PC kontrola logu prosim...dekuji :-)

[MikeD79]

can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.03.2019
Ran by Mike (administrator) on DESKTOP-5H59Q1B (02-03-2019 12:30:09)
Running from C:\Users\Mike\Downloads
Loaded Profiles: Mike (Available Profiles: defaultuser0 & Mike)
Platform: Windows 10 Pro Version 1809 17763.316 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star Int'l Co., Ltd.) [File not signed] C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(LENOVO (UNITED STATES) INC. -> Lenovo) C:\Users\Mike\AppData\Local\Apps\2.0\ZNYC5ZQ0.3ZE\GMO7O315.35G\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IP Izmaylov Artem Andreevich -> AIMP DevTeam) C:\Program Files (x86)\AIMP\AIMP.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [MSI Suite] => C:\MSI\MSI SUITE\StartMSISuite.exe [576056 2012-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [H2O] => C:\Program Files (x86)\SyncroSoft\Pos\H2O\cledx.exe [307200 2005-11-01] (Team H2O) [File not signed]
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26253496 2018-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [File not signed]
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\Run: [Spotify] => C:\Users\Mike\AppData\Roaming\Spotify\Spotify.exe [24907496 2018-10-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\Run: [BitTorrent] => C:\Users\Mike\AppData\Roaming\BitTorrent\BitTorrent.exe [1746368 2019-01-04] (BitTorrent Inc -> BitTorrent Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-25] (Google LLC -> Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bf120928-3538-4104-b876-6c99ecd61401}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d669bace-d096-4d5f-ad2d-6208c21659c5}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-7981431-371254593-1804936740-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html", Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default [2019-03-02]
CHR Extension: (Prezentace) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-10]
CHR Extension: (Earth and Moon) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmfhbdfjlfminjglfhcgcblgicnfcka [2017-03-01]
CHR Extension: (Dokumenty) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-01]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-02-16]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-02-16]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-01]
CHR Extension: (Tabulky) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Záložky na iCloudu) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2018-01-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (AdBlock) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-28]
CHR Extension: (Save to Facebook) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-03-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-16]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2018-11-29] (ICEpower a/s -> ICEpower)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2017-02-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2330296 2017-09-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIFileSyncMonitor; C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [13824 2013-09-04] (Micro-Star Int'l Co., Ltd.) [File not signed]
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2017-02-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [113336 2017-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2191032 2018-12-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuiteCharger; C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [140272 2013-02-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_SuiteComCen; C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [333296 2013-05-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_SuiteFastBoot; C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe [105016 2012-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183992 2018-08-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-10-20] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel(R) Software -> Intel Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-07-02] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-03-22] (Martin Malik - REALiX -> REALiX(tm))
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation -> Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider)
S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2016-04-08] (Intel CASE -> )
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-04-13] (Malwarebytes Corporation -> Malwarebytes)
S3 NTIOLib_1_0_C; C:\MSI\MSI SUITE\NTIOLib_X64.sys [11888 2012-03-30] (Micro-Star Int'l Co. Ltd. -> MSI) [File not signed]
R3 NTIOLib_1_1_S; C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_SuiteComCen; C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [13808 2013-04-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_SuiteFB; C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [13368 2012-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NvnUsbAudio; C:\WINDOWS\system32\DRIVERS\nvnusbaudio.sys [72760 2017-05-18] (Focusrite Audio Engineering Ltd. -> Novation DMS Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1139424 2018-07-23] (Realtek Semiconductor Corp. -> Realtek )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2016-07-16] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2016-07-16] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-04-24] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbbus; C:\WINDOWS\System32\drivers\lgx64bus.sys [17920 2009-08-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\drivers\lgx64diag.sys [27648 2009-08-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbGps; C:\WINDOWS\System32\drivers\lgx64gps.sys [27136 2009-08-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54352 2016-08-18] (Intel Corporation -> Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-02 12:30 - 2019-03-02 12:31 - 000024665 _____ C:\Users\Mike\Downloads\FRST.txt
2019-03-02 12:30 - 2019-03-02 12:30 - 000000000 ____D C:\FRST
2019-03-02 12:29 - 2019-03-02 12:29 - 002434048 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2019-03-02 12:16 - 2019-03-02 12:16 - 000000000 ____D C:\Users\Mike\AppData\Local\D3DSCache
2019-02-15 17:33 - 2019-02-15 17:33 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 023439360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 022111856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 020812288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 009683984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 008875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 006540424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 006070272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 005584864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 005565952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 005561856 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 005527552 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 005440008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 005205464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 004991096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 004885504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 004702704 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 004688896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 004526080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 004298752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 004019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 003922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 003386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002992640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002927120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 002776920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 002702528 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002626592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002275888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002187264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002149368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002072728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001969680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001700880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001696936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-15 17:33 - 2019-02-15 17:33 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001671864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001604096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001533440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001467560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001467384 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001341584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-15 17:33 - 2019-02-15 17:33 - 001331744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001309184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001282640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001259024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-15 17:33 - 2019-02-15 17:33 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001209360 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001178344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000982576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000982032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000970256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000864056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000850968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000822448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000806560 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-15 17:33 - 2019-02-15 17:33 - 000806560 _____ C:\WINDOWS\system32\locale.nls
2019-02-15 17:33 - 2019-02-15 17:33 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000765960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000726208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000652320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000651304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000649272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000629576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000612368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000604552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000588304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000522312 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000475152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-15 17:33 - 2019-02-15 17:33 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000421904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000408800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000353488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000277536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000276488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000262672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000203280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MTF.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000148480 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000121872 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000114856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000097592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nslookup.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2019-02-15 17:33 - 2019-02-15 17:33 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2019-02-15 17:33 - 2019-02-15 17:33 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-15 17:33 - 2019-02-15 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-02-15 17:33 - 2019-02-15 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-02-15 17:33 - 2019-02-15 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-02-15 17:33 - 2019-02-15 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-02-15 17:33 - 2019-02-15 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-02-15 17:33 - 2019-02-15 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-02-15 17:33 - 2019-02-15 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-02-15 17:33 - 2019-02-15 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-02-15 17:32 - 2019-02-15 17:32 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-15 17:32 - 2019-02-15 17:32 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-15 17:32 - 2019-02-15 17:32 - 000752136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-15 17:32 - 2019-02-15 17:32 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2019-02-15 17:32 - 2019-02-15 17:32 - 000132104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-15 17:32 - 2019-02-15 17:32 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-15 17:32 - 2019-02-15 17:32 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-02 12:30 - 2017-03-22 16:39 - 000000000 ____D C:\Users\Mike\AppData\Roaming\AIMP
2019-03-02 12:28 - 2019-01-19 13:04 - 000004202 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5E6D08D2-90BF-41F4-9A22-24A84996B793}
2019-03-02 11:51 - 2019-01-19 12:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-02 11:09 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-02 11:09 - 2017-03-05 12:01 - 000000000 ____D C:\Users\Mike\AppData\Roaming\vlc
2019-03-01 14:23 - 2019-01-19 13:04 - 000002966 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2019-03-01 14:23 - 2017-03-09 18:59 - 000000306 _____ C:\WINDOWS\Tasks\AutoKMS.job
2019-02-28 20:41 - 2019-01-19 13:08 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-28 20:41 - 2018-09-15 18:39 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-02-28 20:41 - 2018-09-15 18:39 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-02-28 20:41 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-02-28 18:58 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-28 18:58 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-28 14:53 - 2018-09-24 21:02 - 000000000 ____D C:\Users\Mike\Desktop\CD POHODA
2019-02-28 14:20 - 2019-01-19 13:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-28 14:20 - 2019-01-19 13:00 - 000000000 ____D C:\Users\Mike
2019-02-28 14:20 - 2017-07-08 12:18 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-02-28 14:20 - 2017-03-01 01:07 - 000000000 __SHD C:\Users\Mike\IntelGraphicsProfiles
2019-02-27 19:50 - 2018-11-19 21:58 - 000000000 ____D C:\Users\Mike\AppData\Roaming\YouTube Downloader
2019-02-25 21:05 - 2017-03-01 01:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-25 16:06 - 2018-11-17 13:35 - 000000221 _____ C:\Users\Mike\Desktop\Visit MediaHuman Website.url
2019-02-25 16:06 - 2018-11-05 15:43 - 000001353 _____ C:\Users\Mike\Desktop\MediaHuman YouTube to MP3 Converter.lnk
2019-02-23 10:45 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-23 10:40 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2019-02-23 08:45 - 2018-02-15 01:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-23 08:43 - 2017-03-02 19:49 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-16 08:40 - 2017-12-06 20:52 - 000000000 ___RD C:\Users\Mike\3D Objects
2019-02-16 08:40 - 2017-03-01 01:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-16 08:39 - 2019-01-19 12:59 - 000348272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-16 08:39 - 2018-09-15 07:09 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-02-16 08:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-16 08:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-16 08:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-16 08:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-16 08:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-02-16 08:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-02-16 08:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-16 08:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-16 08:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-16 08:38 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-15 17:29 - 2017-03-02 15:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-15 17:28 - 2017-03-02 15:58 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-15 17:24 - 2019-01-19 13:04 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-11 16:23 - 2017-10-12 19:52 - 000000000 ____D C:\Users\Mike\AppData\Local\ElevatedDiagnostics
2019-02-11 15:39 - 2019-01-19 13:04 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-7981431-371254593-1804936740-1001
2019-02-11 15:39 - 2019-01-19 13:00 - 000002380 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-11 15:39 - 2017-03-01 01:08 - 000000000 ___RD C:\Users\Mike\OneDrive
2019-02-11 15:33 - 2018-07-18 21:32 - 000000000 ____D C:\ProgramData\Packages
2019-02-01 23:31 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-01 23:31 - 2018-09-15 08:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-01 12:33 - 2017-12-06 17:28 - 000000000 ____D C:\Users\Mike\AppData\Local\Packages

==================== Files in the root of some directories =======

2017-11-07 19:10 - 2019-01-28 15:17 - 000010752 _____ () C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[MikeD79]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by Mike (02-03-2019 12:31:45)
Running from C:\Users\Mike\Downloads
Windows 10 Pro Version 1809 17763.316 (X64) (2019-01-19 12:04:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-7981431-371254593-1804936740-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-7981431-371254593-1804936740-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-7981431-371254593-1804936740-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-7981431-371254593-1804936740-501 - Limited - Disabled)
Mike (S-1-5-21-7981431-371254593-1804936740-1001 - Administrator - Enabled) => C:\Users\Mike
WDAGUtilityAccount (S-1-5-21-7981431-371254593-1804936740-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
APP Shop v1.0.28 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.28 - ASRock Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
BitTorrent (HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\BitTorrent) (Version: 7.10.4.44847 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Driver Booster 4.0 (HKLM-x32\...\Driver Booster_is1) (Version: 4.0.4 - IObit)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
Intel Extreme Tuning Utility (HKLM-x32\...\{41E5D953-530A-441B-98D3-92B5D6B80AEB}) (Version: 6.2.0.17 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{fde8aa07-3912-4bdf-ad35-ff1231bfd00d}) (Version: 6.2.0.17 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
MediaHuman YouTube to MP3 Converter 3.9.9.12 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.12 - MediaHuman)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.23 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.15 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.50 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.37 - MSI)
MSI SUITE (HKLM-x32\...\{1F025E3A-3074-48A3-A8F3-78E735739491}_is1) (Version: 1.0.036 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.27 - MSI)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.28.615.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Spotify (HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\Spotify) (Version: 1.0.90.268.ga8a0ceb4 - Spotify AB)
Star Defender 4 (HKLM-x32\...\Star Defender 4_is1) (Version: 1.0 - Gamebra Pte. Ltd.)
SyncroSoft Emu (Remove only) (HKLM-x32\...\SyncroSoft Emu) (Version: - )
Syncrosoft's License Control (HKLM-x32\...\Syncrosoft's License Control) (Version: - Syncrosoft Hard- Und Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-7981431-371254593-1804936740-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AIMP] -> [CC]{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [AIMP] -> [CC]{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {170C95BA-7E27-4AD8-BB86-C05C4D6ADB7B} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe (Intel(R) Software -> Intel Corporation)
Task: {1B277EF9-32D7-48AF-9B84-FDD5E0D672F2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1F5D486A-ABE4-4289-9950-A683DE2B4FFC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-7981431-371254593-1804936740-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {285B221E-C2AB-4A15-BCDD-BEB907442799} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {29604671-D681-4449-8E0C-1256EB1B3177} - System32\Tasks\SystemSettings => mshta vbscript:CreateObject("Wscript.Shell").Run("powershell.exe -WindowStyle hidden -ep bypass -nop -c $e=(Get-ItemProperty HKLM:\Software\a);Select-Object -ExpandProperty Shell;Invoke-Expression $e",0,True)(window.close)
Task: {2F5FDAB4-2663-47AB-899B-9FE3E7C437B6} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe () [File not signed]
Task: {30036713-99BE-4028-A920-49D6861EB912} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3B92C3C8-EC9F-4B0B-AC5D-90A8376239B1} - System32\Tasks\Driver Booster SkipUAC (Mike) => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe (IObit Information Technology -> IObit)
Task: {3C3D9A35-819F-4D73-81C4-55938F3A5E5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {509B1FE1-2A60-4317-A635-4B4BA3D5CB0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5DA1EFC8-FAA0-46D8-8B47-4162834F6F8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {5E4C8FD4-1932-4C4E-875D-5416EAC38C2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {734E97A1-29A0-4FDA-8154-8782267584C4} - System32\Tasks\lenovo mobile auto run => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
Task: {A54B8452-8FEB-46BC-B1A3-10984833606A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A9BBAFD1-0F13-4EA0-976C-076348382909} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {B9D187C3-2B4E-4B7C-B0FB-734AEFDFFC81} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\Scheduler.exe (IObit Information Technology -> IObit)
Task: {CF979212-8737-44EE-8F85-A60DF6847285} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {D43F6CAD-08DF-41DF-9A85-05064866AA3E} - System32\Tasks\Opera scheduled Autoupdate 1490302053 => C:\Users\Mike\AppData\Local\Programs\Opera\launcher.exe
Task: {ED262B0A-7774-4062-BB8A-0F982AD02759} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-23 21:33 - 2013-09-04 11:24 - 000013824 _____ (Micro-Star Int'l Co., Ltd.) [File not signed] C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
2017-03-02 19:49 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-03-02 19:50 - 2007-09-02 13:58 - 000495616 _____ () [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.exe
2019-01-21 17:04 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2017-03-02 19:50 - 2007-09-02 13:57 - 000069632 _____ () [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.dll
2017-03-22 16:39 - 2018-12-28 13:58 - 000124060 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\AIMP\bass.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000205824 _____ () [File not signed] C:\Program Files (x86)\AIMP\System\libsoxr.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000445952 _____ (Matthew T. Ashland) [File not signed] C:\Program Files (x86)\AIMP\System\Encoders\MACDll.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000299008 _____ () [File not signed] C:\Program Files (x86)\AIMP\System\Encoders\libFLAC.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000348672 _____ () [File not signed] C:\Program Files (x86)\AIMP\System\Encoders\lame_enc.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000759296 _____ () [File not signed] C:\Program Files (x86)\AIMP\System\Encoders\aimp_libvorbis.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000226304 _____ (Conifer Software) [File not signed] C:\Program Files (x86)\AIMP\System\Encoders\wavpackdll.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000017733 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_wma\bass_wma.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000049499 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_midi\bass_midi.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000021112 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_mpc\bass_mpc.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000010976 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_hls\bass_hls.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000029052 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_ape\bass_ape.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000023820 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_flac\bass_flac.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000069388 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_opus\bass_opus.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000028224 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_wv\bass_wv.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000114688 _____ (Thomas Becker, Osnabrueck) [File not signed] C:\Program Files (x86)\AIMP\Plugins\tak_deco_lib\tak_deco_lib.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000036105 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_spx\bass_spx.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000007910 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_tta\bass_tta.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000009416 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_alac\bass_alac.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000497152 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\AIMP\Plugins\aimp_inputFFmpeg\avformat-aimp-57.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000571904 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\AIMP\Plugins\aimp_inputFFmpeg\avutil-aimp-55.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 001061376 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\AIMP\Plugins\aimp_inputFFmpeg\avcodec-aimp-57.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000122368 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\AIMP\Plugins\aimp_inputFFmpeg\swresample-aimp-2.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000019478 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\AIMP\Plugins\aimp_cdda\aimp_cdda_basscd.dll
2017-03-22 16:39 - 2018-12-28 13:58 - 000504038 _____ () [File not signed] C:\Program Files (x86)\AIMP\sqlite3.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000159232 _____ () [File not signed] C:\Program Files (x86)\AIMP\Plugins\aimp_sacd\libsacd.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000026624 _____ () [File not signed] C:\Program Files (x86)\AIMP\Plugins\Aorta\Aorta.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000149845 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_aac\bass_aac.dll
2018-12-28 13:58 - 2018-12-28 13:58 - 000015113 _____ (MaresWEB) [File not signed] C:\Program Files (x86)\AIMP\Plugins\bass_ac3\bass_ac3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-02-28 16:52 - 2017-02-28 16:51 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-7981431-371254593-1804936740-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\Downloads\2011-Ducati-StreetfighterSc.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "MSI Suite"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "H2O"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "Application Restart #2"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "Uninstall 17.3.7131.1115"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "Uninstall 17.3.7131.1115\amd64"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-7981431-371254593-1804936740-1001\...\StartupApproved\Run: => "BitTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D8D5D2B6-0731-4413-9779-BD35A1556BAF}] => (Allow) C:\Users\Mike\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BA22B4F4-BD10-4F47-818E-47F7085DD507}] => (Allow) C:\Users\Mike\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{75FF2772-38A2-48C5-B371-F79BFA8941D5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{13A95E36-4631-4F87-A80A-23D7726DA195}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{15BDAF0B-D8D2-4174-9EB4-359939103C30}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBDD60C0-8D2A-46D6-A20D-68E933F328C8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B1A9AC5D-CD0C-4CAD-A5A2-ECCABE31E35F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0DF969D8-2E73-4ABA-B505-95A5046DB971}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5913517F-F001-4222-9F55-754E871C3A9F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{F9B5582A-EB22-48D6-947B-C961FC29F86C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{2E05803B-1C4E-4307-8CC0-F9CAFCDEB96D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{BE7690C1-2039-44A7-9811-32956D3299A9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{B21D46DF-1844-4A8C-82A5-0D6E474C47BA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{B9D91F51-9011-45CF-982E-41C7E984641E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{24232B37-C937-49BA-B6EB-A455F456FDC7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{31E6CB30-4A41-426D-B873-F367A4CFE36E}C:\users\mike\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mike\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{997E10E8-2DE4-4B88-804C-330FB80EC332}C:\users\mike\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mike\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0595EB4F-F734-46EE-94C5-77A5C4B8D6B1}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5C9CFEB0-DE8D-4264-A51D-A3D9ABCA8E4C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

30-01-2019 06:26:14 Naplánovaný kontrolní bod
15-02-2019 17:27:36 Windows Update
23-02-2019 10:56:26 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2019 02:11:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-5H59Q1B.local already in use; will try DESKTOP-5H59Q1B-2.local instead

Error: (03/01/2019 02:11:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-5H59Q1B.local. Addr 192.168.0.59

Error: (03/01/2019 02:11:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.59:5353 16 DESKTOP-5H59Q1B.local. AAAA 2A02:8309:80C0:8600:7C76:B0F4:750C:C2EE

Error: (03/01/2019 02:11:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-5H59Q1B.local. AAAA FE80:0000:0000:0000:0C93:60ED:CB64:0A5B

Error: (03/01/2019 02:11:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.59:5353 16 DESKTOP-5H59Q1B.local. AAAA 2A02:8309:80C0:8600:7C76:B0F4:750C:C2EE

Error: (03/01/2019 02:11:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-5H59Q1B.local. AAAA 2A02:8309:80C0:86004B2A:41D1:8564

Error: (03/01/2019 02:11:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.59:5353 16 DESKTOP-5H59Q1B.local. AAAA 2A02:8309:80C0:8600:7C76:B0F4:750C:C2EE

Error: (03/01/2019 02:11:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-5H59Q1B.local. AAAA 2A02:8309:80C0:8600:0C93:60ED:CB64:0A5B


System errors:
=============
Error: (02/28/2019 07:58:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5H59Q1B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-5H59Q1B\Mike (SID: S-1-5-21-7981431-371254593-1804936740-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/28/2019 02:23:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/28/2019 02:23:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/28/2019 02:23:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/28/2019 02:22:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5H59Q1B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-5H59Q1B\Mike (SID: S-1-5-21-7981431-371254593-1804936740-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/28/2019 02:21:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5H59Q1B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-5H59Q1B\Mike (SID: S-1-5-21-7981431-371254593-1804936740-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/16/2019 08:42:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/16/2019 08:42:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-02-15 17:22:21.220
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {39093511-5EB8-4176-BE91-0B48101233D7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-02-11 16:24:46.728
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A13D1292-2BDE-48EA-8C5C-ED82B75A1435}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-28 16:02:28.304
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {462441AF-C74B-4D24-A99D-9D33296DBC8D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-28 15:57:55.537
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {315919D0-66DC-4358-BE17-611CBECC471D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-28 15:49:50.753
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FF21D68A-03CD-4DBC-9EA3-A64F8A8C19BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-02-28 19:39:55.920
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-02-27 16:24:02.225
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-02-15 18:24:38.443
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-02-02 11:20:37.142
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-27 18:51:18.880
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-26 13:05:42.734
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-20 21:46:41.314
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-19 13:06:06.229
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G3420 @ 3.20GHz
Percentage of memory in use: 50%
Total physical RAM: 12163.04 MB
Available physical RAM: 6019.67 MB
Total Virtual: 14019.04 MB
Available Virtual: 6758.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.93 GB) (Free:56.7 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:467.96 GB) (Free:190.32 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:463.55 GB) (Free:278.9 GB) NTFS

\\?\Volume{7908ce48-8e49-48a4-854a-deb8a75bfe9d}\ () (Fixed) (Total:0.29 GB) (Free:0.03 GB) NTFS
\\?\Volume{ebc642f5-f5a2-41d1-bc02-5fe059622c88}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS
\\?\Volume{cac9ced9-8e0b-4ac0-a128-1e2b0d4f18e2}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{5507fa07-059d-4fe1-8ef7-1ae4bf027ebd}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7A13B4E2)
Partition 1: (Active) - (Size=468 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=463.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 9346B31C)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi