Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

po dlouhé době prosím o preventivní kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Teochi
Návštěvník
Návštěvník
Příspěvky: 61
Registrován: 05 čer 2009 10:29

po dlouhé době prosím o preventivní kontrolu

#1 Příspěvek od Teochi »

Dobrý den,
po delší době bych si rád nechal zkontrolovat PC, děkuji.



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Jura (administrator) on JURA-PC (04-04-2019 05:36:48)
Running from C:\Users\Jura\Desktop
Loaded Profiles: Jura (Available Profiles: Jura)
Platform: Windows 10 Pro Version 1803 17134.648 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
() [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(LogMeIn, Inc. -> LogMeIn Inc.) G:\junior\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) G:\junior\Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn, Inc. -> LogMeIn Inc.) G:\junior\Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) G:\junior\Hamachi\LMIGuardianSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jura\AppData\Local\Microsoft\OneDrive\OneDrive.exe
() [File not signed] G:\junior\RocketDock\RocketDock.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1902.42.0_x64__8wekyb3d8bbwe\Calculator.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\Pub\PubMonitor.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jura\AppData\Local\Discord\app-0.0.305\Discord.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jura\AppData\Local\Discord\app-0.0.305\Discord.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jura\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jura\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jura\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jura\AppData\Local\Discord\app-0.0.305\Discord.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2019-03-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SHARK ZONE M50] => C:\Program Files (x86)\SHARK ZONE M50\SHARKZONEM50.exe [3708416 2016-06-15] (SHARKOON) [File not signed]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => G:\junior\Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [RocketDock] => G:\junior\RocketDock\RocketDock.exe [495616 2007-09-02] () [File not signed]
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-14] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {50b56a65-6f1b-11e8-9b76-1c1b0d68fe46} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {88bfcfcf-da77-11e8-9b81-1c1b0d68fe46} - "H:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-22] (Google LLC -> Google Inc.)
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2018-02-18]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6b6f5b63-2a17-4bb9-8122-39b23d1360fd}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180614__yaie
SearchScopes: HKU\S-1-5-21-698999926-1648983513-1323860127-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-698999926-1648983513-1323860127-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180614__yaie&p={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-11-10] (Google Inc -> Google Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-11-10] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-11-10] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-11-10] (Google Inc -> Google Inc.)

FireFox:
========
FF DefaultProfile: ip2j9z78.default
FF ProfilePath: C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\ip2j9z78.default [2019-04-04]
FF NewTab: Mozilla\Firefox\Profiles\ip2j9z78.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180614__yaff
FF Session Restore: Mozilla\Firefox\Profiles\ip2j9z78.default -> is enabled.
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\ip2j9z78.default\Extensions\firefox@ghostery.com.xpi [2019-02-02]
FF Extension: (AdBlock) - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\ip2j9z78.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-03-17]
FF SearchPlugin: C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\ip2j9z78.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-06-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-08] (Adobe Systems Incorporated -> )
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-08] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default [2019-04-03]
CHR Extension: (Prezentace) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-11]
CHR Extension: (Dokumenty) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-14]
CHR Extension: (Disk Google) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-14]
CHR Extension: (YouTube) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-14]
CHR Extension: (Tabulky) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (AdBlock) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-14]
CHR Extension: (Chrome Media Router) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2018-02-18] (Adobe Systems) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-12-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-10-24] (FUTUREMARK INC -> Futuremark)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [File not signed]
R2 Hamachi2Svc; G:\junior\Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62760 2016-06-01] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-01-18] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737560 2019-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [109504 2019-03-10] (Alcorlink Corp. -> )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-11-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-11-12] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-07-13] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\Windows\gdrv.sys [26192 2017-11-14] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2018-12-14] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-11-14] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [967696 2018-10-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5db32447b43ce666\nvlddmkm.sys [20461984 2019-03-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2019-03-10] (Synaptics Incorporated -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-04 05:36 - 2019-04-04 05:37 - 000018377 ____C C:\Users\Jura\Desktop\FRST.txt
2019-04-04 05:36 - 2019-04-04 05:36 - 000000000 ____D C:\FRST
2019-04-04 05:35 - 2019-04-04 05:35 - 002434048 ____C (Farbar) C:\Users\Jura\Desktop\FRST64.exe
2019-04-03 18:46 - 2019-04-03 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2019-03-28 07:00 - 2019-03-28 07:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-03-22 14:46 - 2019-03-23 19:42 - 000000000 ___DC C:\Users\Jura\AppData\Local\BitTorrentHelper
2019-03-21 13:30 - 2019-03-21 13:30 - 000000000 ___DC C:\Users\Jura\AppData\Local\OneDrive
2019-03-13 16:14 - 2019-03-06 17:37 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-13 16:14 - 2019-03-06 17:14 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-13 16:14 - 2019-03-06 17:14 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-13 16:14 - 2019-03-06 17:13 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-13 16:14 - 2019-03-06 17:13 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-13 16:14 - 2019-03-06 17:13 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 16:14 - 2019-03-06 14:05 - 004054016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-13 16:14 - 2019-03-06 14:05 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-13 16:14 - 2019-03-06 14:04 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-13 16:14 - 2019-03-06 11:29 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 16:14 - 2019-03-06 11:16 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-03-13 16:14 - 2019-03-06 11:16 - 001188000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 16:14 - 2019-03-06 11:07 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-13 16:14 - 2019-03-06 11:07 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-13 16:14 - 2019-03-06 11:07 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-13 16:14 - 2019-03-06 11:06 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 16:14 - 2019-03-06 11:06 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-03-13 16:14 - 2019-03-06 11:05 - 000436240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-13 16:14 - 2019-03-06 11:04 - 000945464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-13 16:14 - 2019-03-06 11:03 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 16:14 - 2019-03-06 11:03 - 002719544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-13 16:14 - 2019-03-06 11:03 - 002465784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-13 16:14 - 2019-03-06 11:03 - 001921848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-13 16:14 - 2019-03-06 11:03 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-03-13 16:14 - 2019-03-06 11:03 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-03-13 16:14 - 2019-03-06 11:03 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-03-13 16:14 - 2019-03-06 11:02 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-13 16:14 - 2019-03-06 10:44 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-13 16:14 - 2019-03-06 10:36 - 022716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-13 16:14 - 2019-03-06 10:36 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 16:14 - 2019-03-06 10:34 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-13 16:14 - 2019-03-06 10:33 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-13 16:14 - 2019-03-06 10:32 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 16:14 - 2019-03-06 10:32 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-13 16:14 - 2019-03-06 10:32 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-03-13 16:14 - 2019-03-06 10:31 - 007598592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-13 16:14 - 2019-03-06 10:31 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 16:14 - 2019-03-06 10:31 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-13 16:14 - 2019-03-06 10:31 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 16:14 - 2019-03-06 10:31 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 16:14 - 2019-03-06 10:31 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 16:14 - 2019-03-06 10:31 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-13 16:14 - 2019-03-06 10:31 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-13 16:14 - 2019-03-06 10:31 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-03-13 16:14 - 2019-03-06 10:29 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-03-13 16:14 - 2019-03-06 10:29 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 16:14 - 2019-03-06 10:29 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 16:14 - 2019-03-06 10:29 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-13 16:14 - 2019-03-06 10:27 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-13 16:14 - 2019-03-06 10:27 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-13 16:14 - 2019-03-06 10:27 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-13 16:14 - 2019-03-06 10:27 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-13 16:14 - 2019-03-06 10:25 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-13 16:14 - 2019-03-06 08:14 - 006568528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 16:14 - 2019-03-06 08:14 - 000785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-13 16:14 - 2019-03-06 08:14 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-13 16:14 - 2019-03-06 07:50 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-03-13 16:14 - 2019-02-16 15:02 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-13 16:14 - 2019-02-16 14:57 - 002266936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 001786672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 001627448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 001424696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 001048472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000954168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000257848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-03-13 16:14 - 2019-02-16 14:57 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-03-13 16:14 - 2019-02-16 14:57 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe
2019-03-13 16:14 - 2019-02-16 14:57 - 000180528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-03-13 16:14 - 2019-02-16 14:57 - 000172856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-03-13 16:14 - 2019-02-16 14:57 - 000034104 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-03-13 16:14 - 2019-02-16 14:56 - 000549520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-03-13 16:14 - 2019-02-16 14:53 - 001516416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-03-13 16:14 - 2019-02-16 14:34 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-13 16:14 - 2019-02-16 14:34 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-13 16:14 - 2019-02-16 14:34 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-03-13 16:14 - 2019-02-16 14:32 - 003646976 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-13 16:14 - 2019-02-16 14:30 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-03-13 16:14 - 2019-02-16 14:24 - 000444176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-03-13 16:14 - 2019-02-16 14:22 - 001322176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-03-13 16:14 - 2019-02-16 14:08 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-03-13 16:14 - 2019-02-16 14:06 - 002890752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-13 16:14 - 2019-02-16 14:06 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-03-13 16:14 - 2019-02-16 12:24 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-03-13 16:14 - 2019-02-16 12:22 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-03-13 16:14 - 2019-02-16 10:04 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-03-13 16:14 - 2019-02-16 10:03 - 007901392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-03-13 16:14 - 2019-02-16 10:03 - 005625360 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-03-13 16:14 - 2019-02-16 10:03 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-03-13 16:14 - 2019-02-16 10:02 - 005821440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-03-13 16:14 - 2019-02-16 10:02 - 003291632 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-03-13 16:14 - 2019-02-16 10:02 - 001792712 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-03-13 16:14 - 2019-02-16 10:02 - 000705848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-03-13 16:14 - 2019-02-16 10:02 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-13 16:14 - 2019-02-16 10:01 - 001285424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-13 16:14 - 2019-02-16 10:01 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-03-13 16:14 - 2019-02-16 10:01 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-03-13 16:14 - 2019-02-16 10:01 - 001028920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-03-13 16:14 - 2019-02-16 10:01 - 000735464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-13 16:14 - 2019-02-16 10:01 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-03-13 16:14 - 2019-02-16 10:01 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-03-13 16:14 - 2019-02-16 10:01 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-03-13 16:14 - 2019-02-16 09:53 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-03-13 16:14 - 2019-02-16 09:51 - 001584536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-03-13 16:14 - 2019-02-16 09:50 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-03-13 16:14 - 2019-02-16 09:50 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-03-13 16:14 - 2019-02-16 09:50 - 000560384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-03-13 16:14 - 2019-02-16 09:37 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-03-13 16:14 - 2019-02-16 09:36 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-03-13 16:14 - 2019-02-16 09:36 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-03-13 16:14 - 2019-02-16 09:35 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-13 16:14 - 2019-02-16 09:35 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-13 16:14 - 2019-02-16 09:34 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-03-13 16:14 - 2019-02-16 09:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-03-13 16:14 - 2019-02-16 09:33 - 006646784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-03-13 16:14 - 2019-02-16 09:33 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-13 16:14 - 2019-02-16 09:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-13 16:14 - 2019-02-16 09:32 - 002969088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-13 16:14 - 2019-02-16 09:31 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-03-13 16:14 - 2019-02-16 09:31 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-03-13 16:14 - 2019-02-16 09:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-03-13 16:14 - 2019-02-16 09:30 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-03-13 16:14 - 2019-02-16 09:30 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-03-13 16:14 - 2019-02-16 09:30 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-03-13 16:14 - 2019-02-16 09:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-13 16:14 - 2019-02-16 09:29 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-03-13 16:14 - 2019-02-16 09:29 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-03-13 16:14 - 2019-02-16 09:28 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-03-13 16:14 - 2019-02-16 09:28 - 002585600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-03-13 16:14 - 2019-02-16 09:28 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-03-13 16:14 - 2019-02-16 09:28 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-03-13 16:14 - 2019-02-16 09:28 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-03-13 16:14 - 2019-02-16 09:27 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-03-13 16:14 - 2019-02-16 09:27 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-03-13 16:14 - 2019-02-16 09:27 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-13 16:14 - 2019-02-16 09:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-03-13 16:14 - 2019-02-16 09:26 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-03-13 16:14 - 2019-02-16 09:26 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-13 16:14 - 2019-02-16 09:26 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-03-13 16:14 - 2019-02-16 09:25 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-03-13 16:14 - 2019-02-16 09:25 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-03-13 16:13 - 2019-03-06 17:39 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-13 16:13 - 2019-03-06 17:36 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-03-13 16:13 - 2019-03-06 17:20 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-03-13 16:13 - 2019-03-06 17:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-13 16:13 - 2019-03-06 17:17 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-13 16:13 - 2019-03-06 17:17 - 000810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-13 16:13 - 2019-03-06 17:17 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-13 16:13 - 2019-03-06 17:14 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-03-13 16:13 - 2019-03-06 17:13 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 16:13 - 2019-03-06 17:12 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-03-13 16:13 - 2019-03-06 14:18 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-03-13 16:13 - 2019-03-06 14:18 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-13 16:13 - 2019-03-06 14:10 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-13 16:13 - 2019-03-06 14:09 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-13 16:13 - 2019-03-06 14:06 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-03-13 16:13 - 2019-03-06 14:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-13 16:13 - 2019-03-06 13:59 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-03-13 16:13 - 2019-03-06 11:16 - 001457032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-13 16:13 - 2019-03-06 11:16 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-13 16:13 - 2019-03-06 11:16 - 000722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-03-13 16:13 - 2019-03-06 11:16 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-13 16:13 - 2019-03-06 11:16 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-03-13 16:13 - 2019-03-06 11:11 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-13 16:13 - 2019-03-06 11:10 - 000248880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-03-13 16:13 - 2019-03-06 11:06 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-13 16:13 - 2019-03-06 11:05 - 000439224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-13 16:13 - 2019-03-06 11:05 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-13 16:13 - 2019-03-06 11:04 - 002765856 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-13 16:13 - 2019-03-06 11:04 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2019-03-13 16:13 - 2019-03-06 11:02 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-13 16:13 - 2019-03-06 11:02 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-13 16:13 - 2019-03-06 11:02 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-13 16:13 - 2019-03-06 11:02 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-03-13 16:13 - 2019-03-06 10:31 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-03-13 16:13 - 2019-03-06 10:31 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 16:13 - 2019-03-06 10:31 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 16:13 - 2019-03-06 10:28 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-03-13 16:13 - 2019-03-06 10:28 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-13 16:13 - 2019-03-06 10:26 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-13 16:13 - 2019-03-06 10:26 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-13 16:13 - 2019-03-06 10:26 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-13 16:13 - 2019-03-06 09:08 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-03-13 16:13 - 2019-03-06 08:17 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-13 16:13 - 2019-03-06 08:17 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-03-13 16:13 - 2019-03-06 08:15 - 002253488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-13 16:13 - 2019-03-06 08:15 - 000434488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-13 16:13 - 2019-03-06 08:14 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-13 16:13 - 2019-03-06 08:14 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2019-03-13 16:13 - 2019-03-06 08:13 - 000607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-03-13 16:13 - 2019-03-06 08:05 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-13 16:13 - 2019-03-06 07:56 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-13 16:13 - 2019-03-06 07:53 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-03-13 16:13 - 2019-03-06 07:53 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-13 16:13 - 2019-03-06 07:52 - 005790720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-13 16:13 - 2019-03-06 07:52 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-13 16:13 - 2019-03-06 07:52 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-03-13 16:13 - 2019-03-06 07:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-03-13 16:13 - 2019-03-06 07:51 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-13 16:13 - 2019-03-06 07:51 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-03-13 16:13 - 2019-03-06 07:50 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-13 16:13 - 2019-03-06 07:50 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-13 16:13 - 2019-03-06 07:49 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-03-13 16:13 - 2019-03-06 07:49 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-03-13 16:13 - 2019-03-06 07:49 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-03-13 16:13 - 2019-03-06 07:48 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-13 16:13 - 2019-03-06 07:48 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-13 16:13 - 2019-02-21 05:26 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-13 16:13 - 2019-02-16 15:02 - 001644040 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-13 16:13 - 2019-02-16 15:02 - 000808456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-13 16:13 - 2019-02-16 15:02 - 000735752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-13 16:13 - 2019-02-16 15:02 - 000620040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-13 16:13 - 2019-02-16 15:02 - 000460296 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-13 16:13 - 2019-02-16 15:02 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-13 16:13 - 2019-02-16 15:02 - 000147464 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-13 16:13 - 2019-02-16 15:02 - 000071176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-13 16:13 - 2019-02-16 14:57 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-03-13 16:13 - 2019-02-16 14:56 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-13 16:13 - 2019-02-16 14:36 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-03-13 16:13 - 2019-02-16 14:33 - 002194432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-03-13 16:13 - 2019-02-16 14:33 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-03-13 16:13 - 2019-02-16 14:32 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-03-13 16:13 - 2019-02-16 14:32 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-03-13 16:13 - 2019-02-16 14:31 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-03-13 16:13 - 2019-02-16 14:31 - 001186816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-03-13 16:13 - 2019-02-16 14:31 - 001003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-03-13 16:13 - 2019-02-16 14:31 - 000861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-03-13 16:13 - 2019-02-16 14:31 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-03-13 16:13 - 2019-02-16 14:30 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-03-13 16:13 - 2019-02-16 14:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-03-13 16:13 - 2019-02-16 14:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-03-13 16:13 - 2019-02-16 14:25 - 001539896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-03-13 16:13 - 2019-02-16 14:25 - 000148784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe
2019-03-13 16:13 - 2019-02-16 14:07 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-03-13 16:13 - 2019-02-16 14:07 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-03-13 16:13 - 2019-02-16 14:06 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-03-13 16:13 - 2019-02-16 14:06 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-03-13 16:13 - 2019-02-16 14:06 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-03-13 16:13 - 2019-02-16 14:04 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-03-13 16:13 - 2019-02-16 14:02 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2019-03-13 16:13 - 2019-02-16 13:55 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2019-03-13 16:13 - 2019-02-16 10:16 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-13 16:13 - 2019-02-16 10:15 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-13 16:13 - 2019-02-16 10:15 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-13 16:13 - 2019-02-16 10:05 - 000087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-03-13 16:13 - 2019-02-16 10:02 - 001934800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-03-13 16:13 - 2019-02-16 10:02 - 000413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-03-13 16:13 - 2019-02-16 10:01 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-03-13 16:13 - 2019-02-16 10:01 - 000641984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-03-13 16:13 - 2019-02-16 10:01 - 000480840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-13 16:13 - 2019-02-16 10:01 - 000161664 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2019-03-13 16:13 - 2019-02-16 09:57 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-13 16:13 - 2019-02-16 09:51 - 002479168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-03-13 16:13 - 2019-02-16 09:51 - 000170952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2019-03-13 16:13 - 2019-02-16 09:50 - 001805648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-03-13 16:13 - 2019-02-16 09:50 - 001171336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-03-13 16:13 - 2019-02-16 09:50 - 000504072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-03-13 16:13 - 2019-02-16 09:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-03-13 16:13 - 2019-02-16 09:33 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-13 16:13 - 2019-02-16 09:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-03-13 16:13 - 2019-02-16 09:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-03-13 16:13 - 2019-02-16 09:32 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-03-13 16:13 - 2019-02-16 09:31 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-03-13 16:13 - 2019-02-16 09:31 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-13 16:13 - 2019-02-16 09:30 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-03-13 16:13 - 2019-02-16 09:30 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2019-03-13 16:13 - 2019-02-16 09:28 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-03-13 16:13 - 2019-02-16 09:26 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 040262912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 035158736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 019717352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 016993240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 015911384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 013205768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 004946232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 004316304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 004260704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 002018392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441771.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 002003600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 001512352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 001471424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441771.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 001462024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 001461152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 001167584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 001151984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 001145536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 001126544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000914400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000822392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000794448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000750520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000637664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000609368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000552536 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000521688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000456848 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-03-10 11:03 - 2019-03-10 11:03 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-03-10 11:03 - 2019-03-10 11:03 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-03-10 11:03 - 2019-03-10 11:03 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-03-10 11:03 - 2019-03-10 11:03 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-03-10 11:02 - 2019-03-10 11:02 - 072520784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2019-03-10 11:02 - 2019-03-10 11:02 - 023174577 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2019-03-10 11:02 - 2019-03-10 11:02 - 007178544 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 007101608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 003677232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2019-03-10 11:02 - 2019-03-10 11:02 - 003319280 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 003159488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 002930224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 001971424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 001787824 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 001598264 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 001516328 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 001353184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000751360 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000734640 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000715512 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000692032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000511512 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000453144 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000452600 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000448664 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000343576 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000333072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000278336 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000261296 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000261064 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000260080 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000157208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000139624 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000118456 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000105176 _____ C:\WINDOWS\system32\audioLibVc.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000090040 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2019-03-10 11:02 - 2019-03-10 11:02 - 000056184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-03-10 11:01 - 2019-03-10 11:01 - 001083424 _____ C:\WINDOWS\system32\AmRdrIco.icl
2019-03-10 11:01 - 2019-03-10 11:01 - 000056840 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2019-03-07 21:28 - 2019-03-07 21:28 - 000000000 ___DC C:\Users\Jura\AppData\Roaming\FINAL FANTASY TYPE-0™ HD Installer

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-04 05:32 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-04 05:17 - 2019-01-20 19:27 - 000000000 ___DC C:\Users\Jura\AppData\Local\LogMeIn Hamachi
2019-04-04 05:17 - 2017-11-10 03:04 - 000000000 ___DC C:\Users\Jura\AppData\LocalLow\Mozilla
2019-04-04 05:14 - 2018-06-25 04:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-03 22:38 - 2018-12-14 20:07 - 000000000 ___DC C:\Users\Jura\AppData\Roaming\discord
2019-04-03 22:38 - 2017-11-10 02:38 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-03 18:49 - 2019-02-14 22:44 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2019-04-03 18:49 - 2019-02-14 22:44 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2019-04-03 16:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-03 14:27 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-02 22:03 - 2017-11-11 18:11 - 000000000 ___DC C:\Users\Jura\AppData\Roaming\uTorrent
2019-04-02 19:39 - 2017-11-13 20:27 - 000000000 ___DC C:\Users\Jura\AppData\Roaming\vlc
2019-04-02 16:48 - 2018-09-12 17:46 - 000000000 ___DC C:\Users\Jura\AppData\Local\D3DSCache
2019-04-01 12:20 - 2017-11-10 18:52 - 000000000 ___DC C:\Users\Jura\AppData\Local\Ubisoft Game Launcher
2019-03-31 10:22 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-31 10:22 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-29 10:24 - 2018-01-08 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-03-28 19:38 - 2017-11-10 02:52 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-28 06:29 - 2018-06-25 04:10 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 06:29 - 2018-06-25 04:10 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-27 23:18 - 2018-12-16 10:52 - 000011728 ____C C:\Users\Jura\Desktop\plán.xlsx
2019-03-27 23:16 - 2017-11-10 02:53 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-27 17:08 - 2018-06-25 04:10 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-698999926-1648983513-1323860127-1001
2019-03-27 17:08 - 2018-06-25 04:08 - 000002358 ____C C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-27 17:08 - 2017-11-10 02:39 - 000000000 ___RD C:\Users\Jura\OneDrive
2019-03-24 13:02 - 2017-11-10 02:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-22 21:34 - 2017-11-10 02:53 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-20 18:47 - 2018-06-25 04:11 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-20 18:47 - 2018-04-12 17:51 - 000716072 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-20 18:47 - 2018-04-12 17:51 - 000144864 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-20 18:40 - 2018-06-25 04:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-20 18:40 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-20 16:07 - 2018-11-16 16:56 - 000000000 ____D C:\Program Files\rempl
2019-03-14 11:14 - 2018-06-25 04:07 - 000409224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-14 01:57 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-03-14 01:57 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-03-14 01:57 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-14 01:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-14 01:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-14 01:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-14 01:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-14 01:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-14 01:57 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-13 16:15 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-13 16:14 - 2018-11-14 12:58 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-03-13 16:13 - 2017-11-10 02:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 16:12 - 2017-11-10 02:45 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-12 20:05 - 2018-12-14 20:07 - 000000000 ___DC C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-03-12 20:05 - 2018-12-14 20:07 - 000000000 ___DC C:\Users\Jura\AppData\Local\Discord
2019-03-10 11:03 - 2018-06-22 08:41 - 005003032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-03-10 11:03 - 2018-06-22 08:41 - 000048472 _____ C:\WINDOWS\system32\nvinfo.pb
2019-03-10 11:02 - 2018-06-22 08:41 - 001691696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2019-03-10 11:02 - 2018-06-22 08:41 - 000236688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2019-03-10 11:02 - 2018-05-08 11:09 - 006410288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2019-03-10 11:02 - 2018-05-08 11:09 - 003761952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2019-03-10 11:02 - 2018-05-08 11:09 - 000192848 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2019-03-10 11:02 - 2018-05-08 11:09 - 000023768 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2019-03-10 11:02 - 2017-11-10 03:41 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-03-10 11:01 - 2018-06-22 08:41 - 000228912 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2019-03-10 11:01 - 2018-02-08 17:41 - 000109504 _____ () C:\WINDOWS\system32\Drivers\AmUStor.sys
2019-03-05 22:40 - 2018-06-25 04:08 - 000000000 ____D C:\Users\Jura

==================== Files in the root of some directories =======

2017-11-14 21:52 - 2017-11-14 21:52 - 000728064 ____C () C:\Users\Jura\AppData\Local\file__0.localstorage

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-25 04:07

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Jura (04-04-2019 05:37:31)
Running from C:\Users\Jura\Desktop
Windows 10 Pro Version 1803 17134.648 (X64) (2018-06-25 02:10:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-698999926-1648983513-1323860127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-698999926-1648983513-1323860127-503 - Limited - Disabled)
Guest (S-1-5-21-698999926-1648983513-1323860127-501 - Limited - Disabled)
Jura (S-1-5-21-698999926-1648983513-1323860127-1001 - Administrator - Enabled) => C:\Users\Jura
WDAGUtilityAccount (S-1-5-21-698999926-1648983513-1323860127-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
APP Center (HKLM-x32\...\{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.17.0801 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.17.0801 - Gigabyte)
Assassin's Creed Chronicles China (HKLM-x32\...\Uplay Install 1651) (Version: - Ubisoft)
Audacity 2.2.0 (HKLM-x32\...\Audacity_is1) (Version: 2.2.0 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.0.2 - IObit)
Futuremark SystemInfo (HKLM-x32\...\{71BFECB2-2CFD-4E6A-A8AF-4EE600A816B7}) (Version: 5.3.629.0 - Futuremark)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM\...\{4F89919A-C57A-3F78-8057-9F0AF0CDD4D5}) (Version: 73.0.3683.86 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.303 - Huawei Technologies Co.,Ltd)
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
K-Lite Codec Pack 13.6.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.6.0 - KLCP)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
Ovládací panel NVIDIA 417.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.71 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
SHARK ZONE M50 (HKLM-x32\...\{8C0C1E01-5B65-4B6B-A3E6-29B87130E853}) (Version: 1.01.16.03 - Sharkoon Technologies)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.16.0822 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.16.0822 - GIGABYTE)
Skype verze 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-698999926-1648983513-1323860127-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01468285-A6D2-476B-9213-AABBD02AF2C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {12A8E0FC-1BA2-4DAD-9897-4160786B5C83} - System32\Tasks\Driver Booster SkipUAC (Jura) => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe (IObit Information Technology -> IObit)
Task: {36E10F18-C621-4A19-A0DF-45A5DD24FF60} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () [File not signed]
Task: {405A232F-C640-4E35-94FF-4178595D2696} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {55E6D25E-FC97-4248-A21B-29D36319D2F5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {6BA49EE2-9390-4407-BFA2-FF77B36800C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A464E5AA-E308-47FA-B8DD-D8FC098A419A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {ADF8D443-CCF3-4AEA-943B-A203E39CF672} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C1B676EF-C0C8-42D6-ACF2-6F8338E2DDEF} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {C57AF7B7-33AE-407E-9FCD-3AEA306037D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CB19A37B-B1BF-4230-B27D-F532792B411B} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\Scheduler.exe (IObit Information Technology -> IObit)
Task: {FBF01488-92E3-43D2-9086-3F6AB7C5930B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-08-24 17:54 - 2016-08-24 17:54 - 000352256 _____ (Intel(R) Corporation) [File not signed] C:\WINDOWS\system32\NCS2Setp.dll
2018-08-23 14:42 - 2018-08-23 14:42 - 000190784 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2015-04-14 16:27 - 2015-04-14 16:27 - 000016896 _____ () [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2017-11-10 02:53 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-11-09 23:35 - 2007-09-02 13:58 - 000495616 _____ () [File not signed] G:\junior\RocketDock\RocketDock.exe
2017-11-09 23:35 - 2007-09-02 13:57 - 000069632 _____ () [File not signed] G:\junior\RocketDock\RocketDock.dll
2018-01-08 17:40 - 2019-03-26 17:27 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2018-01-08 17:40 - 2019-03-26 17:27 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-01-08 17:40 - 2019-03-26 17:27 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Jura\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [362]
AlternateDataStreams: C:\Users\Jura\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [362]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-698999926-1648983513-1323860127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jura\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{7b436e34-b93e-4e85-862b-ebd2547339ce}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "SHARK ZONE M50"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D75DE402-B1B6-4BC3-98F7-6741069FE525}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F80CFF7B-F4D4-41E4-B4C0-860E3EF7C4DC}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2CD6F680-B88A-44B6-A495-AC97E9BB96C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division\TheDivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{6C362A97-74B9-41D1-815D-A73F5895E9D6}] => (Allow) LPort=3935
FirewallRules: [UDP Query User{710C7DCE-EE61-46D4-8114-81DAB17D47E8}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [TCP Query User{7940D533-09E6-4E68-ABA9-F1426CB49AAB}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{2F7B0703-220E-479D-84D4-8B5A65B397AF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BEF85EED-EED8-4407-91AF-33F4C0927BC7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22A8F98D-1C7A-485D-81B2-09EF7F96AA78}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F3021D37-23EF-405C-A4DB-D3AD3B0A772C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7219CAB4-7BBB-4B0D-8A60-17730C6B0970}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C1380537-D7C6-49CC-8A34-E3283F625C3B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{3AD689FA-1D2E-4B40-9459-3D21226B0C7D}] => (Allow) C:\Users\Jura\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0BC5C6B0-0795-43B5-99AD-857147621062}] => (Allow) C:\Users\Jura\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{FA69E277-1FDD-4D7D-9BCB-4EEEB6224848}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{2F733B9B-40AF-4AFC-9F5D-3C0AC7EED637}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{1FB00BA6-C371-4105-B28E-26B947C244E4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{304E77CA-74E3-4612-A67F-243489214B47}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6B74EE5E-87BF-4026-933F-6916917A3C65}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{14AB3DE7-EA21-42B8-A916-FC5AF9CEAB2D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{47505C2E-C8FD-4710-B51A-AA509A3DC023}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{3E369310-7356-40AF-9FC6-E1E3863799D7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{71F345F8-089E-4784-B738-E655DC750EF1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{8F0C5280-3FB0-41B6-AA15-225092E8F508}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{425D513B-0D84-40E9-9D09-0FE80EAC2116}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{AF0B700B-88BD-4990-B493-AE2F511E922A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [TCP Query User{46F71B75-6C89-457A-B9DD-A377B470AC1D}C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe No File
FirewallRules: [UDP Query User{3C5D064C-2A99-47E2-8554-9DD3AA0D4991}C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe No File
FirewallRules: [{503990FF-A497-453F-B321-00AB2BF0D933}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8567A9ED-4E5F-404A-AC2E-F377D9B7442C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{7432D022-4FCA-46DB-98F3-F596EA3287A0}C:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe () [File not signed]
FirewallRules: [UDP Query User{6A3F2FA4-B39A-45B2-B7DE-57188A3108AA}C:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe () [File not signed]
FirewallRules: [TCP Query User{D663A2D6-3EE5-498C-8AC7-D76E69B6B5BA}G:\junior\utorrent\downloads\worms armageddon\worms armageddon v3.7.2.1\wa.exe] => (Allow) G:\junior\utorrent\downloads\worms armageddon\worms armageddon v3.7.2.1\wa.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [UDP Query User{5E03FDE1-E195-4FF8-B686-878ADC39BDA1}G:\junior\utorrent\downloads\worms armageddon\worms armageddon v3.7.2.1\wa.exe] => (Allow) G:\junior\utorrent\downloads\worms armageddon\worms armageddon v3.7.2.1\wa.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{75592CFC-7496-492D-A912-9C7EA3024513}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{55E0AA9D-8FF1-4D4B-A871-14C0C5992814}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [TCP Query User{DA72D36D-5092-48CB-9EC5-AB256A4EC51D}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{4645E2D6-53E1-4DEA-A655-167C4ED0883E}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{696B4B7F-DF35-4F36-B32C-D028F24CA9A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{E31A51AA-8184-451E-9F8C-D726C771A3CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{F454598B-B2F0-43D9-9362-6AE631B99EBC}] => (Allow) G:\junior\CSgo\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{BFD283B5-85C9-4D77-9EFC-77E115572602}] => (Allow) G:\junior\CSgo\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{911CE299-A357-4A05-BA26-318E5B567A4C}] => (Allow) G:\junior\CSgo\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe () [File not signed]
FirewallRules: [{3A3838B5-A378-49A1-B094-D7F66BE68E0F}] => (Allow) G:\junior\CSgo\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe () [File not signed]
FirewallRules: [{97713757-44AE-49E8-AE48-3406C9700998}] => (Allow) G:\junior\CSgo\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{8EF56745-3B5F-4F61-997C-A757596C9B50}] => (Allow) G:\junior\CSgo\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{D3C2AB45-1C74-4E49-8CAC-ED271267B7B9}] => (Allow) G:\junior\CSgo\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{84025CD2-1BC6-4B73-BCB5-FD94C28CE027}] => (Allow) G:\junior\CSgo\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{3EC277D5-824A-4EE4-8174-23BC358FD4DF}] => (Allow) G:\junior\CSgo\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{48FC56DC-C200-4597-8DC4-D4B412FD2D4E}] => (Allow) G:\junior\CSgo\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{643F6857-955F-481D-8802-B42F4DBD5B49}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{59FF0738-5752-44A7-9B39-82B32BF8CB5B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3E7DB2E8-DFEF-4752-A8C2-A2F747DCA2C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A84D59F8-18B5-4FB3-A275-D547E85E3162}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{84CE5218-AE47-412D-9854-22D97EAFD852}] => (Allow) G:\junior\CSgo\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{189BE44C-AB35-4625-8422-A05E0D157570}] => (Allow) G:\junior\CSgo\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9D6118B4-3FEE-4386-91D5-5728D5394D42}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{3023962B-789B-4BC4-8A67-3B09DFA9BE43}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{96CD9E83-72AF-4A19-9C6D-CC1CA2D1D774}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

02-04-2019 19:04:41 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2019 05:29:35 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: JURA-PC)
Description: httphttp-2147467263

Error: (04/04/2019 05:29:35 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: JURA-PC)
Description: httphttp-2147467263

Error: (04/04/2019 05:21:28 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: JURA-PC)
Description: httphttp-2147467263

Error: (04/04/2019 05:21:28 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: JURA-PC)
Description: httphttp-2147467263

Error: (04/04/2019 05:19:17 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: JURA-PC)
Description: httphttp-2147467263

Error: (04/04/2019 05:17:55 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: JURA-PC)
Description: httphttp-2147467263

Error: (04/04/2019 05:03:33 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/04/2019 05:03:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=24


System errors:
=============
Error: (04/03/2019 06:47:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba LogMeIn Hamachi Tunneling Engine je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/03/2019 01:02:09 PM) (Source: DCOM) (EventID: 10016) (User: JURA-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli JURA-PC\Jura (SID: S-1-5-21-698999926-1648983513-1323860127-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/02/2019 05:18:19 PM) (Source: DCOM) (EventID: 10016) (User: JURA-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli JURA-PC\Jura (SID: S-1-5-21-698999926-1648983513-1323860127-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/02/2019 05:26:25 AM) (Source: DCOM) (EventID: 10010) (User: JURA-PC)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/02/2019 05:26:25 AM) (Source: DCOM) (EventID: 10010) (User: JURA-PC)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/02/2019 05:26:25 AM) (Source: DCOM) (EventID: 10010) (User: JURA-PC)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/02/2019 05:26:25 AM) (Source: DCOM) (EventID: 10010) (User: JURA-PC)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/02/2019 05:26:25 AM) (Source: DCOM) (EventID: 10010) (User: JURA-PC)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-03-22 23:46:54.067
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1225FF91-93CC-4F9C-AF42-25E60BF05969}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-22 10:48:57.498
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B5B759C2-D9D2-4402-8131-251FC7B67C1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-22 00:33:55.685
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CE75046B-C269-40C6-B6DC-36EACAC7B0CC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-21 21:13:27.097
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {69CB854C-BB60-456D-B3C2-D4FE60775D08}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-06 03:20:57.293
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C20C2661-F7CB-4E12-B65B-F7ECA50CC1DD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2018-11-08 07:07:07.337
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-08 07:07:07.326
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-08 07:06:37.262
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-08 07:06:37.257
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-08 07:06:37.251
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-08 07:06:37.246
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-08 07:06:36.881
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-08 07:06:36.862
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 35%
Total physical RAM: 16342.41 MB
Available physical RAM: 10535.02 MB
Total Virtual: 18774.41 MB
Available Virtual: 9696.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.92 GB) (Free:14.24 GB) NTFS
Drive f: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:931.41 GB) (Free:357.06 GB) NTFS

\\?\Volume{74dbd574-ed9b-4040-afcf-9f9750caf9b3}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{a39513cd-8a69-4442-8a4c-0c940afc3325}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 5C752E72)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Kodlz
Přítel fóra
Přítel fóra
Příspěvky: 780
Registrován: 30 kvě 2008 12:11

Re: po dlouhé době prosím o preventivní kontrolu

#2 Příspěvek od Kodlz »

ahoj
Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.

Teochi
Návštěvník
Návštěvník
Příspěvky: 61
Registrován: 05 čer 2009 10:29

Re: po dlouhé době prosím o preventivní kontrolu

#3 Příspěvek od Teochi »

Tady posílám log:

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-04.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-04-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 16
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\IOBIT\Driver Booster
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Jura\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\Jura\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB19A37B-B1BF-4230-B27D-F532792B411B}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2765 octets] - [04/04/2019 20:10:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Kodlz
Přítel fóra
Přítel fóra
Příspěvky: 780
Registrován: 30 kvě 2008 12:11

Re: po dlouhé době prosím o preventivní kontrolu

#4 Příspěvek od Kodlz »

Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {50b56a65-6f1b-11e8-9b76-1c1b0d68fe46} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {88bfcfcf-da77-11e8-9b81-1c1b0d68fe46} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart ... 0614__yaie
SearchScopes: HKU\S-1-5-21-698999926-1648983513-1323860127-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-698999926-1648983513-1323860127-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hsp ... 4__yaie&p={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\ip2j9z78.default -> hxxps://search.yahoo.com/yhs/web?hspart ... 0614__yaff
Task: {01468285-A6D2-476B-9213-AABBD02AF2C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {FBF01488-92E3-43D2-9086-3F6AB7C5930B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
AlternateDataStreams: C:\Users\Jura\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [362]
AlternateDataStreams: C:\Users\Jura\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [362]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
E trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [TCP Query User{46F71B75-6C89-457A-B9DD-A377B470AC1D}C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe No File
FirewallRules: [UDP Query User{3C5D064C-2A99-47E2-8554-9DD3AA0D4991}C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe No File
FirewallRules: [{643F6857-955F-481D-8802-B42F4DBD5B49}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{59FF0738-5752-44A7-9B39-82B32BF8CB5B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3E7DB2E8-DFEF-4752-A8C2-A2F747DCA2C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A84D59F8-18B5-4FB3-A275-D547E85E3162}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )

end

Teochi
Návštěvník
Návštěvník
Příspěvky: 61
Registrován: 05 čer 2009 10:29

Re: po dlouhé době prosím o preventivní kontrolu

#5 Příspěvek od Teochi »

posílám log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Jura (05-04-2019 15:28:23) Run:1
Running from C:\Users\Jura\Desktop
Loaded Profiles: Jura (Available Profiles: Jura)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {50b56a65-6f1b-11e8-9b76-1c1b0d68fe46} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\MountPoints2: {88bfcfcf-da77-11e8-9b81-1c1b0d68fe46} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart ... 0614__yaie
SearchScopes: HKU\S-1-5-21-698999926-1648983513-1323860127-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-698999926-1648983513-1323860127-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hsp ... 4__yaie&p={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\ip2j9z78.default -> hxxps://search.yahoo.com/yhs/web?hspart ... 0614__yaff
Task: {01468285-A6D2-476B-9213-AABBD02AF2C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {FBF01488-92E3-43D2-9086-3F6AB7C5930B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
AlternateDataStreams: C:\Users\Jura\Data aplikac�:00e481b5e22dbe1f649fcddd505d3eb7 [362]
AlternateDataStreams: C:\Users\Jura\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [362]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
E trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-698999926-1648983513-1323860127-1001\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [TCP Query User{46F71B75-6C89-457A-B9DD-A377B470AC1D}C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe No File
FirewallRules: [UDP Query User{3C5D064C-2A99-47E2-8554-9DD3AA0D4991}C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe No File
FirewallRules: [{643F6857-955F-481D-8802-B42F4DBD5B49}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{59FF0738-5752-44A7-9B39-82B32BF8CB5B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3E7DB2E8-DFEF-4752-A8C2-A2F747DCA2C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A84D59F8-18B5-4FB3-A275-D547E85E3162}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )

end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50b56a65-6f1b-11e8-9b76-1c1b0d68fe46} => removed successfully
HKLM\Software\Classes\CLSID\{50b56a65-6f1b-11e8-9b76-1c1b0d68fe46} => not found
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88bfcfcf-da77-11e8-9b81-1c1b0d68fe46} => removed successfully
HKLM\Software\Classes\CLSID\{88bfcfcf-da77-11e8-9b81-1c1b0d68fe46} => not found
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-698999926-1648983513-1323860127-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} => removed successfully
HKLM\Software\Classes\CLSID\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} => not found
"Firefox newtab" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01468285-A6D2-476B-9213-AABBD02AF2C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01468285-A6D2-476B-9213-AABBD02AF2C9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FBF01488-92E3-43D2-9086-3F6AB7C5930B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBF01488-92E3-43D2-9086-3F6AB7C5930B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\Users\Jura\Data aplikac�" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\Jura\AppData\Roaming => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => removed successfully
"HKU\E trusted site: HKU\.DEFAULT\...\localhost -> localhost\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\E trusted site: HKU\.DEFAULT\...\localhost -> localhost" => not found
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => not found
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => removed successfully
HKU\S-1-5-21-698999926-1648983513-1323860127-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{46F71B75-6C89-457A-B9DD-A377B470AC1D}C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3C5D064C-2A99-47E2-8554-9DD3AA0D4991}C:\program files (x86)\steam\steamapps\common\bless online\binaries\win64\bless.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{643F6857-955F-481D-8802-B42F4DBD5B49}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{59FF0738-5752-44A7-9B39-82B32BF8CB5B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E7DB2E8-DFEF-4752-A8C2-A2F747DCA2C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A84D59F8-18B5-4FB3-A275-D547E85E3162}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 137372225 B
Java, Flash, Steam htmlcache => 228422001 B
Windows/system/drivers => 84578 B
Edge => 3786 B
Chrome => 302986177 B
Firefox => 902115959 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 86340 B
NetworkService => 0 B
Jura => 9470049 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:28:52 ====

Kodlz
Přítel fóra
Přítel fóra
Příspěvky: 780
Registrován: 30 kvě 2008 12:11

Re: po dlouhé době prosím o preventivní kontrolu

#6 Příspěvek od Kodlz »

muzes jeste zkusit tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,Vyber "Vlastní sken" a klikni na "Konfigurovat sken"
V okně "Konfigurace vlastního skenu" vyber všechny pevné disky a zatrhni možnost u "Hledat rootkity"
Kliknutím na Skenovat nyní začne MBAM pracovat.

Teochi
Návštěvník
Návštěvník
Příspěvky: 61
Registrován: 05 čer 2009 10:29

Re: po dlouhé době prosím o preventivní kontrolu

#7 Příspěvek od Teochi »

Našlo to ještě nějaké hrozby, smazáno. Děkuji za pomoc, vypadá to, že to běží ted všechno lépe :)

Kodlz
Přítel fóra
Přítel fóra
Příspěvky: 780
Registrován: 30 kvě 2008 12:11

Re: po dlouhé době prosím o preventivní kontrolu

#8 Příspěvek od Kodlz »

rad jsem pomohl :closed:

Zamčeno