Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola Notasu popřipadě vir, je zpomalený

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Domcas
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 08 črc 2019 12:26

Preventivní kontrola Notasu popřipadě vir, je zpomalený

#1 Příspěvek od Domcas »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by sandra (08-07-2019 13:20:53)
Running from C:\Users\sandra\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Pro Version 1809 17763.557 (X64) (2019-03-22 16:55:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2678609943-2211741397-3223540712-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2678609943-2211741397-3223540712-503 - Limited - Disabled)
Guest (S-1-5-21-2678609943-2211741397-3223540712-501 - Limited - Disabled)
sandra (S-1-5-21-2678609943-2211741397-3223540712-1000 - Administrator - Enabled) => C:\Users\sandra
WDAGUtilityAccount (S-1-5-21-2678609943-2211741397-3223540712-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a2733506-e526-4bae-bc12-b2d37e2016ec}) (Version: 18.30.0 - Intel Corporation)
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.28 - Rivet Networks)
AR8171 Drivers (HKLM\...\{AC937267-F287-4B31-89E3-70C978366D87}) (Version: 1.0.0.28 - Rivet Networks) Hidden
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.)
Discord (HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Dragon Gaming Center (HKLM-x32\...\{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 2.0.1701.0601 - Micro-Star International Co., Ltd.) Hidden
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 2.0.1701.0601 - Micro-Star International Co., Ltd.)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1511.2001 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1511.2001 - Micro-Star International Co., Ltd.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.7.0.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{8866711B-6150-4BF3-81E7-E3F38E52717F}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
Nitrox (HKLM\...\{8C06C77E-90DF-4798-B3B4-1174BDEE2642}) (Version: 1.0.6938.29554 - Nitrox)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.9 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Ovládací panel NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
PokeMMO (HKLM\...\PokeMMO_is1) (Version: - PokeMMO)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.31218 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
SCM (HKLM\...\{E3CE9EC1-7244-4846-A383-6BF0B172917A}) (Version: 13.015.12097 - Application)
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.0101 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.0101 - Application)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.193 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1541.3.0_x86__kgqvnymyfvs32 [2019-07-07] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.142.300.0_x86__kgqvnymyfvs32 [2019-07-07] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-22] (Dolby Laboratories)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.29.2903.0_x86__ytsefhwckbdv6 [2019-07-07] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-07] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.6.0_x64__tqn3m7kee4xc8 [2018-11-25] (O2 Czech Republic a.s.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-01] (Microsoft Corporation) [MS Ad]
Twitch Player: Live Game Streaming -> C:\Program Files\WindowsApps\42731GoodMediaGroup.VidsTokforTwitchGamingLiveStre_1.1.8.0_x64__wzw6dymc89v9p [2019-07-07] (Good Media Group) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-10-14] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-05-19 09:11 - 2015-05-19 09:11 - 000335872 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2015-09-15 09:36 - 2015-09-15 09:36 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-09-15 09:36 - 2015-09-15 09:36 - 000285184 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2014-01-22 11:44 - 2014-01-22 11:44 - 000075912 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> ) [File not signed] C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll
2017-01-06 15:04 - 2017-01-06 15:04 - 006097688 _____ (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
2009-07-09 16:54 - 2009-07-09 16:54 - 000160768 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\WINDOWS\SysWOW64\MSIService.exe
2015-12-09 09:44 - 2015-12-09 09:44 - 000297984 _____ (MSI) [File not signed] C:\Program Files (x86)\SCM\SCM.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-10-24 21:37 - 2018-10-24 21:32 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sandra\Pictures\12036546_957254970984718_1645961479265159463_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3569BA35-B55E-42C7-9CE1-40853BC4731C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survive the Nights\SurviveTheNights_Win.exe () [File not signed]
FirewallRules: [{144BE06E-24A5-4CF3-923F-F11A7768A934}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survive the Nights\SurviveTheNights_Win.exe () [File not signed]
FirewallRules: [UDP Query User{F6203B67-B360-4F78-BE3A-7680E7529C48}C:\program files\epic games\subnautica\subserver\nitroxserver.exe] => (Allow) C:\program files\epic games\subnautica\subserver\nitroxserver.exe () [File not signed]
FirewallRules: [TCP Query User{EFF1EDD2-F1F2-4F30-99DB-79C898875285}C:\program files\epic games\subnautica\subserver\nitroxserver.exe] => (Allow) C:\program files\epic games\subnautica\subserver\nitroxserver.exe () [File not signed]
FirewallRules: [UDP Query User{DDD3D803-34D8-47DE-88ED-5C635F2CB9BE}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [TCP Query User{96DB4F29-4CFE-46ED-B23B-0EFB70FEC1E3}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [UDP Query User{D40192E9-8355-46A0-9B25-C470C256F535}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{64E52383-8C92-44A8-BE5F-B5BC7C5D4D14}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{0549BB9B-D046-4A46-9C06-D47B205C391F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1AC79686-5056-4FC9-AD60-F5FC66A3A6BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{334EF55F-FC86-4A99-8D4E-036AD6545307}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{587CFCD9-C49B-4343-89AE-518BEA7FE146}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{8F12540F-8E0A-49C0-9D0A-1730CB69B819}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{BEB73D46-8D60-48A8-A0FE-55D86595E266}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{6C1B797A-6F99-4121-9353-ACE127C91F44}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AB904BE6-9217-417A-8AA1-987E80943142}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{6E57182C-938D-414F-A41C-C65E82F955D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{76F4FABE-85AF-4B16-81BD-F601CDD38ABE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{D8712ADD-A65F-41CF-8680-7674DE8D040E}C:\windows.old\users\sandra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\windows.old\users\sandra\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{9D5F4510-6B6A-4928-B7EA-2A7ABB045312}C:\windows.old\users\sandra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\windows.old\users\sandra\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [{1191F543-FDEF-427B-BB23-AA626654D4B2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{A9AA809F-CA23-4694-89C4-33797AC64A01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3FD00F16-30C5-4E8A-8D0A-94BA21F540B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A0E1E1A-B073-47A4-999E-AD47E10AC1D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9720C4FC-14A2-4C71-AB6A-C2E3095EB2D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8BBEEAA7-BF85-41EF-8AD5-5326909B89C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3217613-BD61-4543-83E7-ADCA58428B42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3BE6DE47-41F6-4D82-BB78-9E56445304AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{83E56116-D86A-419D-A8A1-91B9441266C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{D78DFC86-651D-4304-9F43-6F6EF905B85E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{BB7E5DAE-B8BB-438B-8A89-59D2DDD8CCBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{A3A46C5E-B1DC-495C-BEDA-EB1CF2A570C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{E86F2FDC-77B9-432F-8811-26759005833D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{6483ED37-89C4-49AB-AB01-DD049B719481}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{EA1BCB47-E3F0-42DF-A185-939DAC1143EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [TCP Query User{57449575-3E6C-41EC-A9B5-F765F04326BB}C:\users\sandra\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\sandra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6B37D7FC-889C-4BC5-8A57-CBE985EC7482}C:\users\sandra\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\sandra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{59FF34D1-C2EA-46F2-A35D-F4E69585FA91}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CA58CF25-9ED1-4197-AE20-A76116C99F9A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D5EC7E4A-D834-4CED-A261-F32A13A5A433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{65E5690F-582A-431F-92D8-1B87532A3DF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B3B95B3A-30F3-420C-8CAA-B0BAD506553B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Steep\steep.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{A982E8B8-5E5F-4D35-9F0A-DD50AFC43339}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{505D10B7-74CB-459F-A112-74328EBBAAA2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{79185E74-9AD2-4C0F-BABF-24FED0FBFF75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{06A1A01F-0E33-4131-9ABA-9BEE638A4561}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

==================== Restore Points =========================

13-06-2019 22:37:24 Windows Update
07-07-2019 10:56:26 Windows Update

==================== Faulty Device Manager Devices =============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2019 09:57:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program XboxApp.exe verze 48.54.1906.25001 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 28f0

Čas spuštění: 01d534fdc4963812

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxApp_48.54.25001.0_x64__8wekyb3d8bbwe\XboxApp.exe

ID hlášení: 2757e83d-c6aa-4eee-a9a1-ebd4afd0356a

Úplný název balíčku s chybou: Microsoft.XboxApp_48.54.25001.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: Microsoft.XboxApp

Typ zablokování: Activation

Error: (06/16/2019 05:07:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI Update Agent.exe, verze: 1.0.1511.2001, časové razítko: 0x564e9050
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.475, časové razítko: 0x69a188f0
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000039129
ID chybujícího procesu: 0xdf0
Čas spuštění chybující aplikace: 0x01d52454ddeef52b
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 52ebff23-ab1c-4299-96b3-c972252e2034
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/16/2019 05:06:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI Update Agent.exe, verze: 1.0.1511.2001, časové razítko: 0x564e9050
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.475, časové razítko: 0x69a188f0
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039129
ID chybujícího procesu: 0xdf0
Čas spuštění chybující aplikace: 0x01d52454ddeef52b
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 57a19dd2-d78e-4edd-a58b-26eb3392c620
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/16/2019 05:06:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI Update Agent.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.FormatException
na System.DateTimeParse.Parse(System.String, System.Globalization.DateTimeFormatInfo, System.Globalization.DateTimeStyles)
na MSI_Update_Agent.MainWindow.MSIUpdateAgent_Loaded(System.Object, System.Windows.RoutedEventArgs)
na System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
na System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
na System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent)
na System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(System.Object)
na MS.Internal.LoadedOrUnloadedOperation.DoWork()
na System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
na System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks()
na System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object)
na System.Windows.Media.MediaContext.RenderMessageHandler(System.Object)
na System.Windows.Interop.HwndTarget.OnResize()
na System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
na System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (06/13/2019 10:22:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI Update Agent.exe, verze: 1.0.1511.2001, časové razítko: 0x564e9050
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.475, časové razítko: 0x69a188f0
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000039129
ID chybujícího procesu: 0x3df0
Čas spuštění chybující aplikace: 0x01d522252ffdf647
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 786933be-80fe-4483-8f15-29056af22ebe
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2019 10:21:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17763.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d4c

Čas spuštění: 01d51eb6a5ddc956

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\System32\MicrosoftEdgeCP.exe

ID hlášení: 00900848-8056-4e37-ac64-40ded544a79b

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: MicrosoftEdge

Typ zablokování: Unknown

Error: (06/13/2019 10:20:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI Update Agent.exe, verze: 1.0.1511.2001, časové razítko: 0x564e9050
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.475, časové razítko: 0x69a188f0
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039129
ID chybujícího procesu: 0x3df0
Čas spuštění chybující aplikace: 0x01d522252ffdf647
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 4b47d340-396c-4a4d-a061-07116b303d6f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2019 10:20:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI Update Agent.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.FormatException
na System.DateTimeParse.Parse(System.String, System.Globalization.DateTimeFormatInfo, System.Globalization.DateTimeStyles)
na MSI_Update_Agent.MainWindow.MSIUpdateAgent_Loaded(System.Object, System.Windows.RoutedEventArgs)
na System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
na System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
na System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent)
na System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(System.Object)
na MS.Internal.LoadedOrUnloadedOperation.DoWork()
na System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
na System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks()
na System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object)
na System.Windows.Media.MediaContext.RenderMessageHandler(System.Object)
na System.Windows.Interop.HwndTarget.OnResize()
na System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
na System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)


System errors:
=============
Error: (07/08/2019 01:21:54 PM) (Source: DCOM) (EventID: 10010) (User: sandra-PC)
Description: Server {0134A8B2-3407-4B45-AD25-E9F7C92A80BC} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/08/2019 01:15:10 PM) (Source: DCOM) (EventID: 10010) (User: sandra-PC)
Description: Server {0134A8B2-3407-4B45-AD25-E9F7C92A80BC} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/08/2019 12:19:45 PM) (Source: DCOM) (EventID: 10010) (User: sandra-PC)
Description: Server {0134A8B2-3407-4B45-AD25-E9F7C92A80BC} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/08/2019 07:50:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 07:50:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 07:50:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 07:50:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 07:50:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-07-07 22:16:57.971
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C227B153-4AC9-4E37-983A-F9CCBAA82B53}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-01 22:26:11.070
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4130F74C-868C-4B21-86BB-14E05A519CFD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-22 15:51:07.179
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {46D22244-E056-4B02-AECC-73A54889234D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-22 14:32:06.920
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2590FF56-83D4-426F-8AD0-A530A13B144D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-22 13:29:29.078
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0651D59C-6075-4C3D-B018-7BFCB6A9D9F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-07 21:28:38.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.580.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-07-07 10:52:31.595
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.827.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-06-01 21:49:48.243
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.2218.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-04-23 22:17:22.692
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2019-04-22 18:50:05.581
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.2470.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E16J6IMS.107 06/03/2016
Motherboard: Micro-Star International Co., Ltd. MS-16J6
Processor: Intel(R) Core(TM) i5-6300HQ CPU @ 2.30GHz
Percentage of memory in use: 68%
Total physical RAM: 8100.86 MB
Available physical RAM: 2540.66 MB
Total Virtual: 9700.86 MB
Available Virtual: 3178.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:920.67 GB) (Free:680.3 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DriverCD) (Fixed) (Total:10 GB) (Free:5.26 GB) NTFS

\\?\Volume{788d8f45-0000-0000-0000-c02ae6000000}\ () (Fixed) (Total:0.84 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 788D8F45)
Partition 1: (Active) - (Size=920.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=865 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Domcas
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 08 črc 2019 12:26

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#3 Příspěvek od Domcas »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-08-2019
# Duration: 00:00:09
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1328 octets] - [08/07/2019 22:20:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########



Doufám že sem to udělal dobře. :)

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#4 Příspěvek od Diallix »

Ano, udelal :]]

Poprosim o nove logy FRST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Domcas
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 08 črc 2019 12:26

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#5 Příspěvek od Domcas »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by sandra (09-07-2019 16:38:26)
Running from C:\Users\sandra\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Pro Version 1809 17763.557 (X64) (2019-03-22 16:55:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2678609943-2211741397-3223540712-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2678609943-2211741397-3223540712-503 - Limited - Disabled)
Guest (S-1-5-21-2678609943-2211741397-3223540712-501 - Limited - Disabled)
sandra (S-1-5-21-2678609943-2211741397-3223540712-1000 - Administrator - Enabled) => C:\Users\sandra
WDAGUtilityAccount (S-1-5-21-2678609943-2211741397-3223540712-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a2733506-e526-4bae-bc12-b2d37e2016ec}) (Version: 18.30.0 - Intel Corporation)
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.28 - Rivet Networks)
AR8171 Drivers (HKLM\...\{AC937267-F287-4B31-89E3-70C978366D87}) (Version: 1.0.0.28 - Rivet Networks) Hidden
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.)
Discord (HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Dragon Gaming Center (HKLM-x32\...\{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 2.0.1701.0601 - Micro-Star International Co., Ltd.) Hidden
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 2.0.1701.0601 - Micro-Star International Co., Ltd.)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1511.2001 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1511.2001 - Micro-Star International Co., Ltd.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.7.0.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{8866711B-6150-4BF3-81E7-E3F38E52717F}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
Nitrox (HKLM\...\{8C06C77E-90DF-4798-B3B4-1174BDEE2642}) (Version: 1.0.6938.29554 - Nitrox)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.9 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Ovládací panel NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
PokeMMO (HKLM\...\PokeMMO_is1) (Version: - PokeMMO)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.31218 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
SCM (HKLM\...\{E3CE9EC1-7244-4846-A383-6BF0B172917A}) (Version: 13.015.12097 - Application)
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.0101 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.0101 - Application)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.193 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1541.3.0_x86__kgqvnymyfvs32 [2019-07-07] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.500.0_x86__kgqvnymyfvs32 [2019-07-09] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-22] (Dolby Laboratories)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.29.2903.0_x86__ytsefhwckbdv6 [2019-07-07] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-07] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.6.0_x64__tqn3m7kee4xc8 [2018-11-25] (O2 Czech Republic a.s.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-01] (Microsoft Corporation) [MS Ad]
Twitch Player: Live Game Streaming -> C:\Program Files\WindowsApps\42731GoodMediaGroup.VidsTokforTwitchGamingLiveStre_1.1.8.0_x64__wzw6dymc89v9p [2019-07-07] (Good Media Group) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-10-14] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-05-19 09:11 - 2015-05-19 09:11 - 000007680 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2015-05-19 09:11 - 2015-05-19 09:11 - 000335872 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2015-09-15 09:36 - 2015-09-15 09:36 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-09-15 09:36 - 2015-09-15 09:36 - 000285184 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2009-07-09 16:54 - 2009-07-09 16:54 - 000160768 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\WINDOWS\SysWOW64\MSIService.exe
2015-12-09 09:44 - 2015-12-09 09:44 - 000297984 _____ (MSI) [File not signed] C:\Program Files (x86)\SCM\SCM.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-10-24 21:37 - 2018-10-24 21:32 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sandra\Pictures\12036546_957254970984718_1645961479265159463_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3569BA35-B55E-42C7-9CE1-40853BC4731C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survive the Nights\SurviveTheNights_Win.exe () [File not signed]
FirewallRules: [{144BE06E-24A5-4CF3-923F-F11A7768A934}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survive the Nights\SurviveTheNights_Win.exe () [File not signed]
FirewallRules: [UDP Query User{F6203B67-B360-4F78-BE3A-7680E7529C48}C:\program files\epic games\subnautica\subserver\nitroxserver.exe] => (Allow) C:\program files\epic games\subnautica\subserver\nitroxserver.exe () [File not signed]
FirewallRules: [TCP Query User{EFF1EDD2-F1F2-4F30-99DB-79C898875285}C:\program files\epic games\subnautica\subserver\nitroxserver.exe] => (Allow) C:\program files\epic games\subnautica\subserver\nitroxserver.exe () [File not signed]
FirewallRules: [UDP Query User{DDD3D803-34D8-47DE-88ED-5C635F2CB9BE}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [TCP Query User{96DB4F29-4CFE-46ED-B23B-0EFB70FEC1E3}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [UDP Query User{D40192E9-8355-46A0-9B25-C470C256F535}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{64E52383-8C92-44A8-BE5F-B5BC7C5D4D14}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{0549BB9B-D046-4A46-9C06-D47B205C391F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1AC79686-5056-4FC9-AD60-F5FC66A3A6BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{334EF55F-FC86-4A99-8D4E-036AD6545307}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{587CFCD9-C49B-4343-89AE-518BEA7FE146}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{8F12540F-8E0A-49C0-9D0A-1730CB69B819}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{BEB73D46-8D60-48A8-A0FE-55D86595E266}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{6C1B797A-6F99-4121-9353-ACE127C91F44}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AB904BE6-9217-417A-8AA1-987E80943142}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{6E57182C-938D-414F-A41C-C65E82F955D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{76F4FABE-85AF-4B16-81BD-F601CDD38ABE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{D8712ADD-A65F-41CF-8680-7674DE8D040E}C:\windows.old\users\sandra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\windows.old\users\sandra\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{9D5F4510-6B6A-4928-B7EA-2A7ABB045312}C:\windows.old\users\sandra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\windows.old\users\sandra\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [{1191F543-FDEF-427B-BB23-AA626654D4B2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{A9AA809F-CA23-4694-89C4-33797AC64A01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3FD00F16-30C5-4E8A-8D0A-94BA21F540B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3BE6DE47-41F6-4D82-BB78-9E56445304AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{83E56116-D86A-419D-A8A1-91B9441266C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{D78DFC86-651D-4304-9F43-6F6EF905B85E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{BB7E5DAE-B8BB-438B-8A89-59D2DDD8CCBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{A3A46C5E-B1DC-495C-BEDA-EB1CF2A570C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{E86F2FDC-77B9-432F-8811-26759005833D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{6483ED37-89C4-49AB-AB01-DD049B719481}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{EA1BCB47-E3F0-42DF-A185-939DAC1143EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [TCP Query User{57449575-3E6C-41EC-A9B5-F765F04326BB}C:\users\sandra\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\sandra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6B37D7FC-889C-4BC5-8A57-CBE985EC7482}C:\users\sandra\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\sandra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{59FF34D1-C2EA-46F2-A35D-F4E69585FA91}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CA58CF25-9ED1-4197-AE20-A76116C99F9A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D5EC7E4A-D834-4CED-A261-F32A13A5A433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{65E5690F-582A-431F-92D8-1B87532A3DF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B3B95B3A-30F3-420C-8CAA-B0BAD506553B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Steep\steep.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{A982E8B8-5E5F-4D35-9F0A-DD50AFC43339}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{505D10B7-74CB-459F-A112-74328EBBAAA2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{79185E74-9AD2-4C0F-BABF-24FED0FBFF75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{06A1A01F-0E33-4131-9ABA-9BEE638A4561}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{978E180E-808C-42F0-AFD7-4642B1B91142}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{25145C50-90A1-463B-9ABA-30DD8732CF5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{430FEA4C-287D-4345-AE32-1FB017A2ED3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{780974BD-FD4F-4325-932E-F6B98C24057B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

13-06-2019 22:37:24 Windows Update
07-07-2019 10:56:26 Windows Update

==================== Faulty Device Manager Devices =============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2019 09:57:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program XboxApp.exe verze 48.54.1906.25001 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 28f0

Čas spuštění: 01d534fdc4963812

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxApp_48.54.25001.0_x64__8wekyb3d8bbwe\XboxApp.exe

ID hlášení: 2757e83d-c6aa-4eee-a9a1-ebd4afd0356a

Úplný název balíčku s chybou: Microsoft.XboxApp_48.54.25001.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: Microsoft.XboxApp

Typ zablokování: Activation

Error: (06/16/2019 05:07:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI Update Agent.exe, verze: 1.0.1511.2001, časové razítko: 0x564e9050
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.475, časové razítko: 0x69a188f0
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000039129
ID chybujícího procesu: 0xdf0
Čas spuštění chybující aplikace: 0x01d52454ddeef52b
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 52ebff23-ab1c-4299-96b3-c972252e2034
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/16/2019 05:06:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI Update Agent.exe, verze: 1.0.1511.2001, časové razítko: 0x564e9050
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.475, časové razítko: 0x69a188f0
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039129
ID chybujícího procesu: 0xdf0
Čas spuštění chybující aplikace: 0x01d52454ddeef52b
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 57a19dd2-d78e-4edd-a58b-26eb3392c620
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/16/2019 05:06:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI Update Agent.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.FormatException
na System.DateTimeParse.Parse(System.String, System.Globalization.DateTimeFormatInfo, System.Globalization.DateTimeStyles)
na MSI_Update_Agent.MainWindow.MSIUpdateAgent_Loaded(System.Object, System.Windows.RoutedEventArgs)
na System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
na System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
na System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent)
na System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(System.Object)
na MS.Internal.LoadedOrUnloadedOperation.DoWork()
na System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
na System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks()
na System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object)
na System.Windows.Media.MediaContext.RenderMessageHandler(System.Object)
na System.Windows.Interop.HwndTarget.OnResize()
na System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
na System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (06/13/2019 10:22:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI Update Agent.exe, verze: 1.0.1511.2001, časové razítko: 0x564e9050
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.475, časové razítko: 0x69a188f0
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000039129
ID chybujícího procesu: 0x3df0
Čas spuštění chybující aplikace: 0x01d522252ffdf647
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 786933be-80fe-4483-8f15-29056af22ebe
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2019 10:21:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17763.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d4c

Čas spuštění: 01d51eb6a5ddc956

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\System32\MicrosoftEdgeCP.exe

ID hlášení: 00900848-8056-4e37-ac64-40ded544a79b

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: MicrosoftEdge

Typ zablokování: Unknown

Error: (06/13/2019 10:20:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI Update Agent.exe, verze: 1.0.1511.2001, časové razítko: 0x564e9050
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.475, časové razítko: 0x69a188f0
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039129
ID chybujícího procesu: 0x3df0
Čas spuštění chybující aplikace: 0x01d522252ffdf647
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 4b47d340-396c-4a4d-a061-07116b303d6f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/13/2019 10:20:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI Update Agent.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.FormatException
na System.DateTimeParse.Parse(System.String, System.Globalization.DateTimeFormatInfo, System.Globalization.DateTimeStyles)
na MSI_Update_Agent.MainWindow.MSIUpdateAgent_Loaded(System.Object, System.Windows.RoutedEventArgs)
na System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
na System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
na System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent)
na System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(System.Object)
na MS.Internal.LoadedOrUnloadedOperation.DoWork()
na System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
na System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks()
na System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object)
na System.Windows.Media.MediaContext.RenderMessageHandler(System.Object)
na System.Windows.Interop.HwndTarget.OnResize()
na System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
na System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)


System errors:
=============
Error: (07/08/2019 10:28:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 10:28:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 10:28:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 10:26:23 PM) (Source: DCOM) (EventID: 10016) (User: sandra-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscCloudBackupProvider
a APPID
Není k dispozici
uživateli sandra-PC\sandra (SID: S-1-5-21-2678609943-2211741397-3223540712-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 10:22:35 PM) (Source: DCOM) (EventID: 10010) (User: sandra-PC)
Description: Server {0134A8B2-3407-4B45-AD25-E9F7C92A80BC} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/08/2019 10:22:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (07/08/2019 10:22:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (07/08/2019 10:22:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll


Windows Defender:
===================================
Date: 2019-07-07 22:16:57.971
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C227B153-4AC9-4E37-983A-F9CCBAA82B53}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-01 22:26:11.070
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4130F74C-868C-4B21-86BB-14E05A519CFD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-22 15:51:07.179
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {46D22244-E056-4B02-AECC-73A54889234D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-22 14:32:06.920
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2590FF56-83D4-426F-8AD0-A530A13B144D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-22 13:29:29.078
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0651D59C-6075-4C3D-B018-7BFCB6A9D9F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-07 21:28:38.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.580.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-07-07 10:52:31.595
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.827.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-06-01 21:49:48.243
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.2218.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-04-23 22:17:22.692
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2019-04-22 18:50:05.581
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.2470.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E16J6IMS.107 06/03/2016
Motherboard: Micro-Star International Co., Ltd. MS-16J6
Processor: Intel(R) Core(TM) i5-6300HQ CPU @ 2.30GHz
Percentage of memory in use: 52%
Total physical RAM: 8100.86 MB
Available physical RAM: 3812.78 MB
Total Virtual: 9700.86 MB
Available Virtual: 4689.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:920.67 GB) (Free:679.87 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DriverCD) (Fixed) (Total:10 GB) (Free:5.26 GB) NTFS

\\?\Volume{788d8f45-0000-0000-0000-c02ae6000000}\ () (Fixed) (Total:0.84 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 788D8F45)
Partition 1: (Active) - (Size=920.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=865 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
ADDITION NEVIM CO ZNAMENA OMLOUVAM SE

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#6 Příspěvek od Diallix »

este poprosim log z FRST
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Domcas
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 08 črc 2019 12:26

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#7 Příspěvek od Domcas »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by sandra (administrator) on SANDRA-PC (Micro-Star International Co., Ltd. GL62 6QD) (10-07-2019 19:53:41)
Running from C:\Users\sandra\Desktop
Loaded Profiles: sandra (Available Profiles: sandra)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxApp_48.55.9001.0_x64__8wekyb3d8bbwe\XboxApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\sandra\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\internet explorer\ielowutil.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.550_none_7e1820994d00fd23\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(MSI) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-09-15] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8783616 2015-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SCM] => c:\Program Files (x86)\SCM\SCM.exe [297984 2015-12-09] (MSI) [File not signed]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-30] (Valve -> Valve Corporation)
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35195280 2019-04-22] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2678609943-2211741397-3223540712-1000\...\Run: [Discord] => C:\Users\sandra\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {204F7702-CDC2-4B3D-B0CA-18DB166F7A04} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2930E13B-7625-4D94-B44C-9A90128FB602} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3960BCB9-02CA-4530-A53F-C59D9258226B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {72BDB1FC-721F-401B-9E05-DF57F5532341} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7546008B-CDF3-4441-9E8F-BAF0A967A3C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {805FC0E7-CD92-4C13-B0CE-373E43E2655A} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [215320 2015-11-20] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {89B79B67-67B8-4407-BB0A-1CF55224A693} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC710BD7-07A4-49E5-BE49-C373BEBADAF0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BB679CD9-8BAD-49A6-A649-C3522A9C4375} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {D1EEF81C-C32F-4A2A-A323-F72EF7259948} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D227B81D-CE66-43B7-8D46-E6F12D9FEFC1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D24C2A62-3EF3-494D-82C6-59E4F86EFE0F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1648968-B19E-4A00-BB18-794FC738B87C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2BC8A07-825F-40E9-8454-8847A30A1844} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB890F4F-2227-46AF-8B2F-027D3FEDCD69} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FDCC4CCC-9BCE-47D7-9154-2B7DD5FE2174} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{14253aec-15ff-453e-83ca-333a5ff32589}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81039b1b-9273-4107-8463-8f8473197ada}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================

Edge:
======
Edge Extension: (Translator pro Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-02-13]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default [2019-05-03]
CHR Extension: (Prezentace) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-23]
CHR Extension: (Dokumenty) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-23]
CHR Extension: (Disk Google) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-23]
CHR Extension: (YouTube) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-23]
CHR Extension: (Tabulky) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-23]
CHR Extension: (AdBlock) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-23]
CHR Extension: (Gmail) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [603240 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [354920 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-18] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-10-28] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279096 2017-12-06] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-10-28] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\WINDOWS\System32\drivers\akshasp.sys [79168 2017-07-07] (SafeNet, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\System32\drivers\akshhl.sys [77640 2017-07-07] (SafeNet, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\System32\drivers\aksusb.sys [323392 2017-07-07] (SafeNet, Inc. -> SafeNet, Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-04] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-09-04] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [50144 2018-07-12] (ESET, spol. s r.o. -> ESET)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2017-06-29] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [161864 2015-10-05] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7708160 2018-09-15] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_b5e3213e640f6936\nvlddmkm.sys [20747736 2019-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [407768 2015-09-10] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-08-20] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-08-20] (Synaptics Incorporated -> Synaptics Incorporated)
S3 t_mouse.sys; C:\WINDOWS\System32\drivers\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] (Micro-Star Int'l Co. Ltd. -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-10 19:53 - 2019-07-10 19:56 - 000024023 _____ C:\Users\sandra\Desktop\FRST.txt
2019-07-10 19:52 - 2019-07-10 19:52 - 002095104 _____ (Farbar) C:\Users\sandra\Desktop\FRST64.exe
2019-07-10 10:32 - 2019-07-10 10:32 - 000000000 ___HD C:\OneDriveTemp
2019-07-09 16:29 - 2019-07-09 16:29 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 16:29 - 2019-07-09 16:29 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 16:29 - 2019-07-09 16:29 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 16:29 - 2019-07-09 16:29 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-08 22:16 - 2019-07-08 22:16 - 007025360 _____ (Malwarebytes) C:\Users\sandra\Downloads\adwcleaner_7.3.exe
2019-07-08 22:16 - 2019-07-08 22:16 - 007025360 _____ (Malwarebytes) C:\Users\sandra\Downloads\adwcleaner_7.3 (2).exe
2019-07-08 22:16 - 2019-07-08 22:16 - 007025360 _____ (Malwarebytes) C:\Users\sandra\Downloads\adwcleaner_7.3 (1).exe
2019-07-08 22:14 - 2019-07-08 22:22 - 000000000 ____D C:\AdwCleaner
2019-07-08 13:17 - 2019-07-10 19:53 - 000000000 ____D C:\FRST
2019-07-07 21:39 - 2019-07-07 21:39 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-07 21:39 - 2019-07-07 21:39 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-07-07 21:39 - 2019-07-07 21:39 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-07-07 21:38 - 2019-07-07 21:39 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 023438336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 018999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 007875072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 006547144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 006309256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-07-07 21:38 - 2019-07-07 21:38 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-07 21:38 - 2019-07-07 21:38 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-07 21:38 - 2019-07-07 21:38 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-07 21:38 - 2019-07-07 21:38 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-07 21:38 - 2019-07-07 21:38 - 001670840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-07 21:38 - 2019-07-07 21:38 - 001466496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-07 21:38 - 2019-07-07 21:38 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-07 21:38 - 2019-07-07 21:38 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-07-07 21:38 - 2019-07-07 21:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000513904 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-07-07 21:38 - 2019-07-07 21:38 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-07-07 21:38 - 2019-07-07 21:38 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-07-07 21:38 - 2019-07-07 21:38 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-07 21:38 - 2019-07-07 21:38 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-07-07 21:38 - 2019-07-07 21:38 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-07-07 21:38 - 2019-07-07 21:38 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-07-07 21:38 - 2019-07-07 21:38 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-07-07 21:38 - 2019-07-07 21:38 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2019-07-07 21:38 - 2019-07-07 21:38 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 003385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 002653696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000730592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-07-07 21:37 - 2019-07-07 21:37 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-07-07 21:37 - 2019-07-07 21:37 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-07-07 21:36 - 2019-07-07 21:36 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-07-07 21:36 - 2019-07-07 21:36 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-07-07 21:36 - 2019-07-07 21:36 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-07 21:36 - 2019-07-07 21:36 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-07-07 21:36 - 2019-07-07 21:36 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-07-07 11:42 - 2019-07-08 11:39 - 000000000 ____D C:\Program Files\UNP
2019-07-07 10:47 - 2019-07-07 10:47 - 000000000 ____D C:\Users\sandra\Desktop\Nová složka (2)
2019-06-13 22:37 - 2019-06-13 22:37 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-10 19:55 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 19:53 - 2019-03-24 18:51 - 000004202 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1D05A60A-007A-459F-91B3-15FA6DB1516C}
2019-07-10 19:53 - 2018-10-24 23:40 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-10 19:49 - 2019-03-22 18:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-10 15:39 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-10 12:25 - 2018-10-24 21:09 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-10 10:39 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-10 10:39 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-10 10:32 - 2017-02-22 00:19 - 000000000 ___RD C:\Users\sandra\OneDrive
2019-07-10 10:30 - 2019-04-22 18:59 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-07-10 10:30 - 2017-02-22 00:26 - 000000000 __SHD C:\Users\sandra\IntelGraphicsProfiles
2019-07-09 16:34 - 2019-03-22 18:47 - 001697058 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-09 16:34 - 2018-09-15 19:39 - 000719222 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-09 16:34 - 2018-09-15 19:39 - 000145764 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-09 16:34 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-09 16:32 - 2019-04-22 22:32 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 16:32 - 2019-04-22 22:32 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 16:32 - 2019-03-24 17:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-07-09 16:32 - 2018-10-24 21:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-07-09 16:29 - 2019-04-22 22:31 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 16:29 - 2019-04-22 22:31 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 16:29 - 2018-10-24 21:09 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-07-09 16:28 - 2019-04-22 22:31 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 16:28 - 2019-04-22 22:31 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-09 16:21 - 2018-12-09 22:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-08 22:35 - 2018-10-24 21:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-08 22:23 - 2019-03-22 18:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-08 22:22 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-08 22:22 - 2017-12-06 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-07-08 07:47 - 2017-04-03 16:56 - 000000000 ___RD C:\Users\sandra\3D Objects
2019-07-08 07:47 - 2017-02-22 00:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-08 07:45 - 2019-03-22 18:26 - 000266944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-07 23:44 - 2019-03-22 18:35 - 000000000 ____D C:\Users\sandra
2019-07-07 23:44 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-07-07 23:44 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-07-07 23:44 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-07 23:26 - 2018-10-24 21:31 - 000000000 ____D C:\Users\sandra\AppData\Local\PlaceholderTileLogoFolder
2019-07-07 22:39 - 2019-04-24 23:33 - 000000000 ____D C:\Users\sandra\AppData\Roaming\vlc
2019-07-07 21:52 - 2018-10-24 21:48 - 000000000 ____D C:\ProgramData\Packages
2019-07-07 21:37 - 2017-02-21 21:15 - 000408512 __RSH C:\bootmgr
2019-07-07 10:57 - 2019-03-22 23:42 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-07-07 10:57 - 2019-03-22 23:42 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-07 10:47 - 2019-05-24 18:45 - 000000000 ____D C:\Users\sandra\Desktop\hudba
2019-07-07 10:38 - 2019-03-22 18:53 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2678609943-2211741397-3223540712-1000
2019-07-07 10:37 - 2019-03-22 18:35 - 000002368 _____ C:\Users\sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-18 10:59 - 2019-04-22 22:32 - 002785776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-06-18 10:59 - 2019-04-22 22:32 - 002164080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-06-18 10:59 - 2019-04-22 22:32 - 001316664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-06-18 10:56 - 2019-04-22 22:31 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-06-16 17:07 - 2019-04-22 22:06 - 000000000 ____D C:\Users\sandra\AppData\Local\CrashDumps
2019-06-13 23:08 - 2018-11-09 20:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-13 22:38 - 2018-11-09 20:57 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-13 05:37 - 2019-04-22 20:59 - 000179184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2019-06-13 05:37 - 2019-04-22 20:59 - 000154608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

==================== Files in the root of some directories ================

2017-02-22 13:19 - 2019-04-22 20:02 - 000003304 _____ () C:\Users\sandra\installshield_scm.reg
2017-02-22 13:19 - 2019-04-22 20:02 - 000001856 _____ () C:\Users\sandra\scm.reg
2019-04-22 19:16 - 2019-04-22 19:16 - 000000000 _____ () C:\Users\sandra\AppData\Local\Driver_AR8171Present.flag

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Domcas
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 08 črc 2019 12:26

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#8 Příspěvek od Domcas »

Mužu ti sem hodit i stolní PC nebo mám vytvořit nové téma??

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#9 Příspěvek od Diallix »

Jasne, mozete sem dat aj ten.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

2019-07-10 10:30 - 2019-04-22 18:59 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-07-07 21:37 - 2019-07-07 21:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin

EmptyTemp:


Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Domcas
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 08 črc 2019 12:26

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#10 Příspěvek od Domcas »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by sandra (16-07-2019 21:02:25) Run:1
Running from C:\Users\sandra\Desktop
Loaded Profiles: sandra (Available Profiles: sandra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
2019-07-10 10:30-2019-04-22 18:59-000000180 _ _ _ _ _ _ _ _ _ _ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-07-07 21:37-2019-07-07 21:37-000000315 C:\WINDOWS\system32\DrtmAuth8.bin
-2019-07-07 21:37 2019-07-07 21:37-000000315 _ _ _ _ _ _ _ _ _ _ 2019-07-07 21:37-2019-07-07 21:37-000000315 C:\WINDOWS\system32\DrtmAuth7.bin
C:\WINDOWS\system32\DrtmAuth6.bin
2019-07-07 21:37-2019-07-07 21:37-000000315 _ _ _ _ _ C:\WINDOWS\ system32\DrtmAuth5.bin
2019-07-07 21:37-2019-07-07 21:37-000000315 _ _ _ _ _ _ _ _ _ _ C:\WINDOWS\system32\DrtmAuth4.bin
2019-07-07 21:37-2019-07-07 21:37-000000315 C:\WINDOWS\system32\DrtmAuth3.bin
2019-07-07 21:37-2019-07-07 21:37-000000315 _ _ _ _ _ _ _ _ _ _ C:\WINDOWS\system32\DrtmAuth2.bin
2019-07-07 21:37-2019-07-07 21:37-000000315 C:\WINDOWS\system32\DrtmAuth1.bin

EmptyTemp:

*****************

C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\DrtmAuth8.bin => moved successfully
-2019-07-07 21:37 2019-07-07 21:37-000000315 _ _ _ _ _ _ _ _ _ _ 2019-07-07 21:37-2019-07-07 21:37-000000315 C:\WINDOWS\system32\DrtmAuth7.bin => Error: No automatic fix found for this entry.
C:\WINDOWS\system32\DrtmAuth6.bin => moved successfully
"C:\WINDOWS\ system32\DrtmAuth5.bin" => not found
C:\WINDOWS\system32\DrtmAuth4.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth3.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth2.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth1.bin => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 266264038 B
Java, Flash, Steam htmlcache => 162037238 B
Windows/system/drivers => -209148 B
Edge => 144898998 B
Chrome => 40159181 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 954 B
LocalService => 0 B
NetworkService => 21748 B
NetworkService => 0 B
sandra => 79860106 B

RecycleBin => 12053198764 B
EmptyTemp: => 11.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:05:24 ====
Doufám že jsem to udělal dobře. Potom jsem vložim stolni PC až ukončime tohle :)

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#11 Příspěvek od Diallix »

Ako je na to pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Domcas
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 08 črc 2019 12:26

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#12 Příspěvek od Domcas »

Notas je rychlejší zatím je všechno v pořadku :)
Tady dávám stolní PC.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Domča (administrator) on DESKTOP-6OE360A (18-07-2019 20:03:15)
Running from C:\Users\Domča\Downloads
Loaded Profiles: Domča (Available Profiles: defaultuser0 & Domča)
Platform: Windows 10 Pro Version 1809 17763.615 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\microsoft.zunevideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Domča\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\Run: [World of Tanks] => D:\Games\World_of_Tanks_CT\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\Run: [DAEMON Tools Lite Automount] => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\Run: [FreeYouTubeDownloader] => "C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe" -h
HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
Startup: C:\Users\Domča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2019-04-18]
ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C2CB37D-CC5E-4347-BE9F-531F572D3419} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12BEAA33-37D2-42E4-A90F-AB9AEA479CFD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {22F116A4-ECA6-4F9B-A670-47CD7BF221AF} - System32\Tasks\MonitorMysticLight => C:\Program Files\GamingOSD\MysticLight\MysticLightController.exe
Task: {3E8F784D-9AA9-4C20-9352-712406709A4F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {57A47614-6BA9-4124-9DD9-3ED1DEC3B34A} - System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE => C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe [77687440 2017-01-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {823F989C-7081-4276-B2ED-776D262E2406} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {870BF4FE-584C-49C9-96F8-C165F434250A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {89A6242A-D5E6-497A-BD29-563016B2B43A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A49CE877-E21A-4480-936D-17D8D739814E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4CC1622-50B4-4549-90AF-2D0C04DBE124} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A54CD7E9-D888-4782-8819-5B1F9830F59C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1577D55-D08D-453B-8704-EE74CAB63C99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B219F2E5-32B7-41A7-8D13-88679ABF2737} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B53A8A54-0FC2-4234-8F92-0B7C065E8AE2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E8ED5C27-1AA7-4D83-98D1-BCDD233348DD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9D4D9CE-EC88-42A0-BFBC-D2156318C12D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4B4B641-5F50-483F-926A-30C56FC82513} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-11] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{090b660b-604a-41ae-80ea-fcec81323b1a}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8454672 2019-05-23] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-06-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-07-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-05-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-05-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [50144 2018-10-18] (ESET, spol. s r.o. -> ESET)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2019-06-13] (Martin Malik - REALiX -> REALiX(tm))
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b49751b9038af669\nvlddmkm.sys [21836032 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [45152 2018-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; D:\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-18 20:03 - 2019-07-18 20:04 - 000016077 _____ C:\Users\Domča\Downloads\FRST.txt
2019-07-18 20:00 - 2019-07-18 20:00 - 002095104 _____ (Farbar) C:\Users\Domča\Downloads\FRST64 (1).exe
2019-07-18 19:23 - 2019-07-18 19:23 - 002095104 _____ (Farbar) C:\Users\Domča\Downloads\FRST64.exe
2019-07-18 19:18 - 2019-07-18 19:18 - 000000000 ___HD C:\OneDriveTemp
2019-07-11 20:38 - 2019-07-18 20:03 - 000000000 ____D C:\FRST
2019-07-11 19:54 - 2019-07-11 19:54 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 023454208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 019012096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 012938752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 012243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 007876096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 007727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 006545304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 006308232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 005587976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 005115384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 003818416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 003738624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002982400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002871816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002701000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002626872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002278784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-11 19:54 - 2019-07-11 19:54 - 002073472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-11 19:54 - 2019-07-11 19:54 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001837136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001721352 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001702088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-11 19:54 - 2019-07-11 19:54 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001477648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001472808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 001465464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001427592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001345168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-11 19:54 - 2019-07-11 19:54 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001266192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-11 19:54 - 2019-07-11 19:54 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-07-11 19:54 - 2019-07-11 19:54 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 001162320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001075712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000810504 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000807480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000804744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000747568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-07-11 19:54 - 2019-07-11 19:54 - 000743216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-07-11 19:54 - 2019-07-11 19:54 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000687896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2019-07-11 19:54 - 2019-07-11 19:54 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000673520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2019-07-11 19:54 - 2019-07-11 19:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000660032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000652528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000553992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000514136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000431416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-07-11 19:54 - 2019-07-11 19:54 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000397688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000317456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000219448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000149232 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000121896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000092592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-11 19:54 - 2019-07-11 19:54 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-11 19:54 - 2019-07-11 19:54 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-11 19:54 - 2019-07-11 19:54 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 022115472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 009683472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 005561312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 005528064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 005297664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 004351448 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 003636224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 003630592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 003335216 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 003081728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 002593336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 002406928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 002200080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 002050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001794048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001713976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001662480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001397048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001259520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001199616 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2019-07-11 19:53 - 2019-07-11 19:53 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000998928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000987736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000895552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000871784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000850992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000799776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000768224 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000731104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000680176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-07-11 19:53 - 2019-07-11 19:53 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000511504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-07-11 19:53 - 2019-07-11 19:53 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000423480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000310288 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000294000 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000241944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2019-07-11 19:53 - 2019-07-11 19:53 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000197832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2019-07-11 19:53 - 2019-07-11 19:53 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000157024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000141216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000117720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-07-11 19:53 - 2019-07-11 19:53 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-07-11 19:53 - 2019-07-11 19:53 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-07-11 19:53 - 2019-07-11 19:53 - 000036360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-11 19:53 - 2019-07-11 19:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-07-11 19:53 - 2019-07-11 19:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-07-11 19:53 - 2019-07-11 19:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-07-11 19:53 - 2019-07-11 19:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-07-11 19:53 - 2019-07-11 19:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-07-11 19:53 - 2019-07-11 19:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-07-11 19:53 - 2019-07-11 19:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-07-11 19:53 - 2019-07-11 19:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-07-06 16:25 - 2019-07-06 19:15 - 1874896806 _____ C:\Users\Domča\Downloads\Psi Poslani (2017) CZ Dabing 1920x800.mkv
2019-07-02 10:19 - 2019-07-02 10:19 - 000000000 ____D C:\Users\Domča\AppData\Roaming\EasyAntiCheat
2019-06-23 15:31 - 2019-06-23 19:41 - 2764156623 _____ C:\Users\Domča\Downloads\John Wick 1 CZ.mkv.w9c6jni.partial
2019-06-22 20:17 - 2019-06-22 22:36 - 1539976726 _____ C:\Users\Domča\Downloads\Shazam CZ dabing Vaca.avi
2019-06-20 16:37 - 2019-06-20 19:02 - 1608196038 _____ C:\Users\Domča\Downloads\Ledová sezóna _Medvědi jsou zpět_cz.avi
2019-06-20 16:15 - 2019-06-20 16:15 - 000000000 ____D C:\Program Files\UNP

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-18 19:53 - 2019-05-20 14:13 - 000000000 ____D C:\Users\Domča\Documents\dzsalauncher
2019-07-18 19:53 - 2019-05-20 14:12 - 000000000 ____D C:\Users\Domča\AppData\Local\DZSALauncher
2019-07-18 19:50 - 2019-04-18 17:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-18 19:22 - 2019-04-18 17:57 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-18 19:22 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-18 19:21 - 2019-04-18 17:05 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-18 19:19 - 2019-04-19 14:30 - 000000000 ____D C:\Users\Domča\AppData\Local\CrashDumps
2019-07-18 19:18 - 2018-10-10 15:40 - 000000000 ___RD C:\Users\Domča\OneDrive
2019-07-17 20:21 - 2019-05-17 10:41 - 000000000 ____D C:\Users\Domča\AppData\Local\DayZ
2019-07-15 07:26 - 2019-04-18 17:56 - 000000000 ____D C:\WINDOWS\INF
2019-07-12 09:59 - 2019-04-18 18:00 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-12 09:59 - 2019-04-18 18:00 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-12 09:59 - 2019-04-18 17:12 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-12 09:53 - 2019-04-18 17:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-12 09:53 - 2019-04-18 17:05 - 000305544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-12 09:53 - 2019-04-18 17:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-07-12 09:53 - 2018-10-10 18:05 - 000000000 ___RD C:\Users\Domča\3D Objects
2019-07-12 09:53 - 2018-10-10 15:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-11 22:27 - 2019-04-18 17:52 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-11 22:26 - 2019-04-18 17:57 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-07-11 22:21 - 2019-05-20 16:50 - 000000000 ____D C:\Users\Domča\Documents\DayZ
2019-07-11 21:52 - 2019-04-18 17:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-11 19:58 - 2019-04-18 17:52 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-11 19:57 - 2019-04-19 18:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-11 19:56 - 2019-04-19 18:11 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-11 19:41 - 2019-04-19 13:44 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-11 19:41 - 2019-04-18 17:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-06 13:01 - 2019-04-18 17:14 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3734903305-3726271937-1672323936-1001
2019-07-06 13:01 - 2019-04-18 17:07 - 000002365 _____ C:\Users\Domča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-28 15:55 - 2019-04-19 17:45 - 000000000 ____D C:\Users\Domča\AppData\Roaming\Discord
2019-06-24 21:08 - 2019-04-19 14:10 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-06-24 21:08 - 2019-04-18 17:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-06-24 21:07 - 2019-05-31 18:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-05-31 18:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-05-31 18:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-05-31 18:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-04-19 14:10 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-04-19 14:10 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-04-19 14:10 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-04-19 14:10 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-04-19 14:10 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-04-19 14:10 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-24 21:07 - 2019-04-18 17:05 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-06-22 12:08 - 2019-04-18 17:11 - 000000000 ____D C:\ProgramData\Packages
2019-06-21 15:51 - 2019-04-19 14:15 - 000000000 ____D C:\Users\Domča\AppData\Local\D3DSCache
2019-06-20 17:48 - 2019-05-18 08:11 - 000000000 ____D C:\Users\Domča\AppData\Local\Ubisoft Game Launcher
2019-06-18 13:17 - 2019-04-18 17:07 - 000000000 ____D C:\Users\Domča
2019-06-18 10:59 - 2019-04-19 14:10 - 002785776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-06-18 10:59 - 2019-04-19 14:10 - 002164080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-06-18 10:59 - 2019-04-19 14:10 - 001316664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-06-18 10:56 - 2019-04-19 14:10 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat

==================== Files in the root of some directories ================

2019-05-15 20:09 - 2019-05-15 20:09 - 000221830 _____ () C:\Users\Domča\AppData\Roaming\0l9_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-05-13 10:08 - 2019-05-13 10:08 - 000007598 _____ () C:\Users\Domča\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Domcas
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 08 črc 2019 12:26

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#13 Příspěvek od Domcas »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Domča (18-07-2019 20:05:04)
Running from C:\Users\Domča\Downloads
Windows 10 Pro Version 1809 17763.615 (X64) (2019-04-18 15:11:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3734903305-3726271937-1672323936-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3734903305-3726271937-1672323936-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3734903305-3726271937-1672323936-1000 - Limited - Enabled) => C:\Users\defaultuser0
Domča (S-1-5-21-3734903305-3726271937-1672323936-1001 - Administrator - Enabled) => C:\Users\Domča
Guest (S-1-5-21-3734903305-3726271937-1672323936-501 - Limited - Disabled)
mlade (S-1-5-21-3734903305-3726271937-1672323936-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3734903305-3726271937-1672323936-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7035 - CDBurnerXP)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
Discord (HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
DZSALauncher version 0.0.4.2 (HKLM-x32\...\DZSALauncher_is1) (Version: 0.0.4.2 - Maca134)
Heroes & Generals WWII (HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\550277544025522176) (Version: - )
HWiNFO64 Version 5.70 (HKLM\...\HWiNFO64_is1) (Version: 5.70 - Martin Malík - REALiX)
KeyShot 7 64 bit (HKLM\...\KeyShot 7_64) (Version: 7.3 64 bit - Luxion ApS)
Microsoft OneDrive (HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
MSI Afterburner 4.6.0 (HKLM-x32\...\Afterburner) (Version: 4.6.0 - MSI Co., LTD)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 430.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.39 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Ovládací panel NVIDIA 430.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.39 - NVIDIA Corporation) Hidden
RivaTuner Statistics Server 7.2.1 (HKLM-x32\...\RTSS) (Version: 7.2.1 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.1.1 - GIGABYTE Technology Co.,Inc.)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-18] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-04-18] (Microsoft Corporation) [MS Ad]
Neat Office -> C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.1.0.0_x86__y5c4dfz5b21fm [2019-07-18] (Any Neat App)
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.6.0_x64__tqn3m7kee4xc8 [2019-05-06] (O2 Czech Republic a.s.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-11] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0 [2019-07-03] (Spotify AB)
World of Tanks Blitz -> C:\Program Files\WindowsApps\7458BE2C.WorldofTanksBlitz_6.1.279.0_x64__x4tje2y229k00 [2019-07-11] (Wargaming Group Limited)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-04-18 17:57 - 2019-04-18 17:56 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Domča\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dsc_1039.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\StartupApproved\StartupFolder: => "GIGABYTE XTREME GAMING ENGINE.lnk"
HKU\S-1-5-21-3734903305-3726271937-1672323936-1001\...\StartupApproved\Run: => "World of Tanks"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{37F5E6A1-4142-4420-B304-D3D2FE8FF80C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{815E0A55-7735-4226-AB65-CE85D8847267}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5A82F5FD-5FE5-407F-8776-E674BB1D40EF}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{222D8719-C91F-447E-BE41-D18AC4FDEB62}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{24B303AF-4277-43A1-A5B1-626E23B0BD78}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{5CB24437-C04A-4681-B0C7-4D762F2094B0}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1FC6C691-47E9-48DD-A966-ACDE952B7FD9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D1DFB901-3421-4A5C-A695-636197276752}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{06C618F9-0A1C-4985-A842-93E90BD53BBD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SCUM\SCUM_Launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E0C6B0FD-F792-4C2A-8135-430D265E8838}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SCUM\SCUM_Launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{7EC4396F-EB5C-4413-946A-041F46A5DD90}D:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe (Gamepires) [File not signed]
FirewallRules: [UDP Query User{0B291777-1334-4F7B-9EAE-8E1BE0FEE78E}D:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe (Gamepires) [File not signed]
FirewallRules: [TCP Query User{573DDAE5-8656-4B79-99A2-C3F14EE54A15}D:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe] => (Block) D:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe (Gamepires) [File not signed]
FirewallRules: [UDP Query User{E71CB30B-3733-4ACE-B8B9-4FF1D970A68F}D:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe] => (Block) D:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe (Gamepires) [File not signed]
FirewallRules: [{FAEB5036-634C-45AE-9DAF-3CCADB85CBB1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Spintires MudRunner\MudRunner.exe (Focus Home Interactive -> Focus Home Interactive)
FirewallRules: [{50DA51E9-F00C-468B-A61C-AACFF30E31E8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Spintires MudRunner\MudRunner.exe (Focus Home Interactive -> Focus Home Interactive)
FirewallRules: [TCP Query User{55CDDF2F-63DA-4424-B2DD-B310CF0ADFF6}D:\games\world_of_tanks_ct\wotlauncher.exe] => (Block) D:\games\world_of_tanks_ct\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{CD36B6E4-5B6E-4BEF-B678-051C055E8890}D:\games\world_of_tanks_ct\wotlauncher.exe] => (Block) D:\games\world_of_tanks_ct\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{F7C5EEB8-9919-4ED2-A21F-661A9CAFC785}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{54101315-0B1D-4B18-93DB-0704FD6C03B9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{1A5F984B-3554-424A-8C75-34C72830B963}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{F5A98420-969A-46AE-8467-1051158DF79E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{2CDCFF99-61C4-4735-AE87-69FE4EF5D5A1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{FA6F387F-0F7A-4428-82D6-63DBBBF85117}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{5B01BD92-82AB-4508-A28F-CF8B111C22ED}] => (Allow) D:\Ubisoft Game Launcher\games\Steep\steep.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{C8B839E7-E642-4D84-8902-31901591554A}] => (Allow) C:\program files\GamingOSD\GamingOSD.exe No File
FirewallRules: [{5DC61C4A-83F8-420C-B562-F00B3670EC5C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{6A1E84D7-1BE4-4C84-817F-6908EAB1E6C8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{074D0F2B-53FD-4C0E-913B-7CC729DA20FB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZLauncher.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{DDC75CCE-5C89-41B0-9F2E-9FC6E5951B8F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZLauncher.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{6D9FC4C5-37ED-4F01-8AD2-5866978F2889}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{E3240960-165C-4E04-8692-DD444E56C1C3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{138695AA-B448-42F6-A3A1-FFA8A166E788}] => (Allow) C:\Program Files\KeyShot7\bin\keyshot.exe (Luxion, Inc. -> Luxion)
FirewallRules: [{16391AA9-872C-4F3E-AF17-242CD1EE7790}] => (Allow) C:\Program Files\KeyShot7\bin\keyshot_daemon.exe (Luxion, Inc. -> )
FirewallRules: [TCP Query User{377B0DCE-6F1E-4919-85DE-F8A2F7F8C096}D:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{EAE97798-FDB2-4FC4-9089-2978999F1807}D:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe No File
FirewallRules: [TCP Query User{A929FC35-580F-4A3F-97A7-0E241793CD6C}C:\program files\hwinfo64\hwinfo64.exe] => (Block) C:\program files\hwinfo64\hwinfo64.exe (Martin Malik - REALiX -> REALiX)
FirewallRules: [UDP Query User{60651158-3D86-40BA-8E19-95787897EDE3}C:\program files\hwinfo64\hwinfo64.exe] => (Block) C:\program files\hwinfo64\hwinfo64.exe (Martin Malik - REALiX -> REALiX)
FirewallRules: [TCP Query User{B271B31B-C70B-4E53-A3D9-A9AF61E553C9}D:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe No File
FirewallRules: [UDP Query User{9F46A16A-7263-4575-A5FD-B8ED18FDE1E2}D:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe No File
FirewallRules: [{49EEDC21-F3BA-4975-8EF0-CA1CC249C28F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Survive the Nights\SurviveTheNights_Win.exe () [File not signed]
FirewallRules: [{9BCA7850-118D-4B9D-8607-141B911B50D9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Survive the Nights\SurviveTheNights_Win.exe () [File not signed]
FirewallRules: [{3D72FF18-CA7F-406E-99B0-79AA6FA20EEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E089DA98-95B2-4626-BDC5-75B599B2490B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{04CD1992-43F1-4A5E-B612-97D213A4F61D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0512821-031D-4D42-9B30-F3E9464F02D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{504981FB-0708-43E2-BEC0-E9ACD679143C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BEF52913-8633-4595-8628-1B8E873C6446}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB590E33-3098-4082-8BC9-D0CC64DE9E54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{621FD8A7-F5FA-435E-BB49-7AC4B067114E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DFE8312E-18E0-4A0D-A229-FA06EDB9C204}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4BD63603-7710-4B1E-AC42-B37374A048E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{242D9256-48AB-4431-82A3-D07799B30AB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{67C3F792-8832-4F24-9BA1-21E7D686EF54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.83 GB) (Free:44.23 GB) (40%)

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2019 07:19:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MicrosoftEdgeSH.exe, verze: 11.0.17763.1, časové razítko: 0x1244354f
Název chybujícího modulu: chakra.dll, verze: 11.0.17763.615, časové razítko: 0x6637214f
Kód výjimky: 0x80004005
Posun chyby: 0x0000000000537c5b
ID chybujícího procesu: 0x2b20
Čas spuštění chybující aplikace: 0x01d53d8ccd7cb7b5
Cesta k chybující aplikaci: C:\WINDOWS\system32\MicrosoftEdgeSH.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\chakra.dll
ID zprávy: 0d9ffb00-8113-43cc-8305-d39edc1c4531
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (07/17/2019 08:21:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x3348
Čas spuštění chybující aplikace: 0x01d53cca1b2babfc
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 4fbb9216-93a5-4bc2-ac10-dac87c8f2eb6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/17/2019 04:03:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17763.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: ab0

Čas spuštění: 01d53c9c7a5b1f3f

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\MicrosoftEdgeCP.exe

ID hlášení: 19b3f788-a0b1-4c6b-a0d3-b61e5933ac10

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: MicrosoftEdge

Typ zablokování: Quiesce

Error: (07/17/2019 10:01:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x29e4
Čas spuštění chybující aplikace: 0x01d53c74a39bf7e8
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 8310865f-ce39-4702-9546-02e680362b52
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/17/2019 09:51:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x45c
Čas spuštění chybující aplikace: 0x01d53c6c17d1f99d
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 58720fab-a094-40e5-b8f8-ca889b78cf57
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/17/2019 12:44:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2874
Čas spuštění chybující aplikace: 0x01d53c2216629895
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 2ffa0268-fb80-4c1c-a530-b7e43f5254b2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/16/2019 11:45:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xf14
Čas spuštění chybující aplikace: 0x01d53c1dfc89a0d0
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 8722755a-9fac-4ec0-a281-642563549c36
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/16/2019 11:30:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x318c
Čas spuštění chybující aplikace: 0x01d53c1d3817ba2a
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 59f3fe2d-34d1-4137-b735-2d7b211dd54b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (07/18/2019 07:47:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6OE360A)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-6OE360A\Domča (SID: S-1-5-21-3734903305-3726271937-1672323936-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 08:01:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6OE360A)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-6OE360A\Domča (SID: S-1-5-21-3734903305-3726271937-1672323936-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 02:38:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6OE360A)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-6OE360A\Domča (SID: S-1-5-21-3734903305-3726271937-1672323936-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 02:38:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/17/2019 02:38:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (07/17/2019 08:48:59 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6OE360A)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-6OE360A\Domča (SID: S-1-5-21-3734903305-3726271937-1672323936-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 08:48:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/17/2019 08:48:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2019-06-23 18:56:47.840
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Detplock
ID: 2147680291
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Domča\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\CrystalDiskInfo8_0_0 (2).exe; file:_C:\Users\Domča\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\YTDSetup (2).exe; file:_C:\Users\Domča\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\YTDSetup (3).exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.295.1265.0, AS: 1.295.1265.0, NIS: 1.295.1265.0
Verze modulu: AM: 1.1.16000.6, NIS: 1.1.16000.6

Date: 2019-06-23 18:50:43.443
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CC09319D-8570-4018-9E4B-841CC73DA1DA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-6OE360A\Domča

Date: 2019-06-14 08:52:43.730
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {949A35C3-B2D8-4004-BC62-9BCD58E68C2B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-14 08:47:51.580
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EDDB4DBC-C0B0-4D37-9DE2-733CF052B4A4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-13 17:05:36.062
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {261CEB25-B2ED-4F01-9E2A-18E2D0D4604A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-04-19 14:31:02.841
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2019-04-19 14:31:02.815
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2019-04-19 14:31:02.567
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2019-04-19 14:31:02.540
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2019-04-19 14:31:01.334
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2019-04-19 14:31:01.308
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2019-04-19 14:31:01.036
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2019-04-19 14:31:01.007
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.00 01/21/2014
Motherboard: ASRock Z87 Pro4
Processor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 62%
Total physical RAM: 8122.23 MB
Available physical RAM: 3042.67 MB
Total Virtual: 20410.23 MB
Available Virtual: 12696.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.83 GB) (Free:44.23 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:200.36 GB) NTFS

\\?\Volume{0bd9c794-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{0bd9c794-0000-0000-0000-70d41b000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
\\?\Volume{f017ab67-cc99-11e8-8944-806e6f6e6963}\ () (Removable) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 0BD9C794)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=480 MB) - (Type=27)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0BD9C79C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#14 Příspěvek od Diallix »

Na stolnom urobte nasledovne:

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Domcas
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 08 črc 2019 12:26

Re: Preventivní kontrola Notasu popřipadě vir, je zpomalený

#15 Příspěvek od Domcas »

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-25-2019
# Duration: 00:00:12
# OS: Windows 10 Pro
# Scanned: 35810
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [2401 octets] - [25/07/2019 18:19:47]
AdwCleaner[C00].txt - [2387 octets] - [25/07/2019 18:24:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Zamčeno