Prosím o kontrolu logu.

[Hellghast]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Hellg (administrator) on HELLGHASTT (04-04-2019 07:16:13)
Running from C:\Users\Hellg\Desktop
Loaded Profiles: Hellg (Available Profiles: Hellg)
Platform: Windows 10 Pro Version 1809 17763.379 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19031.57.0_x64__8wekyb3d8bbwe\YourPhone.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Hellg\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) D:\Steam\Steam.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-08-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2019-03-13] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-668625089-3180336808-2847170942-1001\...\Run: [Steam] => D:\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-668625089-3180336808-2847170942-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1716720 2019-03-20] (Google LLC -> Google Inc.)
HKU\S-1-5-21-668625089-3180336808-2847170942-1001\...\MountPoints2: {a6808191-2c30-11e9-9894-2c56dc3cad89} - "G:\Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-21] (Google LLC -> Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a9b6545e-433c-4486-92b0-df73eaec0cfb}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default [2019-04-04]
CHR Extension: (Prezentace) - C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-04]
CHR Extension: (Dokumenty) - C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-04]
CHR Extension: (Disk Google) - C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-04]
CHR Extension: (YouTube) - C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-04]
CHR Extension: (Tabulky) - C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-04]
CHR Extension: (Gmail) - C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-02-04]
CHR Extension: (Chrome Media Router) - C:\Users\Hellg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8348064 2019-02-17] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-03-13] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-03-13] (ESET, spol. s r.o. -> ESET)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] (Synology Inc. -> ) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] (ASUSTeK Computer Inc. -> )
R3 busenum; C:\Windows\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-03-13] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107744 2019-03-13] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2019-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188240 2019-03-13] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50280 2019-03-13] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [82472 2019-03-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110000 2019-03-13] (ESET, spol. s r.o. -> ESET)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4aa19ae78d94d8a3\nvlddmkm.sys [20706184 2019-02-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46680 2019-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [330936 2019-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2019-02-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-04 07:16 - 2019-04-04 07:16 - 000013816 _____ C:\Users\Hellg\Desktop\FRST.txt
2019-04-04 07:16 - 2019-04-04 07:16 - 000000000 ____D C:\FRST
2019-04-04 07:15 - 2019-04-04 07:15 - 002434048 _____ (Farbar) C:\Users\Hellg\Desktop\FRST64.exe
2019-04-04 07:07 - 2019-04-04 07:08 - 000000000 ____D C:\AdwCleaner
2019-04-04 07:05 - 2019-04-04 07:05 - 007316688 _____ (Malwarebytes) C:\Users\Hellg\Desktop\adwcleaner_7.2.7.0.exe
2019-04-04 07:02 - 2019-04-04 07:02 - 000000000 ___HD C:\OneDriveTemp
2019-04-03 23:43 - 2019-04-03 23:43 - 001222144 _____ C:\Users\Hellg\Desktop\RSITx64.exe
2019-04-03 23:43 - 2019-04-03 23:43 - 000000000 ____D C:\rsit
2019-04-03 23:43 - 2019-04-03 23:43 - 000000000 ____D C:\Program Files\trend micro
2019-03-29 21:08 - 2019-03-29 21:08 - 000000000 ____D C:\Users\Hellg\Desktop\Seal.Team.S02E15.720p.AMZN.WEB-DL.x265-HETeam
2019-03-29 16:52 - 2019-03-29 17:15 - 234369931 _____ C:\Users\Hellg\Desktop\Seal.Team.S02E15.720p.AMZN.WEB-DL.x265-HETeam.rar
2019-03-29 16:48 - 2019-03-29 16:48 - 000016400 _____ C:\Users\Hellg\Desktop\[CzT]MI5_Spooks_2_serie_CZ_TvRip_.torrent
2019-03-29 06:27 - 2019-03-29 06:27 - 000010995 _____ C:\Users\Hellg\Desktop\[CzT]Cinsky_syndrom_The_China_Syndrome_1979_CZ_.torrent
2019-03-28 15:58 - 2019-03-28 15:58 - 000000000 ____D C:\Users\Hellg\Desktop\Nová složka
2019-03-28 15:57 - 2019-03-28 15:57 - 000000000 ____D C:\Program Files (x86)\Switcher
2019-03-28 15:57 - 2019-03-28 15:57 - 000000000 ____D C:\Program Files (x86)\Mobile
2019-03-28 13:54 - 2019-03-28 13:54 - 000018974 _____ C:\Users\Hellg\Desktop\[CzT]MI5_Spooks_1_serie_CZ_TvRip_.torrent
2019-03-24 22:49 - 2019-03-24 22:50 - 000000000 ____D C:\Users\Hellg\Desktop\ender 3
2019-03-23 16:30 - 2019-03-21 19:03 - 327337823 _____ C:\Users\Hellg\Desktop\SEAL.Team.S02E14.HDTV.x264-SVA.mkv
2019-03-23 16:30 - 2017-08-06 20:44 - 000000046 _____ C:\Users\Hellg\Desktop\Click here for More releases.url
2019-03-23 10:56 - 2019-03-23 10:58 - 327338154 _____ C:\Users\Hellg\Desktop\SEAL.Team.S02E14.HDTV.x264-SVA.rar
2019-03-17 11:08 - 2019-03-17 11:08 - 003591994 _____ C:\Users\Hellg\Desktop\ender3 pro firmware + ISP cable instuction.rar
2019-03-17 11:08 - 2019-03-17 11:08 - 000000000 ____D C:\Users\Hellg\Desktop\ender3 pro firmware + ISP cable instuction
2019-03-17 11:01 - 2019-03-17 11:01 - 000050184 _____ C:\Users\Hellg\Desktop\Vzpěra 5015.stl
2019-03-17 11:01 - 2019-03-17 11:01 - 000001213 _____ C:\Users\Hellg\Desktop\pavel.curaprofile
2019-03-17 10:15 - 2019-03-17 10:15 - 000000202 _____ C:\Users\Hellg\Desktop\Workers & Resources Soviet Republic.url
2019-03-16 23:46 - 2019-03-16 23:46 - 000016493 _____ C:\Users\Hellg\Desktop\[CzT]Brana_valecniku_Warrior_s_Gate_2016_CZ_.torrent
2019-03-12 20:37 - 2019-03-12 20:37 - 024616960 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 020814848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 019284480 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 019023872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 012151296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 008875008 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 007897088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 007882240 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 006069760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 005436184 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 004920832 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 004689408 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 003923456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 003744256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 003566080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 003551408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 002752360 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 002278240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 002127360 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001969152 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001782272 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001307648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001294856 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001289192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001258808 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-03-12 20:37 - 2019-03-12 20:37 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001131520 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001077912 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 001072720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000866152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000772608 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000525312 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-03-12 20:37 - 2019-03-12 20:37 - 000480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000453632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-12 20:37 - 2019-03-12 20:37 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000421688 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-12 20:37 - 2019-03-12 20:37 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-12 20:37 - 2019-03-12 20:37 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-03-12 20:37 - 2019-03-12 20:37 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-03-12 20:37 - 2019-03-12 20:37 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-03-12 20:37 - 2019-03-12 20:37 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2019-03-12 20:36 - 2019-03-12 20:37 - 026810368 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 023440896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 017520640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 015224320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 012857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 009683256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 009670656 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 007688088 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 007647256 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 007556392 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 007251456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 006548168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 005915936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 005296640 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 004588744 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 004245280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 003983360 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 003761664 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 003729808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 003660288 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 003652656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 003504128 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 003427840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 003399168 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 003382272 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 003378488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 003108864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002926904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 002871312 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002776712 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002766648 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002720768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002689536 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002637312 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 002630656 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002626360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 002488320 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 002447360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002437344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002275680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002199864 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002187776 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002141184 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002073240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002044416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002021584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002013696 _____ C:\Windows\system32\rdpnano.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 002001408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001969464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 001931264 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001893888 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001884672 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001860608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001844448 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001760768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001751352 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001742104 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001711616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001701376 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001697744 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-12 20:36 - 2019-03-12 20:36 - 001672704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001656832 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001644048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001612600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001604096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001590072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001572176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001563336 _____ (Microsoft Corporation) C:\Windows\system32\ttdrecordcpu.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001522488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001496064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001481488 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001479480 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001468440 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 001457544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001403920 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001360696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 001341880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-12 20:36 - 2019-03-12 20:36 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001296576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001272552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdrecordcpu.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 001221944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001221120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001199104 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001191512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001180248 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001179168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001121280 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 001098128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001087800 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001078072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Services.TargetedContent.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001056272 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001054200 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001047040 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001043256 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 001022616 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 001001472 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2019-03-12 20:36 - 2019-03-12 20:36 - 000981816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000955392 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000918032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000908800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2019-03-12 20:36 - 2019-03-12 20:36 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000895048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000888320 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000888120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pidgenx.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000871792 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000865568 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000860160 _____ C:\Windows\system32\MBR2GPT.EXE
2019-03-12 20:36 - 2019-03-12 20:36 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000836096 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000833064 _____ C:\Windows\system32\InputHost.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000831288 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000823296 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000817464 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000808464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000790328 _____ (Microsoft Corporation) C:\Windows\system32\upshared.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000782968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000775168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000772408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000764216 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000760832 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000757664 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000745984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000743224 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000735760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000726416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000714240 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000655160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000652824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000649528 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000649272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000646656 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000646632 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000619832 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000605496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000604336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000599040 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000591832 _____ C:\Windows\SysWOW64\InputHost.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-12 20:36 - 2019-03-12 20:36 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000519992 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000511800 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000508216 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000505656 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\ResourceMapper.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000484976 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000479232 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-03-12 20:36 - 2019-03-12 20:36 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000460304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000453944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000449368 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000449024 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000444728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000435712 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000419128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-12 20:36 - 2019-03-12 20:36 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000395064 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000386872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000383288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000383288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000367616 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000359424 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000355360 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000336744 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000330464 _____ (Microsoft Corporation) C:\Windows\system32\ttdwriter.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000322576 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000279376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000272648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdwriter.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000262456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000246584 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\ptpprov.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\SecureTimeAggregator.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000202552 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\winbio.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ngctasks.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000174392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000169784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000147256 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000138960 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbio.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000115152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000071184 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000035640 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-03-12 20:36 - 2019-03-12 20:36 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\SecureBioSysprep.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-12 20:36 - 2019-03-12 20:36 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-03-10 11:20 - 2019-03-10 11:20 - 000000000 ____D C:\Users\Hellg\AppData\Roaming\cura
2019-03-10 11:20 - 2019-03-10 11:20 - 000000000 ____D C:\Users\Hellg\AppData\Local\cura
2019-03-10 11:20 - 2019-03-10 11:20 - 000000000 ____D C:\Users\Hellg\AppData\Local\cache
2019-03-10 11:20 - 2019-03-10 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura
2019-03-10 11:20 - 2019-03-10 11:20 - 000000000 ____D C:\Program Files\Ultimaker Cura 3.6
2019-03-10 11:20 - 2019-03-10 11:20 - 000000000 ____D C:\Program Files\DIFX
2019-03-10 11:18 - 2019-03-10 11:19 - 150789240 _____ C:\Users\Hellg\Downloads\Ultimaker_Cura-3.6.0-win64.exe
2019-03-09 20:52 - 2019-03-09 20:52 - 000000202 _____ C:\Users\Hellg\Desktop\Factorio.url
2019-03-06 18:12 - 2019-03-06 18:16 - 000000000 ____D C:\Users\Hellg\Downloads\Line of Duty-Season 1

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-04 07:14 - 2019-02-04 09:01 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-04 07:12 - 2019-02-04 09:32 - 000000000 ___RD C:\Users\Hellg\OneDrive
2019-04-04 07:12 - 2019-02-04 08:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-04 07:12 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-04 07:11 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-04-04 07:07 - 2019-02-05 01:31 - 000000000 ____D C:\Users\Hellg\AppData\Local\D3DSCache
2019-04-04 00:47 - 2019-02-05 01:17 - 000000000 ____D C:\Users\Hellg\AppData\Roaming\vlc
2019-04-03 23:47 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-03 23:47 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-04-03 23:31 - 2019-02-04 08:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-03-31 01:31 - 2019-02-09 18:44 - 000000000 ____D C:\Users\Hellg\AppData\Roaming\qBittorrent
2019-03-30 06:22 - 2019-02-05 10:20 - 000004176 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1549354816
2019-03-30 06:22 - 2019-02-05 10:20 - 000001439 _____ C:\Users\Hellg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-03-28 15:59 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-03-28 05:20 - 2019-02-04 09:49 - 000003470 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 05:20 - 2019-02-04 09:49 - 000003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-27 07:42 - 2019-02-04 09:32 - 000003368 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-668625089-3180336808-2847170942-1001
2019-03-27 07:42 - 2019-02-04 09:26 - 000002401 _____ C:\Users\Hellg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-24 12:07 - 2019-02-18 11:51 - 000000000 ____D C:\Users\Hellg\AppData\Roaming\Factorio
2019-03-22 08:09 - 2019-02-04 08:52 - 001606102 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-22 08:09 - 2018-09-15 19:39 - 000682358 _____ C:\Windows\system32\perfh005.dat
2019-03-22 08:09 - 2018-09-15 19:39 - 000137076 _____ C:\Windows\system32\perfc005.dat
2019-03-21 23:26 - 2019-02-04 09:49 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-21 23:26 - 2019-02-04 09:49 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-13 21:36 - 2018-04-10 17:00 - 000145600 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2019-03-13 21:36 - 2017-10-11 22:46 - 000188240 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2019-03-13 21:36 - 2017-09-25 10:31 - 000110000 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-03-13 21:36 - 2017-04-07 08:18 - 000107744 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2019-03-13 21:36 - 2017-04-07 08:18 - 000082472 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2019-03-13 21:36 - 2017-04-07 08:18 - 000050280 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2019-03-13 07:23 - 2019-02-04 09:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-13 07:23 - 2019-02-04 09:30 - 000000000 ___RD C:\Users\Hellg\3D Objects
2019-03-13 07:23 - 2019-02-04 08:46 - 000438928 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-12 21:58 - 2018-09-15 19:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-03-12 21:58 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-12 21:58 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\TextInput
2019-03-12 21:58 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\oobe
2019-03-12 21:58 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-12 21:58 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-03-12 21:58 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-03-12 20:37 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-03-12 20:36 - 2019-02-04 08:49 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-03-12 20:35 - 2019-02-04 09:44 - 000000000 ____D C:\Windows\system32\MRT
2019-03-12 20:34 - 2019-02-04 09:44 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-05 23:07 - 2019-02-04 09:26 - 000000000 ____D C:\Users\Hellg

==================== Files in the root of some directories =======

2019-02-05 01:31 - 2019-02-05 01:32 - 000007598 _____ () C:\Users\Hellg\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================







Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Hellg (04-04-2019 07:16:49)
Running from C:\Users\Hellg\Desktop
Windows 10 Pro Version 1809 17763.379 (X64) (2019-02-04 06:48:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-668625089-3180336808-2847170942-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-668625089-3180336808-2847170942-503 - Limited - Disabled)
Guest (S-1-5-21-668625089-3180336808-2847170942-501 - Limited - Disabled)
Hellg (S-1-5-21-668625089-3180336808-2847170942-1001 - Administrator - Enabled) => C:\Users\Hellg
WDAGUtilityAccount (S-1-5-21-668625089-3180336808-2847170942-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Asus Sonic Suite Plugins (HKLM-x32\...\{3843fc8e-e352-4238-be32-74ca38dd57a0}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
Balíček ovladače systému Windows - Adafruit Industries LLC (usbser) Ports (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC)
Balíček ovladače systému Windows - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc))
Balíček ovladače systému Windows - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc))
Balíček ovladače systému Windows - Arduino Srl (www.arduino.org) Arduino USB Driver (03/19/2015 1.1.1.0) (HKLM\...\69E507459B453D69A453EFC9E461FAE1E073408A) (Version: 03/19/2015 1.1.1.0 - Arduino Srl (www.arduino.org))
Balíček ovladače systému Windows - libusb-win32 (libusb0) libusb-win32 devices (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32)
Balíček ovladače systému Windows - Linino (usbser) Ports (01/13/2014 1.0.0.0) (HKLM\...\A2C084AD4515675961A87E71B10E80E4FDCF7FAA) (Version: 01/13/2014 1.0.0.0 - Linino)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.81 - NVIDIA Corporation) Hidden
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
LibreOffice 6.1.4.2 (HKLM\...\{080C0C39-B1B5-48BB-85AB-4F9A8768CD10}) (Version: 6.1.4.2 - The Document Foundation)
Microsoft OneDrive (HKU\S-1-5-21-668625089-3180336808-2847170942-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NahimicSettingsConfigurator (HKLM\...\{81B881EA-2E90-4E70-8022-BA48D358586A}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 418.81 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 418.81 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Opera Stable 58.0.3135.127 (HKU\S-1-5-21-668625089-3180336808-2847170942-1001\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 418.81 - NVIDIA Corporation) Hidden
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7581 - Realtek Semiconductor Corp.)
Sonic Radar II (HKLM\...\{A70B8D38-273A-4D6A-B7D5-AEBEDEEE5D28}) (Version: 2.1.2501 - ASUSTeKcomputer.Inc)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Ultimaker Cura 3.6 (HKLM-x32\...\Ultimaker Cura 3.6) (Version: 3.6.0 - Ultimaker)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-668625089-3180336808-2847170942-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1ABBEC83-6E52-4788-A16D-C21D7739C31A} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B8D9A21-B738-4670-B440-A94231D67D4C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {39F098CC-E6B0-43D6-A73F-E532C7745990} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {405FC054-34C6-41DA-9BC3-606FFCA32D66} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F236526-6791-44E3-8D01-480A1AA7B66F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C02706F-9F1E-4E8D-9E6B-951C1A113E03} - System32\Tasks\Opera scheduled Autoupdate 1549354816 => C:\Users\Hellg\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {5CAA6959-13FD-4D89-A62C-D235973B0C66} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {61459FFD-E53E-4440-8ABE-35B2E4A4CF65} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69D81887-3D49-4EDF-957B-A030625A8A4F} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {820534DB-4821-4C0B-AD2E-0F0C62ECAB13} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {8AE25197-5D6A-4C00-9FDA-82BD6BCD0CDB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9CFB38DB-8859-47DE-B030-416BCFF19E3A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F586EB90-11A8-434B-B891-77F90FBEEF58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {F7DEF38E-F420-41D4-B55D-27F173087B60} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-05-11 09:12 - 2015-05-11 09:12 - 000248736 _____ (Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2019-02-04 10:04 - 2014-07-23 03:59 - 001360016 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2019-02-10 18:52 - 2019-02-10 18:47 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-02-10 18:52 - 2019-02-10 18:47 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-02-10 18:52 - 2019-02-10 18:47 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-02-10 18:52 - 2019-02-10 18:47 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-02-10 18:52 - 2019-02-10 18:47 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-02-10 18:52 - 2019-02-10 18:47 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-10 18:52 - 2019-02-10 18:47 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-02-10 18:52 - 2019-02-10 18:47 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-02-04 10:04 - 2019-04-04 07:12 - 000035624 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-668625089-3180336808-2847170942-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hellg\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7B76CC02-6024-4B80-8593-0CC5103BA9BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE5FE566-2E4B-4558-AD48-1B827EBF4EA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B5DB8C5B-0D61-4D5E-8DB6-D64E51743E6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{96B022FC-B5E2-41C8-B7A0-773A96C48567}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B6264B19-E1BC-481D-8090-76B93A0137A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A8558A6-E341-4147-9A7E-4D1F8FB74221}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{85F42821-F60C-4AF6-BFFD-D7B5CAE8D756}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9B3FBD5D-50B2-4CBE-AED7-EA8B920A4CB6}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{42AB2342-3B4C-4B83-9F4C-E5D8593665A8}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{515ED75B-3C08-48A9-82BE-4D71D57C56A7}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{411E78A4-7BA7-4A48-B0C3-CA735A75343D}] => (Allow) D:\Steam\steamapps\common\Gunsmith\GunSmithProject.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{ED76175D-CC28-4B9F-B9E2-E68BBD1D34E4}] => (Allow) D:\Steam\steamapps\common\Gunsmith\GunSmithProject.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{AF2F1011-966D-4E40-9115-56ED046BE80A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{AEC0EC33-C91D-4A6E-B484-85A1B4A42A9A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{FBB0A965-8121-489A-A9C5-7CB6CF959C59}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{07E296E6-C37D-447E-8422-40A12DA3867A}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{572771D6-C5BB-4EA1-8A5E-B482CAE06C97}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8AB0033F-522A-4810-B4D3-9B4B485AA640}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F73ECF49-8654-4D6F-AB0F-3596FF93BC05}] => (Allow) D:\Steam\steamapps\common\SovietRepublic\SOVIET.exe () [File not signed]
FirewallRules: [{52D40174-C0D5-4166-BEC0-CA628D1275F2}] => (Allow) D:\Steam\steamapps\common\SovietRepublic\SOVIET.exe () [File not signed]
FirewallRules: [{F2DE1EF2-9C1F-45BE-AE78-68AA4EF64DCF}] => (Allow) D:\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{C4F25727-6444-4A35-9B70-A58232531BC9}] => (Allow) D:\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{A7CD22E1-EE86-418D-9F36-9681D9D33752}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{31B6AB0B-F89D-4C55-8689-EEDC7DFE9BD8}] => (Allow) D:\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{538A7D07-AC32-4DD4-9394-D14BC5086EB4}] => (Allow) D:\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]

==================== Restore Points =========================

12-03-2019 20:33:52 Windows Update
22-03-2019 08:42:25 Naplánovaný kontrolní bod
28-03-2019 15:57:10 Installed Phone Nokia USB Driver

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/19/2019 02:12:14 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (02/19/2019 07:35:25 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (02/18/2019 07:06:07 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (02/17/2019 07:40:04 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (02/16/2019 06:54:08 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (02/15/2019 04:10:42 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (02/14/2019 05:15:51 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (02/13/2019 08:29:12 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe


System errors:
=============
Error: (04/04/2019 07:14:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/04/2019 07:14:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/04/2019 07:13:16 AM) (Source: DCOM) (EventID: 10016) (User: HELLGHASTT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli HELLGHASTT\Hellg (SID: S-1-5-21-668625089-3180336808-2847170942-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/04/2019 07:12:30 AM) (Source: DCOM) (EventID: 10016) (User: HELLGHASTT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscCloudBackupProvider
a APPID
Není k dispozici
uživateli HELLGHASTT\Hellg (SID: S-1-5-21-668625089-3180336808-2847170942-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/04/2019 07:12:29 AM) (Source: DCOM) (EventID: 10016) (User: HELLGHASTT)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli HELLGHASTT\Hellg (SID: S-1-5-21-668625089-3180336808-2847170942-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/04/2019 07:11:40 AM) (Source: DCOM) (EventID: 10010) (User: HELLGHASTT)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/04/2019 07:11:40 AM) (Source: DCOM) (EventID: 10010) (User: HELLGHASTT)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/04/2019 07:11:40 AM) (Source: DCOM) (EventID: 10010) (User: HELLGHASTT)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2019-03-14 06:21:00.970
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-14 06:21:00.965
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-14 06:21:00.939
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-14 06:21:00.936
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-14 06:21:00.904
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-14 06:21:00.901
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-14 06:21:00.444
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-14 06:21:00.441
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 17%
Total physical RAM: 16325.86 MB
Available physical RAM: 13508.58 MB
Total Virtual: 18757.86 MB
Available Virtual: 15280.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.16 GB) (Free:391.51 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.39 GB) (Free:354.33 GB) NTFS
Drive e: (Filmy) (Fixed) (Total:931.51 GB) (Free:104.47 GB) NTFS
Drive f: (My Book) (Fixed) (Total:596.17 GB) (Free:150.2 GB) NTFS

\\?\Volume{41289e78-ff7e-4bec-aa7e-2227ec4c6980}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{91e935b4-5c1b-468c-92ff-6897c6529589}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F837527B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 30F1F97F)

Partition: GPT.

==================== End of Addition.txt ============================

[Diallix]

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

[Hellghast]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-04-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-04-2019
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1249 octets] - [04/04/2019 07:08:24]
AdwCleaner[C00].txt - [1435 octets] - [04/04/2019 07:11:38]
AdwCleaner_Debug.log - [11361 octets] - [04/04/2019 07:13:12]
AdwCleaner[S01].txt - [1433 octets] - [04/04/2019 07:56:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Diallix]

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKU\S-1-5-21-668625089-3180336808-2847170942-1001\...\MountPoints2: {a6808191-2c30-11e9-9894-2c56dc3cad89} - "G:\Setup.exe"
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {820534DB-4821-4C0B-AD2E-0F0C62ECAB13} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
FirewallRules: [{42AB2342-3B4C-4B83-9F4C-E5D8593665A8}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{515ED75B-3C08-48A9-82BE-4D71D57C56A7}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
Task: {F586EB90-11A8-434B-B891-77F90FBEEF58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

[Hellghast]

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Hellg (04-04-2019 08:49:30) Run:1
Running from C:\Users\Hellg\Desktop
Loaded Profiles: Hellg (Available Profiles: Hellg)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-668625089-3180336808-2847170942-1001\...\MountPoints2: {a6808191-2c30-11e9-9894-2c56dc3cad89} - "G:\Setup.exe"
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-03-12 20:36 - 2019-03-12 20:36 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {820534DB-4821-4C0B-AD2E-0F0C62ECAB13} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
FirewallRules: [{42AB2342-3B4C-4B83-9F4C-E5D8593665A8}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{515ED75B-3C08-48A9-82BE-4D71D57C56A7}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
Task: {F586EB90-11A8-434B-B891-77F90FBEEF58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

EmptyTemp:

*****************

HKU\S-1-5-21-668625089-3180336808-2847170942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6808191-2c30-11e9-9894-2c56dc3cad89} => removed successfully
HKLM\Software\Classes\CLSID\{a6808191-2c30-11e9-9894-2c56dc3cad89} => not found
C:\Windows\system32\DrtmAuth8.bin => moved successfully
C:\Windows\system32\DrtmAuth7.bin => moved successfully
C:\Windows\system32\DrtmAuth6.bin => moved successfully
C:\Windows\system32\DrtmAuth5.bin => moved successfully
C:\Windows\system32\DrtmAuth4.bin => moved successfully
C:\Windows\system32\DrtmAuth3.bin => moved successfully
C:\Windows\system32\DrtmAuth2.bin => moved successfully
C:\Windows\system32\DrtmAuth1.bin => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{820534DB-4821-4C0B-AD2E-0F0C62ECAB13}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{820534DB-4821-4C0B-AD2E-0F0C62ECAB13}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{42AB2342-3B4C-4B83-9F4C-E5D8593665A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{515ED75B-3C08-48A9-82BE-4D71D57C56A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F586EB90-11A8-434B-B891-77F90FBEEF58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F586EB90-11A8-434B-B891-77F90FBEEF58}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 141553327 B
Java, Flash, Steam htmlcache => 190388325 B
Windows/system/drivers => 9588 B
Edge => 3339057 B
Chrome => 413496612 B
Firefox => 0 B
Opera => 287510768 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 19822 B
LocalService => 0 B
NetworkService => 1730 B
NetworkService => 0 B
Hellg => 1866954 B

RecycleBin => 24365006 B
EmptyTemp: => 1020.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:50:41 ====

[Diallix]

Dobre, ako je na tom pocitac?

[Hellghast]

Zatím to vypadá OK.

Děkuji za pomoc.

[Diallix]

Za malicko :]]