Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
levely
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 20 pro 2008 19:13
Kontaktovat uživatele:

Prosím o kontrolu logu

#1 Příspěvek od levely »

Dobrý den, prosím o kontrolu logu:

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by Aroma (administrator) on DESKTOP-95LATAG (01-02-2019 15:37:28)
Running from C:\Users\Aroma\Desktop
Loaded Profiles: Aroma (Available Profiles: Aroma)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_150c36a550ed11f0\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_150c36a550ed11f0\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-08] (AVAST Software)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-08] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-21-252021171-555059243-3660194029-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-05] (Valve Corporation)
HKU\S-1-5-21-252021171-555059243-3660194029-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-19] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 188.175.121.1 188.175.121.2 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{f762c711-54f1-43cb-8c4f-6ea4f6b0b656}: [DhcpNameServer] 188.175.121.1 188.175.121.2 8.8.8.8 192.168.1.1

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2019-02-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2019-02-01] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: dwt5a2xw.default
FF ProfilePath: C:\Users\Aroma\AppData\Roaming\Mozilla\Firefox\Profiles\dwt5a2xw.default [2019-02-01]
FF Homepage: Mozilla\Firefox\Profiles\dwt5a2xw.default -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Aroma\AppData\Roaming\Mozilla\Firefox\Profiles\dwt5a2xw.default\Extensions\sp@avast.com.xpi [2018-12-19]
FF Extension: (uBlock Origin) - C:\Users\Aroma\AppData\Roaming\Mozilla\Firefox\Profiles\dwt5a2xw.default\Extensions\uBlock0@raymondhill.net.xpi [2019-01-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2019-02-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2019-02-01] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default [2019-02-01]
CHR Extension: (Dokumenty) - C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-10]
CHR Extension: (Disk Google) - C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-10]
CHR Extension: (YouTube) - C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-29]
CHR Extension: (Avast Online Security) - C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-11]
CHR Extension: (Gmail) - C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-10]
CHR Extension: (Chrome Media Router) - C:\Users\Aroma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-08] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-08] (AVAST Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787336 2018-12-06] (NVIDIA Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-08] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-08] (AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-08] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-08] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-08] (AVAST Software)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5db32447b43ce666\nvlddmkm.sys [20461984 2019-01-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-01 15:37 - 2019-02-01 15:37 - 000014822 _____ C:\Users\Aroma\Desktop\FRST.txt
2019-02-01 15:36 - 2019-02-01 15:37 - 000000000 ____D C:\FRST
2019-02-01 15:35 - 2019-02-01 15:35 - 002428928 _____ (Farbar) C:\Users\Aroma\Desktop\FRST64.exe
2019-02-01 15:34 - 2019-02-01 15:34 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-02-01 15:34 - 2019-02-01 15:34 - 000000000 ____D C:\Users\Aroma\AppData\Roaming\Sun
2019-02-01 15:34 - 2019-02-01 15:34 - 000000000 ____D C:\ProgramData\Oracle
2019-02-01 15:34 - 2019-02-01 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-02-01 15:34 - 2019-02-01 15:34 - 000000000 ____D C:\Program Files (x86)\Java
2019-02-01 15:29 - 2019-02-01 15:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-01 15:29 - 2019-02-01 15:29 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-02-01 15:29 - 2019-02-01 15:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-01 15:29 - 2019-02-01 15:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-01 15:13 - 2019-02-01 15:13 - 045607392 _____ (Mozilla) C:\Users\Aroma\Downloads\Firefox Setup 65.0.exe
2019-02-01 15:12 - 2019-02-01 15:12 - 000321936 _____ (Mozilla) C:\Users\Aroma\Downloads\Firefox Installer (1).exe
2019-01-31 17:51 - 2019-01-31 19:34 - 1138060490 _____ C:\Users\Aroma\Downloads\Babylon Berlin 3+4 CZ.avi
2019-01-31 17:13 - 2019-01-31 17:13 - 000000000 ____D C:\ProgramData\Mozilla
2019-01-27 19:06 - 2019-01-27 20:18 - 797905490 _____ C:\Users\Aroma\Downloads\Babylon Berlín 03 Xvid⍟ℋ.avi
2019-01-24 16:55 - 2019-01-24 17:56 - 678873586 _____ C:\Users\Aroma\Downloads\Bufo Alvarius (2017) ČR.mp4
2019-01-21 14:47 - 2019-01-11 10:31 - 000133328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2019-01-21 14:44 - 2019-01-12 05:05 - 000978336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-01-21 14:44 - 2019-01-12 05:05 - 000978336 _____ C:\Windows\system32\vulkan-1.dll
2019-01-21 14:44 - 2019-01-12 05:05 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-01-21 14:44 - 2019-01-12 05:05 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-01-21 14:44 - 2019-01-12 05:05 - 000552536 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-01-21 14:44 - 2019-01-12 05:05 - 000456848 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-01-21 14:44 - 2019-01-12 05:05 - 000268192 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-01-21 14:44 - 2019-01-12 05:05 - 000268192 _____ C:\Windows\system32\vulkaninfo.exe
2019-01-21 14:44 - 2019-01-12 05:05 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-01-21 14:44 - 2019-01-12 05:05 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-01-21 14:44 - 2019-01-12 05:04 - 004946232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 004316304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 002018392 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441771.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 002003600 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 001512352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441771.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 001461152 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 001126544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 000750520 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 000631896 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 000609368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2019-01-21 14:44 - 2019-01-12 05:04 - 000521688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-01-21 14:44 - 2019-01-12 05:03 - 040262912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-01-21 14:44 - 2019-01-12 05:03 - 035158736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-01-21 14:44 - 2019-01-12 01:03 - 015911384 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 013205768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 001471424 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 001462024 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 001167584 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 001151984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 001145536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 000914400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 000822392 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 000794448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-01-21 14:44 - 2019-01-12 01:02 - 000637664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-01-21 14:44 - 2019-01-12 01:01 - 019717352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-01-21 14:44 - 2019-01-12 01:01 - 016993240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-01-21 14:44 - 2019-01-12 01:01 - 004260704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-01-21 14:40 - 2019-01-21 14:40 - 000018536 _____ C:\Users\Aroma\Documents\cc_20190121_144037.reg
2019-01-19 17:23 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-01-14 18:21 - 2019-01-14 18:21 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-09 17:42 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 17:42 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 17:42 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-01-09 17:42 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-01-09 17:42 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-01-09 17:42 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 17:42 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:42 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 17:42 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-01-09 17:42 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-01-09 17:42 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 17:42 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-01-09 17:42 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-01-09 17:42 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-01-09 17:42 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 17:42 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:42 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-01-09 17:42 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 17:42 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-01-09 17:42 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-01-09 17:42 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 17:42 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-01-09 17:42 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 17:41 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-01-09 17:41 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\windowslivelogin.dll
2019-01-09 17:41 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2019-01-09 17:41 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
2019-01-09 17:41 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-01-09 17:41 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowslivelogin.dll
2019-01-09 17:41 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2019-01-09 17:41 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2019-01-09 17:41 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-01-09 17:41 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-01-09 17:41 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-01-09 17:41 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-01-09 17:41 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2019-01-09 17:41 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-01-09 17:41 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 17:41 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 17:41 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 17:41 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-01-09 17:41 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-01-09 17:41 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2019-01-09 17:41 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-01-09 17:41 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2019-01-09 17:41 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 17:41 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\Print.Workflow.Source.dll
2019-01-09 17:41 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-01-09 17:41 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-01-09 17:41 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 17:41 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-01-09 17:41 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-01-09 17:41 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-01-09 17:41 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2019-01-09 17:41 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 17:41 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-01-09 17:41 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2019-01-09 17:41 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:41 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 17:41 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2019-01-09 17:41 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2019-01-09 17:41 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-01-09 17:41 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-01-09 17:41 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 17:41 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:41 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-01-09 17:41 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2019-01-09 17:41 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-01-09 17:41 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 17:41 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 17:41 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2019-01-09 17:41 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2019-01-09 17:41 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-01-09 17:41 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-01-09 17:41 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-01-09 17:41 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-01-09 17:41 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-01-09 17:41 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:41 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 17:41 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2019-01-09 17:41 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-01-09 17:41 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2019-01-09 17:41 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:41 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 17:41 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2019-01-09 17:41 - 2019-01-01 06:23 - 000001310 _____ C:\Windows\system32\tcbres.wim
2019-01-09 17:41 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-01-08 19:38 - 2019-01-08 19:38 - 006161920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2019-01-08 17:44 - 2019-01-08 17:44 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-08 17:44 - 2019-01-08 17:44 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-08 17:44 - 2019-01-08 17:44 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-08 17:44 - 2019-01-08 17:44 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-08 17:44 - 2019-01-08 17:44 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-01 15:34 - 2018-06-11 07:51 - 000000000 ____D C:\Users\Aroma\AppData\LocalLow\Mozilla
2019-02-01 15:32 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-01 15:20 - 2018-12-02 08:17 - 000000000 ____D C:\Users\Aroma\AppData\Local\CrashDumps
2019-02-01 15:20 - 2018-06-10 08:19 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-01 15:20 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2019-02-01 15:17 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-01 15:17 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2019-02-01 15:15 - 2018-06-11 07:36 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-01 15:15 - 2018-06-11 07:34 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-01 15:15 - 2018-04-12 16:50 - 000715034 _____ C:\Windows\system32\perfh005.dat
2019-02-01 15:15 - 2018-04-12 16:50 - 000144328 _____ C:\Windows\system32\perfc005.dat
2019-02-01 15:08 - 2018-11-22 17:51 - 000000000 __SHD C:\Users\Aroma\IntelGraphicsProfiles
2019-02-01 15:08 - 2018-06-11 07:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-01 15:08 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-01-31 21:23 - 2018-06-11 07:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-01-31 21:15 - 2018-12-23 09:08 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-12-23 09:08 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-31 21:15 - 2018-07-13 15:05 - 000003482 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-01-31 21:15 - 2018-06-25 16:27 - 000002988 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-31 21:15 - 2018-06-25 16:27 - 000002216 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-31 21:15 - 2018-06-11 07:51 - 000003400 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-31 21:15 - 2018-06-11 07:51 - 000003176 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-31 21:15 - 2018-06-11 07:50 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-31 21:15 - 2018-06-11 07:49 - 000002852 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-252021171-555059243-3660194029-1001
2019-01-31 21:15 - 2018-06-10 08:13 - 000003814 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-31 21:15 - 2018-06-10 08:13 - 000003530 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-01-30 19:31 - 2018-08-30 11:09 - 000000000 ____D C:\Users\Aroma\Desktop\Nová složka
2019-01-30 17:37 - 2018-06-11 07:50 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-28 19:22 - 2018-06-22 20:12 - 000000000 ____D C:\ProgramData\Packages
2019-01-26 00:15 - 2018-06-11 18:43 - 000000000 ____D C:\Users\Aroma\AppData\Roaming\vlc
2019-01-24 20:31 - 2018-11-24 11:38 - 000000000 ____D C:\Users\Aroma\AppData\Local\LarianLauncher
2019-01-23 18:34 - 2018-06-11 07:48 - 000000000 ___RD C:\Users\Aroma\OneDrive
2019-01-23 18:34 - 2018-06-11 07:44 - 000002387 _____ C:\Users\Aroma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-21 18:04 - 2018-06-10 08:30 - 000000000 ____D C:\Users\Aroma\AppData\Local\D3DSCache
2019-01-21 14:47 - 2018-12-23 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-01-21 14:47 - 2018-06-11 07:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-01-21 14:47 - 2018-06-11 07:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-01-21 14:39 - 2018-06-25 16:27 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-19 17:23 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2019-01-18 16:35 - 2018-11-18 19:12 - 000000000 ____D C:\Program Files\rempl
2019-01-18 15:55 - 2018-06-11 07:50 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-12 01:01 - 2017-11-09 03:25 - 005003032 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-01-11 12:06 - 2018-12-23 09:08 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-01-11 12:06 - 2017-11-09 02:57 - 000048472 _____ C:\Windows\system32\nvinfo.pb
2019-01-11 10:22 - 2018-06-11 07:36 - 005363000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-01-11 10:22 - 2018-06-11 07:36 - 002623880 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-01-11 10:22 - 2018-06-11 07:36 - 001767464 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-01-11 10:22 - 2018-06-11 07:36 - 000650608 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-01-11 10:22 - 2018-06-11 07:36 - 000451056 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-01-11 10:22 - 2018-06-11 07:36 - 000125320 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-01-11 10:22 - 2018-06-11 07:36 - 000083336 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-01-10 06:51 - 2018-06-11 07:36 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-01-09 20:09 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\TextInput
2019-01-09 20:09 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\bcastdvr
2019-01-09 17:45 - 2018-06-10 10:10 - 000000000 ____D C:\Windows\system32\MRT
2019-01-09 17:44 - 2018-06-10 10:10 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-09 14:45 - 2018-06-11 07:36 - 008472342 _____ C:\Windows\system32\nvcoproc.bin
2019-01-08 19:38 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-08 19:38 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-08 17:44 - 2018-11-21 17:16 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-08 17:44 - 2018-06-24 18:27 - 000015488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2019-01-08 17:44 - 2018-06-11 07:50 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-08 17:44 - 2018-06-11 07:50 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-08 17:44 - 2018-06-11 07:50 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-08 17:44 - 2018-06-11 07:50 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-08 17:44 - 2018-06-11 07:50 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-08 17:44 - 2018-06-11 07:50 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-08 17:44 - 2018-06-11 07:50 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-08 17:44 - 2018-06-11 07:50 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-08 17:44 - 2018-06-11 07:50 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-08 17:44 - 2018-04-12 00:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-01-06 16:09 - 2018-06-11 18:41 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-04 08:15 - 2018-06-25 16:20 - 000000000 ____D C:\Users\Aroma\AppData\Local\AVAST Software
2019-01-03 14:07 - 2018-07-13 15:05 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some files in TEMP:
====================
2019-02-01 15:14 - 2019-02-01 15:14 - 001974624 _____ (Oracle Corporation) C:\Users\Aroma\AppData\Local\Temp\jre-8u201-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-11 07:26

==================== End of FRST.txt ============================



Addition:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Aroma (01-02-2019 15:37:54)
Running from C:\Users\Aroma\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-11 06:28:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-252021171-555059243-3660194029-500 - Administrator - Disabled)
Aroma (S-1-5-21-252021171-555059243-3660194029-1001 - Administrator - Enabled) => C:\Users\Aroma
DefaultAccount (S-1-5-21-252021171-555059243-3660194029-503 - Limited - Disabled)
Guest (S-1-5-21-252021171-555059243-3660194029-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-252021171-555059243-3660194029-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.71 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4927 - Intel Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
LibreOffice 6.1.0.3 (HKLM\...\{DD50CAE9-27C5-452F-A910-1E7A00D8EEE2}) (Version: 6.1.0.3 - The Document Foundation)
Microsoft OneDrive (HKU\S-1-5-21-252021171-555059243-3660194029-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 417.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.71 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 417.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.71 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Ovládací panel NVIDIA 417.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.71 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_150c36a550ed11f0\igfxDTCM.dll [2018-01-25] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-01-11] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {131B9B22-CBAC-4915-B86F-5692272A8DB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {183D0ACC-0F30-4F87-B127-6B159C7B075D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {2968913F-4C23-476C-B354-5D703C08A3FB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-08] (AVAST Software)
Task: {3E75D294-D0A4-4149-B538-DE9A06B4F5B9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-17] (AVAST Software)
Task: {425EC86E-6F25-4BF1-81C3-19FA8B9F4EBD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {4942588C-8B74-4878-9A37-9A499C311EC6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {4FF39B3C-A63C-4981-A0E0-67E67DCE8168} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)
Task: {562EDBC3-A9AA-41BC-A482-7E6CD4B9E180} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {7265AA99-775A-40A2-BC0C-753108D9642E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)
Task: {8B013C75-B405-426D-8EBA-65405C70E4C1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {A586D2AE-A552-48FA-9F65-4060957B251B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
Task: {AEB4033C-9A78-48C4-B80D-E2F40EF6BF84} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {B1FC73A3-CC06-4DAD-82E8-96562F5C4DB4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {B4E23752-34E1-4CC6-89C0-6C2796527C68} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {CD8E2AAB-840C-43E7-9AE8-3BA19A18EE41} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {CE451454-F340-473B-B925-082A65E48676} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-11] (Google Inc.)
Task: {D32BAB97-C879-48C2-BD05-2CA0CF3AA0D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-11] (Google Inc.)
Task: {D56A5AD2-4AE3-46A6-A1CD-D3272BB935E5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {EC8C2490-1B2C-44F7-B97F-8C039E637FD8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {EDAADE71-32AB-4C1E-99C4-D2159DEBE2BD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-12-23 09:08 - 2018-12-06 11:11 - 001315208 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 17:33 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-09 17:42 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 20:44 - 2018-10-04 20:45 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-30 17:40 - 2019-01-30 17:40 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-30 17:40 - 2019-01-30 17:40 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-01-30 17:40 - 2019-01-30 17:40 - 011029504 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2019-01-30 17:40 - 2019-01-30 17:40 - 002923520 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\skypert.dll
2019-01-30 17:40 - 2019-01-30 17:40 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2019-01-30 17:40 - 2019-01-30 17:40 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-23 17:08 - 2019-01-23 17:09 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-23 17:08 - 2019-01-23 17:09 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 16:57 - 2018-04-12 16:57 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 17:45 - 2018-11-29 17:45 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-23 17:08 - 2019-01-23 17:09 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-23 17:08 - 2019-01-23 17:09 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-08 17:44 - 2019-01-08 17:44 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-08 17:44 - 2019-01-08 17:44 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-29 06:38 - 2018-10-30 19:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-08-29 06:38 - 2018-09-23 01:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-08-29 06:38 - 2018-09-23 01:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-08-29 06:38 - 2018-09-23 01:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2019-02-01 15:16 - 2019-02-01 15:17 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-02-01 15:16 - 2019-02-01 15:17 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-02-01 15:16 - 2019-02-01 15:17 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-06-10 08:19 - 2018-06-10 08:22 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-16 17:56 - 2019-01-16 17:56 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-02-01 15:16 - 2019-02-01 15:17 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-02-01 15:16 - 2019-02-01 15:17 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 13:51 - 2018-08-31 13:52 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 19:51 - 2018-07-26 19:51 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-19 16:43 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-19 16:43 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-12-23 09:08 - 2018-12-06 11:11 - 001033096 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-06-10 08:20 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-06-10 08:20 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-06-10 08:20 - 2019-01-05 00:33 - 002650400 _____ () C:\Program Files (x86)\Steam\video.dll
2018-06-10 08:20 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-06-10 08:20 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-06-10 08:20 - 2017-12-20 02:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-06-10 08:20 - 2017-12-20 02:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-06-10 08:20 - 2017-12-20 02:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-06-10 08:20 - 2017-12-20 02:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-06-10 08:20 - 2017-12-20 02:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-06-10 08:20 - 2019-01-05 00:33 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-06-10 08:20 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2019-01-04 12:15 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-252021171-555059243-3660194029-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 188.175.121.1 - 188.175.121.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{829F0710-7416-4634-8BD4-DD2253222066}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{F4B8F0D7-61AB-4DA0-A21A-91FF12E7CF91}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{3655BF5D-C737-4F04-8D62-A7159B3AC203}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{51B27E73-03BE-43DD-AD22-8C992912F382}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{955DC918-F756-4C03-AA05-BE10A73D9312}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios)
FirewallRules: [{005FFCED-D5E8-4F8A-BA58-C8C18E4A6280}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios)
FirewallRules: [TCP Query User{AB3D0936-BE0A-4470-9D3B-4D5333862779}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe ()
FirewallRules: [UDP Query User{94A7A9CE-A6CE-4A1C-AFF7-3B888FFD54D8}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe ()
FirewallRules: [{26E1BE41-82A6-470E-9DD5-F716F09ECDEA}] => (Block) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe ()
FirewallRules: [{E15438C5-4D4A-44E4-8B7F-E3A91BFAEF8B}] => (Block) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe ()
FirewallRules: [{707E0CC1-5791-4256-901C-4A418FFF49E6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{75C56B08-CAC3-442B-8151-E9797CC8828F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{550BCD4E-708F-49BA-89D3-08982168DBCD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{5635B619-6208-4796-8BBA-78C5327A2ADA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{69E06119-FC0F-4AAA-80DA-23DCD2FC45E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{B75A4806-0744-4798-A9B9-D60F79371664}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{4982C608-B980-47A5-AA21-264EE973AC42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{EB03E9E3-C5A5-4CBE-A1B4-83E5FA76887F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{B38DD2AF-5D16-4526-B10C-8362DE2D0C22}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{36D81408-ACB7-44CF-B69F-C699E40D3C0E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{91BA879D-5848-4C46-916B-681374A76F49}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{A8FF72A7-9C1B-45C7-B150-26D0F145C28D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{BD0900A7-2A0E-4ADE-B7F8-62289549F036}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

==================== Restore Points =========================

17-01-2019 17:37:33 Windows Update
24-01-2019 21:09:58 Naplánovaný kontrolní bod
01-02-2019 15:33:12 Removed Java 8 Update 201

==================== Faulty Device Manager Devices =============

Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič sběrnice SM
Description: Řadič sběrnice SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2019 05:18:16 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (5016,G,0) Pokus o otevření souboru C:\Users\Aroma\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/21/2019 09:03:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x13cc
Čas spuštění chybující aplikace: 0x01d4b1b8d2108ee6
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 23b6ca06-accc-4006-86d5-10b9aa14d8bb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/17/2019 05:37:43 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Produkt: Update for Windows 10 for x64-based Systems (KB4023057) - A later version of Update for Windows 10 for x64-based Systems (KB4023057) is already installed. Setup will now exit.

Error: (12/28/2018 07:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x28a0
Čas spuštění chybující aplikace: 0x01d49ed36b93777a
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 915f68dc-b03a-4ff7-b542-60e9ef34b42f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/24/2018 08:51:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x2f48
Čas spuštění chybující aplikace: 0x01d49ba060113bf0
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: fa675adf-9646-485d-a4f3-a95bb8709c66
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/24/2018 11:04:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17134.1, časové razítko: 0xf5178e97
Název chybujícího modulu: dwmcore.dll, verze: 10.0.17134.441, časové razítko: 0x8b352f6e
Kód výjimky: 0xc00001ad
Posun chyby: 0x00000000001cdff2
ID chybujícího procesu: 0x224
Čas spuštění chybující aplikace: 0x01d49b053780f9a7
Cesta k chybující aplikaci: C:\Windows\System32\dwm.exe
Cesta k chybujícímu modulu: C:\Windows\System32\dwmcore.dll
ID zprávy: 207a8feb-251e-4221-a57c-47ab26cf5d8f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/23/2018 06:47:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x2940
Čas spuštění chybující aplikace: 0x01d49ae53af95a02
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 1902cbbf-2464-46a6-8d60-2456c7a7509b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/23/2018 02:40:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x1824
Čas spuštění chybující aplikace: 0x01d49ab535a10fbc
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 2470a7ec-9372-4a07-afeb-99933a6da343
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/01/2019 03:34:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-95LATAG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-95LATAG\Aroma (SID: S-1-5-21-252021171-555059243-3660194029-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/01/2019 03:25:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-95LATAG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-95LATAG\Aroma (SID: S-1-5-21-252021171-555059243-3660194029-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/01/2019 03:14:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-95LATAG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-95LATAG\Aroma (SID: S-1-5-21-252021171-555059243-3660194029-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/01/2019 03:13:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-95LATAG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-95LATAG\Aroma (SID: S-1-5-21-252021171-555059243-3660194029-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/01/2019 03:12:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-95LATAG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-95LATAG\Aroma (SID: S-1-5-21-252021171-555059243-3660194029-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/01/2019 03:10:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-95LATAG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-95LATAG\Aroma (SID: S-1-5-21-252021171-555059243-3660194029-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/01/2019 03:09:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-95LATAG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-95LATAG\Aroma (SID: S-1-5-21-252021171-555059243-3660194029-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/01/2019 03:06:03 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-95LATAG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-95LATAG\Aroma (SID: S-1-5-21-252021171-555059243-3660194029-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Gold G5400 CPU @ 3.70GHz
Percentage of memory in use: 39%
Total physical RAM: 8038.4 MB
Available physical RAM: 4895.38 MB
Total Virtual: 10342.4 MB
Available Virtual: 6138.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.97 GB) (Free:105.51 GB) NTFS

\\?\Volume{9eb9827e-0d95-425c-8526-a3266a45bc9c}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
\\?\Volume{4b8c5f5c-1a42-4587-9981-8b9988cce516}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

levely
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 20 pro 2008 19:13
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#3 Příspěvek od levely »

Tady je log:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-01-2019
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1250 octets] - [01/02/2019 16:27:19]
AdwCleaner[S01].txt - [1311 octets] - [01/02/2019 16:29:48]
AdwCleaner[S02].txt - [1372 octets] - [01/02/2019 16:30:22]
AdwCleaner[S03].txt - [1433 octets] - [01/02/2019 16:30:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#4 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {131B9B22-CBAC-4915-B86F-5692272A8DB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

levely
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 20 pro 2008 19:13
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#5 Příspěvek od levely »

Tady je log:


Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Aroma (01-02-2019 22:15:21) Run:1
Running from C:\Users\Aroma\Desktop
Loaded Profiles: Aroma (Available Profiles: Aroma)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {131B9B22-CBAC-4915-B86F-5692272A8DB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{131B9B22-CBAC-4915-B86F-5692272A8DB5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{131B9B22-CBAC-4915-B86F-5692272A8DB5}" => removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => removed successfully

==== End of Fixlog 22:15:24 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#6 Příspěvek od Diallix »

Dobre, zmazane.

Nic nebezpecne nevidim.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět