-21] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-11-21] (COMODO)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-01-04] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2018-12-05] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-05] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2017-04-05] (Rivet Networks)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program files (x86)\Origin\OriginClientService.exe [2270528 2018-12-04] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program files (x86)\Origin\OriginWebHelperService.exe [3131208 2018-12-04] (Electronic Arts)
S3 OverwolfUpdater; D:\Program files (x86)\Overwolf\OverwolfUpdater.exe [1450824 2017-09-10] (Overwolf LTD)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [379192 2015-03-20] (NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3335008 2015-03-20] (NETGATE Technologies s.r.o.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [148200 2017-04-03] (Rivet Networks, LLC.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44088 2017-11-17] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [833096 2017-11-17] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-11-17] (COMODO)
R3 cpuz147; C:\WINDOWS\temp\cpuz147\cpuz147_x64.sys [53848 2019-01-12] (CPUID)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164584 2017-03-14] (Qualcomm Atheros, Inc.)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-11-17] (COMODO)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_01c064f3d89f92be\nvlddmkm.sys [20424640 2018-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-11-03] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 SaiHFF04; C:\WINDOWS\system32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\WINDOWS\system32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2015-12-08] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51488 2015-12-08] (Saitek)
R1 SpyEmrg; C:\WINDOWS\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\NZXT\CAM\OpenHardwareMonitorLib.sys [14544 2019-01-12] (OpenLibSys.org)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [55704 2018-12-13] (Wellbia.com Co., Ltd.)
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-12 16:42 - 2019-01-12 16:42 - 007320272 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.6.0.exe
2019-01-12 15:48 - 2019-01-12 15:48 - 000018435 _____ C:\Users\PC\Desktop\Addition.rar
2019-01-12 15:46 - 2019-01-12 15:47 - 000080225 _____ C:\Users\PC\Desktop\Addition.txt
2019-01-12 15:44 - 2019-01-12 16:59 - 000018333 _____ C:\Users\PC\Desktop\FRST.txt
2019-01-12 15:43 - 2019-01-12 15:43 - 002425856 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2019-01-12 15:25 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-09 16:39 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 16:39 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 16:39 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 16:39 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 16:39 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 16:39 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 16:39 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 16:39 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 16:39 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 16:39 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 16:39 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 16:39 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 16:39 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 16:39 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 16:39 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 16:39 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 16:39 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 16:39 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 16:39 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 16:39 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 16:39 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 16:39 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 16:39 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 16:39 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 16:39 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 16:39 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 16:39 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 16:39 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 16:39 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 16:39 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 16:39 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 16:39 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 16:39 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 16:39 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 16:39 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 16:39 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 16:39 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 16:39 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 16:39 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 16:39 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 16:39 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 16:39 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 16:39 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 16:39 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 16:39 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 16:39 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 16:39 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 16:39 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 16:39 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 16:39 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 16:39 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 16:39 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 16:39 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 16:39 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 16:39 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 16:39 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 16:39 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 16:39 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 16:39 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 16:39 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 16:39 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-06 01:11 - 2019-01-12 15:57 - 000003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2019-01-06 00:43 - 2019-01-06 00:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-01-06 00:42 - 2019-01-08 16:30 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-01-05 15:06 - 2019-01-12 16:51 - 000000000 ____D C:\Users\PC\AppData\Roaming\CAM
2019-01-05 15:06 - 2019-01-12 16:49 - 000308736 _____ C:\WINDOWS\SysWOW64\NVAPIHelper.dll
2019-01-05 15:06 - 2019-01-11 17:09 - 000003360 _____ C:\WINDOWS\System32\Tasks\CAM.Desktop
2019-01-05 15:06 - 2019-01-05 15:06 - 000001184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAM.lnk
2019-01-05 15:06 - 2019-01-05 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAM
2019-01-05 15:06 - 2019-01-05 15:06 - 000000000 ____D C:\Program Files (x86)\NZXT
2019-01-05 15:04 - 2019-01-05 15:06 - 000000000 __SHD C:\AI_RecycleBin
2019-01-04 22:14 - 2019-01-04 22:14 - 000000000 ____D C:\Users\PC\AppData\Local\BattlEye
2019-01-04 21:51 - 2019-01-04 21:51 - 000000222 _____ C:\Users\PC\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2019-01-04 21:42 - 2019-01-04 21:43 - 000000000 ____D C:\Users\PC\AppData\Local\QuantumBreak
2019-01-02 19:27 - 2019-01-02 19:27 - 000000222 _____ C:\Users\PC\Desktop\Middle-earth Shadow of War.url
2019-01-02 18:39 - 2019-01-02 18:39 - 000000222 _____ C:\Users\PC\Desktop\Quantum Break.url
2018-12-20 20:00 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 20:00 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 20:00 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 20:00 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 20:00 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 20:00 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 20:00 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 20:00 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 20:00 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 20:00 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 20:00 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 20:00 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 20:00 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 20:00 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 20:00 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 20:00 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 20:00 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 00:20 - 2018-12-20 00:20 - 000003472 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-20 00:20 - 2018-12-20 00:20 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-13 18:54 - 2018-12-13 18:55 - 000000000 ____D C:\Program Files\CCleaner
2018-12-13 18:54 - 2018-12-13 18:54 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-13 18:54 - 2018-12-13 18:54 - 000002882 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-13 18:54 - 2018-12-13 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-13 10:09 - 2018-12-13 10:09 - 000012300 _____ C:\ProgramData\wsmievvg.cpx
2018-12-13 10:09 - 2018-12-13 10:09 - 000000000 _____ C:\ProgramData\1523053137
2018-12-13 08:38 - 2018-12-13 08:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-12-13 08:30 - 2018-12-13 08:30 - 000000000 ____D C:\WINDOWS\pss
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-12 16:58 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-12 16:58 - 2016-06-20 17:04 - 000000000 ____D C:\FRST
2019-01-12 16:55 - 2018-05-14 15:55 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-12 16:55 - 2018-04-12 16:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-12 16:55 - 2018-04-12 16:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-12 16:55 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-12 16:51 - 2017-04-23 10:22 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-12 16:48 - 2018-05-14 15:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-12 16:47 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-12 15:52 - 2016-04-02 15:21 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2019-01-12 15:39 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-12 15:15 - 2018-05-14 15:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-10 04:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-10 04:57 - 2018-05-14 15:46 - 000000000 ____D C:\Users\PC
2019-01-09 19:25 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 19:25 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 16:41 - 2016-04-01 11:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 16:40 - 2016-04-01 11:29 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-08 18:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-06 17:29 - 2016-04-01 11:11 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2019-01-06 17:20 - 2016-04-02 19:31 - 000000000 ____D C:\Users\PC\AppData\Local\Ubisoft Game Launcher
2019-01-06 01:17 - 2018-06-03 03:05 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2019-01-06 00:42 - 2018-05-14 15:50 - 000003358 _____ C:\WINDOWS\System32\Tasks\GIGABYTE OC GURU
2019-01-06 00:42 - 2016-04-01 16:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-06 00:42 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-05 15:15 - 2016-04-01 17:01 - 000000000 ____D C:\ProgramData\Intel
2019-01-05 15:06 - 2016-04-01 17:01 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-05 15:05 - 2016-04-01 11:19 - 000000000 ____D C:\Users\PC\AppData\Roaming\NZXT
2019-01-05 14:44 - 2018-05-14 15:50 - 000003254 _____ C:\WINDOWS\System32\Tasks\CAM
2019-01-05 14:09 - 2016-04-10 13:21 - 000000000 ____D C:\ProgramData\Origin
2019-01-05 13:58 - 2016-04-10 13:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\Origin
2019-01-05 02:34 - 2016-04-01 16:55 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-05 02:05 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-04 21:44 - 2016-04-06 17:33 - 000000000 ____D C:\Users\PC\AppData\Local\WB Games
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-21 16:23 - 2018-06-30 11:36 - 000000000 ____D C:\Users\PC\AppData\Local\Spotify
2018-12-21 15:05 - 2017-09-02 07:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\obs-studio
2018-12-21 14:53 - 2018-06-30 11:36 - 000000000 ____D C:\Users\PC\AppData\Roaming\Spotify
2018-12-20 09:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-12-13 20:17 - 2016-04-03 08:29 - 000000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2018-12-13 10:09 - 2016-04-02 21:19 - 000055704 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2018-12-13 09:46 - 2016-04-02 19:43 - 000000000 ____D C:\Users\PC\AppData\Local\BlackDesertOnline
==================== Files in the root of some directories =======
2016-07-24 07:40 - 2017-09-06 21:11 - 000000000 _____ () C:\Users\PC\AppData\Local\Driver_LOM_8171Present.flag
2017-08-02 15:48 - 2017-08-02 15:48 - 000000291 _____ () C:\Users\PC\AppData\Local\ledConfiguration.config
2018-11-26 16:44 - 2018-11-26 16:44 - 000023594 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2016-07-14 18:03 - 2016-07-14 18:03 - 000007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-14 15:43
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (17.75 KiB) Staženo 79 x
Re: prosím o preventivní kontrolu logu
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
CloseProcesses:
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
AlternateDataStreams: C:\Users\PC\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [362]
AlternateDataStreams: C:\Users\PC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [362]
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: prosím o preventivní kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Ran by PC (12-01-2019 17:23:51) Run:6
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
AlternateDataStreams: C:\Users\PC\Data aplikac�:00e481b5e22dbe1f649fcddd505d3eb7 [362]
AlternateDataStreams: C:\Users\PC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [362]
*****************
Processes closed successfully.
HKLM\System\CurrentControlSet\Services\cpuz138 => removed successfully
cpuz138 => service removed successfully
"C:\Users\PC\Data aplikac�" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\PC\AppData\Roaming => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
The system needed a reboot.
==== End of Fixlog 17:23:53 ====
Ran by PC (12-01-2019 17:23:51) Run:6
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
AlternateDataStreams: C:\Users\PC\Data aplikac�:00e481b5e22dbe1f649fcddd505d3eb7 [362]
AlternateDataStreams: C:\Users\PC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [362]
*****************
Processes closed successfully.
HKLM\System\CurrentControlSet\Services\cpuz138 => removed successfully
cpuz138 => service removed successfully
"C:\Users\PC\Data aplikac�" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\PC\AppData\Roaming => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
The system needed a reboot.
==== End of Fixlog 17:23:53 ====
Re: prosím o preventivní kontrolu logu
ako je na tom pocitac ?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: prosím o preventivní kontrolu logu
Dnes těsně před a po aktualizaci windows byl systém dost zpomalený, ale už je to o něco lepší.
Re: prosím o preventivní kontrolu logu
Takze je to uz ok ?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: prosím o preventivní kontrolu logu
Ano, děkuji moc za pomoc.
Re: prosím o preventivní kontrolu logu
Za malicko 
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?