Kontrola

Zpráva

ekki · #1 Příspěvek od **ekki** » 17 črc 2019 13:12

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by JaraVorel (administrator) on DESKTOP-VBJU42V (LENOVO 80EC) (17-07-2019 14:05:45)
Running from C:\Users\JaraVorel\Desktop
Loaded Profiles: JaraVorel (Available Profiles: JaraVorel)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PS Media s.r.o. -> PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5175568 2016-09-03] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2019-04-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6626184 2016-07-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Run: [Blogger] => C:\ProgramData\Blogger\Blogger.exe [1097728 2019-01-26] () [File not signed]
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Run: [Chromium] => c:\users\jaravorel\appdata\local\chromium\application\chrome.exe [4186112 2017-10-10] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=1|0|2|Default|0|chrome-extension://cfhdojbkjhnklbpkdaibdccddilifddb/|cfhdojbkjhnklbpkdaibdccddilifddb-b7353f98-6f7f-4ce3-9c4a-dd407ff3f207 --flag-switches-begin --flag-switches-end --restore-last-session
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-17] (Google LLC -> Google LLC)
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2CD10890-A6CE-472F-828C-F5846703A924} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {2CD3587C-B0BA-4054-82D2-212C4A504855} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10385288 2016-07-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4397DB2C-A8A0-4E98-9304-AA07CDDBC956} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5E2F5523-0F9D-4E12-897B-589CB1492B7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-24] (Google Inc -> Google Inc.)
Task: {71491548-4B2B-45D3-B867-C7F8D779D5B1} - System32\Tasks\L-6-6-38-1013280734-1407573534-1264001067-2524\{Q3Q99R3X-QF1-6AO5-NVMB-5P9H49L18K8B} => C:\Users\JaraVorel\AppData\Roaming\wow64_microsoft-windows-i..isapifilterbinaries_31bf3856ad364e35_10.0.17763.1_none_67b3bde5c5a75b0a\KBDINBE2.exe
Task: {9F4CB767-D105-4CA1-8B46-0B7F3EEC3643} - System32\Tasks\Opera scheduled Autoupdate 1539963586 => C:\Users\JaraVorel\AppData\Local\Programs\Opera\launcher.exe
Task: {A6DF58B8-A0AC-4878-82FC-0857AA12309D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [1456128 2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C94E1390-37A8-4F48-81F7-9C3A983836CD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6E2B8F0-1F27-4E43-B856-DB28581051EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-24] (Google Inc -> Google Inc.)
Task: {EAB24A77-DF02-4656-B163-2EE068D91DB2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{5a327f96-2d73-4a88-bea7-34005e556c26}: [NameServer] 10.10.10.9,10.10.10.8
Tcpip\..\Interfaces\{d417d9df-2427-4c32-842a-cfe09977fce6}: [DhcpNameServer] 10.1.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: xzloisxg.default-1549056420786
FF ProfilePath: C:\Users\JaraVorel\AppData\Roaming\Mozilla\Firefox\Profiles\xzloisxg.default-1549056420786 [2019-07-17]
FF Extension: (Service load app) - C:\Users\JaraVorel\AppData\Roaming\Mozilla\Firefox\Profiles\xzloisxg.default-1549056420786\Extensions\{54214dd6-6af4-4eab-c9e5-a0911d01ab28}.xpi [2019-05-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-4002784267-4110871527-199123456-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\JaraVorel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-09] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=chxtn15.1.13.1&q={searchTerms}&fr=chxtn15.1.13.1
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default [2019-07-17]
CHR Extension: (Disk Google) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-24]
CHR Extension: (YouTube) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-24]
CHR Extension: (Adblocker for Youtube™) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\honmgldinfkdoibjgmofiioodbclaomc [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Adblocker for Youtube™) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpglfhgfnhbgpjdenjgmdgoeiappafln [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-11]
CHR Profile: C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-17]
CHR Profile: C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-17]
CHR HKLM-x32\...\Chrome\Extension: [gndoicapfdaldiokbcdnllfhnapokcbk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mdhpacfhljhcombkalcmkahkhodpkbim] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\JaraVorel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oabbdaincgidlhkmnghlfabhbpimjfbo [2019-01-26]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-07-07] () [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [278544 2016-07-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8479904 2019-03-29] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2019-03-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-16] (ESET, spol. s r.o. -> ESET)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [11749648 2019-01-01] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7795984 2018-06-20] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [189048 2016-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [4058496 2017-12-29] (PS Media s.r.o. -> PS Media s.r.o.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-05-31] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [26714136 2016-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [509456 2016-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [78072 2016-07-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-03-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-03-14] (ESET, spol. s r.o. -> ESET)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [10962696 2019-01-01] (Mail.Ru LLC -> LLC Mail.Ru)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [735552 2016-05-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422656 2016-03-09] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3136272 2016-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2018-04-12] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 usbfilter; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [56352 2015-12-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47704 2019-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [367032 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-01-26] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-17 14:05 - 2019-07-17 14:07 - 000021485 _____ C:\Users\JaraVorel\Desktop\FRST.txt
2019-07-17 14:05 - 2019-07-17 14:05 - 000000000 ____D C:\FRST
2019-07-17 14:04 - 2019-07-17 14:04 - 002095104 _____ (Farbar) C:\Users\JaraVorel\Downloads\FRST64.exe
2019-07-17 14:04 - 2019-07-17 14:04 - 002095104 _____ (Farbar) C:\Users\JaraVorel\Desktop\FRST64.exe
2019-07-17 13:40 - 2019-07-17 13:41 - 000279642 _____ C:\TDSSKiller.3.1.0.28_17.07.2019_13.40.19_log.txt
2019-07-17 13:38 - 2019-07-17 13:50 - 000000551 _____ C:\Users\JaraVorel\Desktop\JRT.txt
2019-07-17 13:34 - 2019-07-17 13:34 - 005054744 _____ (AO Kaspersky Lab) C:\Users\JaraVorel\Downloads\tdsskiller.exe
2019-07-17 13:33 - 2019-07-17 13:33 - 001790024 _____ (Malwarebytes) C:\Users\JaraVorel\Downloads\JRT.exe
2019-07-17 12:27 - 2019-07-17 12:27 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-07-17 12:10 - 2019-07-17 12:10 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-17 12:10 - 2019-07-17 12:10 - 000002896 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-17 12:10 - 2019-07-17 12:10 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-17 12:10 - 2019-07-17 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-07-17 12:10 - 2019-07-17 12:10 - 000000000 ____D C:\Program Files\CCleaner
2019-07-17 12:09 - 2019-07-17 12:09 - 020891464 _____ (Piriform Software Ltd) C:\Users\JaraVorel\Downloads\ccsetup560.exe
2019-07-17 11:56 - 2019-07-17 11:56 - 000448512 _____ (OldTimer Tools) C:\Users\JaraVorel\Downloads\TFC.exe
2019-07-17 11:46 - 2019-07-17 11:50 - 000000000 ____D C:\AdwCleaner
2019-07-17 11:45 - 2019-07-17 11:45 - 007025360 _____ (Malwarebytes) C:\Users\JaraVorel\Downloads\adwcleaner_7.3.exe
2019-07-17 10:48 - 2019-07-17 10:47 - 000110064 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2019-07-17 10:46 - 2019-07-17 10:46 - 000098288 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-07-17 10:46 - 2019-07-17 10:46 - 000000000 ____D C:\Program Files (x86)\Java
2019-07-17 10:44 - 2019-07-17 10:44 - 000000000 ____D C:\Users\JaraVorel\AppData\LocalLow\Oracle
2019-07-10 12:02 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-10 12:02 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-10 12:02 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-10 12:02 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 12:02 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-10 12:02 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-10 12:02 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 12:02 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-10 12:02 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-10 12:02 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-10 12:02 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-10 12:02 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-10 12:02 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-10 12:02 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-10 12:02 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-10 12:02 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-10 12:02 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-10 12:02 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-10 12:02 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-10 12:02 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-10 12:02 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-10 12:02 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-10 12:02 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-10 12:02 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-10 12:02 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 12:02 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 12:02 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 12:02 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-10 12:02 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-10 12:02 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 12:02 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 12:02 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 12:01 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-10 12:01 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-10 12:01 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-10 12:01 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-10 12:01 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-10 12:01 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-10 12:01 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-10 12:01 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-10 12:01 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-10 12:01 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-10 12:01 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-10 12:01 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-10 12:01 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-10 12:01 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-10 12:01 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-10 12:01 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-10 12:01 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-10 12:01 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-10 12:01 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-10 12:01 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-10 12:01 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-10 12:01 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-10 12:01 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-10 12:01 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-10 12:01 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-10 12:01 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-10 12:01 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-10 12:01 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-10 12:01 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-10 12:01 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-10 12:01 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-10 12:01 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-10 12:01 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-10 12:01 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-10 12:01 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-10 12:01 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-10 12:01 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-10 12:01 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-10 12:01 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 12:01 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-10 12:01 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-10 12:01 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-10 12:01 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-10 12:01 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-10 12:01 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-10 12:01 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-10 12:01 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-10 12:01 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-10 12:01 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-10 12:01 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-10 12:01 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-10 12:01 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-10 12:01 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-10 12:01 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-10 12:01 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-10 12:01 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-10 12:01 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-10 12:01 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-10 12:01 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-10 12:01 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-10 12:01 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-10 12:01 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-10 12:01 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-10 12:01 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-10 12:01 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-10 12:01 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-10 12:01 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-10 12:01 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-10 12:01 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-10 12:01 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-10 12:01 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-10 12:01 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-10 12:01 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-10 12:01 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-10 12:01 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-10 12:01 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-10 12:01 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-10 12:01 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-10 12:01 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 12:01 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-10 12:01 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-10 12:01 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-10 12:01 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-10 12:01 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-10 12:01 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-10 12:01 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-10 12:01 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-10 12:01 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-10 12:01 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-10 12:01 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-10 12:01 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-10 12:01 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-10 12:01 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-10 12:01 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-10 12:01 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-10 12:01 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-10 12:01 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-10 12:01 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-10 12:01 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-10 12:01 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-10 12:01 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-10 12:01 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-10 12:01 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-10 12:01 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-10 12:01 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 12:01 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-10 12:01 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-10 12:01 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-10 12:01 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-10 12:01 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-10 12:01 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-10 12:01 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-10 12:01 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-10 12:01 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-10 12:01 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-10 12:01 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-10 12:01 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-10 12:01 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-10 12:01 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-10 12:01 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-10 12:01 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-10 12:01 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-10 12:01 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-10 12:01 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-10 12:01 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-10 12:01 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-10 12:01 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-10 12:01 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-10 12:01 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-10 12:01 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-10 12:01 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-10 12:01 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-10 12:01 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-10 12:01 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-10 12:01 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-10 12:01 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-10 12:01 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-10 12:01 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-10 12:01 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-10 12:01 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-10 12:01 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-10 12:01 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-10 12:01 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-10 12:01 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-10 12:01 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-10 12:01 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-10 12:01 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-10 12:01 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 12:01 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-10 12:01 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-10 12:01 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-10 12:01 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-10 12:01 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-10 12:01 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-10 12:01 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-10 12:01 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-10 12:01 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-10 12:01 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-10 12:01 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-10 12:01 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-10 12:01 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-10 12:01 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-10 12:01 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-10 12:01 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-10 12:01 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-10 12:01 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-10 12:01 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-10 12:01 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 12:01 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-06 11:37 - 2019-07-06 11:37 - 000000000 ____D C:\Users\JaraVorel\Documents\Osiris
2019-07-05 21:20 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2019-07-05 20:59 - 2019-07-05 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2019-07-05 20:59 - 2019-07-05 20:59 - 000000000 ____D C:\Program Files\AutoHotkey
2019-07-05 19:48 - 2019-07-05 19:48 - 000001050 _____ C:\Users\JaraVorel\Desktop\STEAM.lnk
2019-07-05 19:39 - 2019-07-17 12:16 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-05 19:39 - 2019-07-05 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-02 09:32 - 2019-07-02 09:32 - 000001601 _____ C:\Users\JaraVorel\Desktop\Counter-Strike 1.6.lnk
2019-07-01 15:37 - 2019-07-02 09:32 - 000000000 ____D C:\Counter-Strike 1.6
2019-07-01 08:21 - 2019-07-02 09:27 - 000000000 ____D C:\Users\JaraVorel\Desktop\SKINS COUNTER STRIKE 1.6
2019-06-29 21:09 - 2019-06-29 21:21 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\Roblox
2019-06-29 21:09 - 2019-06-29 21:09 - 000001433 _____ C:\Users\JaraVorel\Desktop\ROBLOX.lnk
2019-06-29 21:09 - 2019-06-29 21:09 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-06-28 11:27 - 2019-06-28 11:27 - 000001692 _____ C:\Users\JaraVorel\Desktop\Modern Combat 5 eSports FPS.lnk
2019-06-28 11:26 - 2019-06-28 11:26 - 000000000 ____D C:\Users\JaraVorel\Documents\My Cheat Tables
2019-06-27 14:28 - 2019-06-27 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2019-06-27 14:26 - 2019-06-27 14:32 - 000000000 ____D C:\Program Files (x86)\Counter-Strike
2019-06-27 13:58 - 2019-07-01 16:35 - 000001929 _____ C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike.lnk
2019-06-27 13:52 - 2019-06-27 13:52 - 000000000 ____D C:\ProgramData\Norton
2019-06-26 17:00 - 2019-07-01 16:36 - 000000000 ____D C:\Users\JaraVorel\Counter-Strike 1.6
2019-06-26 16:53 - 2019-07-05 21:00 - 000000000 ____D C:\Users\JaraVorel\Desktop\HACKZ
2019-06-23 17:35 - 2019-07-17 11:35 - 000000298 _____ C:\Users\JaraVorel\AppData\Roaming\WB.CFG
2019-06-23 14:28 - 2019-06-23 14:34 - 000000000 ___RD C:\Users\JaraVorel\Documents\MEGA
2019-06-23 14:28 - 2019-06-23 14:33 - 000000000 ____D C:\Users\JaraVorel\Documents\MEGAsync Downloads
2019-06-21 17:43 - 2019-06-21 17:43 - 000002193 _____ C:\Users\JaraVorel\Desktop\MINECRAFT.lnk
2019-06-21 17:43 - 2019-06-21 17:43 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2019-06-21 17:38 - 2019-06-21 17:38 - 000000000 ____D C:\Program Files\UNP
2019-06-21 17:36 - 2019-06-21 17:37 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2019-06-21 17:36 - 2019-06-21 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2019-06-21 14:36 - 2019-06-21 14:36 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\chromium
2019-06-21 14:36 - 2019-06-21 14:36 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\AppKiwi
2019-06-21 14:35 - 2019-07-17 11:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\SyncTask
2019-06-21 14:35 - 2019-06-21 14:36 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\booking-nativefier-9f4f54
2019-06-21 14:35 - 2019-06-21 14:36 - 000000000 ____D C:\ProgramData\{948DA8B1-BCA5-D0C9-E4FD-F8E10C152039}
2019-06-21 14:35 - 2019-06-21 14:35 - 000001363 _____ C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2019-06-21 14:35 - 2019-06-21 14:35 - 000000000 ____D C:\ProgramData\NortonInstaller
2019-06-21 14:34 - 2019-06-21 14:37 - 000000000 ____D C:\ProgramData\qabfd
2019-06-21 14:34 - 2019-06-21 14:34 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\WarThunder
2019-06-21 14:34 - 2019-06-21 14:34 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-17 13:59 - 2018-06-15 10:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-17 13:59 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-17 13:57 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-17 13:57 - 2017-08-24 12:52 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-07-17 13:27 - 2018-06-15 09:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-17 12:40 - 2019-01-26 14:52 - 000000000 __SHD C:\Users\JaraVorel\AppData\Roaming\wow64_microsoft-windows-i..isapifilterbinaries_31bf3856ad364e35_10.0.17763.1_none_67b3bde5c5a75b0a
2019-07-17 12:39 - 2017-08-25 07:44 - 000000000 ____D C:\Users\JaraVorel\AppData\LocalLow\Mozilla
2019-07-17 12:33 - 2018-06-15 10:00 - 000809078 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-17 12:33 - 2018-04-12 17:50 - 002846768 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-17 12:33 - 2018-04-12 17:50 - 000777714 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-17 12:27 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-17 12:27 - 2017-08-24 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-07-17 12:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-17 12:17 - 2018-02-02 09:19 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\Packages
2019-07-17 12:14 - 2018-02-11 14:19 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\TS3Client
2019-07-17 11:15 - 2017-08-25 09:03 - 000000000 ____D C:\ProgramData\McAfee
2019-07-17 11:10 - 2019-03-15 14:54 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Discord
2019-07-17 10:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-17 10:48 - 2018-11-17 08:32 - 000000000 ____D C:\Program Files\Java
2019-07-17 10:48 - 2017-10-27 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-07-17 10:47 - 2018-11-17 08:33 - 000110064 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-07-17 10:42 - 2017-08-24 14:51 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-17 10:38 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-07-10 12:21 - 2019-06-13 18:21 - 000000000 ___RD C:\Users\JaraVorel\3D Objects
2019-07-10 12:21 - 2018-06-15 09:49 - 000405936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-10 12:21 - 2017-08-24 12:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-10 12:18 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-10 12:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-10 12:08 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 12:00 - 2017-08-30 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 11:55 - 2017-08-30 18:50 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 11:48 - 2019-01-18 18:36 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-09 10:22 - 2018-06-15 10:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-05 20:59 - 2017-08-24 14:58 - 000000000 ____D C:\WINDOWS\SHELLNEW
2019-07-05 19:38 - 2018-03-25 16:11 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-02 09:32 - 2018-03-22 17:50 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2019-07-01 18:48 - 2018-06-15 09:52 - 000000000 ____D C:\Users\JaraVorel
2019-07-01 13:15 - 2019-02-17 20:37 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\ElevatedDiagnostics
2019-06-29 21:09 - 2017-08-25 07:46 - 000000250 _____ C:\Users\JaraVorel\AppData\LocalLow\rbxcsettings.rbx
2019-06-28 10:04 - 2018-04-07 15:45 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\PlaceholderTileLogoFolder
2019-06-28 09:55 - 2017-08-24 12:41 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\ConnectedDevicesPlatform
2019-06-23 18:27 - 2017-10-27 22:23 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\.minecraft
2019-06-21 17:35 - 2019-02-01 23:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-21 17:35 - 2017-08-25 07:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-21 14:49 - 2019-02-01 23:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-21 14:21 - 2018-11-17 07:00 - 000000000 ____D C:\Program Files\rempl

==================== Files in the root of some directories ================

2019-03-15 19:32 - 2019-03-15 19:32 - 000000013 _____ () C:\Users\JaraVorel\AppData\Roaming\rbx_hook
2019-06-23 17:35 - 2019-07-17 11:35 - 000000298 _____ () C:\Users\JaraVorel\AppData\Roaming\WB.CFG

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by JaraVorel (17-07-2019 14:07:50)
Running from C:\Users\JaraVorel\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-06-15 08:00:32)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4002784267-4110871527-199123456-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4002784267-4110871527-199123456-503 - Limited - Disabled)
Guest (S-1-5-21-4002784267-4110871527-199123456-501 - Limited - Disabled)
JaraVorel (S-1-5-21-4002784267-4110871527-199123456-1001 - Administrator - Enabled) => C:\Users\JaraVorel
WDAGUtilityAccount (S-1-5-21-4002784267-4110871527-199123456-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{80CC2950-1814-AC9E-3D0D-C90A55E8D4DC}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{6B0B6172-7323-3978-C975-21DF6DF80E71}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{B75AE7D2-592B-59C9-D4AB-425E60BB37A3}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{587F9805-4CD8-0F20-D653-83401BE78CC2}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{CB010EC4-AA3B-BCE4-D404-1E2F8D2DCC5B}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{3A755952-64D5-23A9-A277-FFD385C1FB6B}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{92E1BEC3-CBE6-F9A9-D7E6-06D5F394E68D}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{6B24AFE6-AB87-D3D1-D373-16A1FBC7CFB0}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D971F05F-649C-207F-E93B-32948E534112}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{26F1F4A7-20CA-14F7-2FD4-881A091CC3B0}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{E56BC5C6-72A4-CB01-C088-4A49C08E8445}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{21BC8691-9AF5-3C88-9943-F29276660BAA}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{68B28E41-D54A-C41A-3E0B-347459597C2F}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{D3A475CA-EE19-EB26-2134-63AE67843005}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{B3CE29F8-87C4-96BF-7C94-82659E62710D}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{29BF8AF3-23C2-DC38-E15A-DD76865380CC}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{2845D5D2-5EEF-BDCF-8288-01DCEB918680}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C71FD137-A760-2E9E-2286-233EA5550C84}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{2E80A4A4-07BC-6AB4-64DF-05D825E23E7B}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{6A9E8B8B-88E8-E128-9F68-5CADD3F8598D}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{6E1880E5-FF3B-C060-7550-D173CA379F7A}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Counter-Strike (HKLM-x32\...\Counter-Strike) (Version: - )
Counter-Strike 1.6 (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 v43g (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Counter-Strike 1.6_is1) (Version: - Valve)
Discord (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Epic Games Launcher (HKLM-x32\...\{466EA30A-9B38-4AD2-A6B0-18D6E0C1A848}) (Version: 1.1.206.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version: - )
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Roblox Player for JaraVorel (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\roblox-player) (Version: - Roblox Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
ZombsRoyale.io (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\519338998791929866) (Version: - )

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Modern Combat 5: eSports FPS -> C:\Program Files\WindowsApps\A278AB0D.ModernCombat5Blackout_3.9.0.7_x86__h6adky7gbf63m [2019-07-17] (Gameloft.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-17] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-07-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=EqisVdWWsogBl3dQCGKynAA3aoCZD2qRxEN71cBWM8mgT3aN9Dd7ipJgAAACHul0Qie&click_id=3e315e7523b0da6d8759e2aa7dee94bff2b2437a --app-window-size=1538,865
ShortcutWithArgument: C:\Users\JaraVorel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=EqisVdWWsogBl3dQCGKynAA3aoCZD2qRxEN71cBWM8mgT3aN9Dd7ipJgAAACHul0Qie&click_id=3e315e7523b0da6d8759e2aa7dee94bff2b2437a

==================== Loaded Modules (Whitelisted) ==============

2015-06-25 16:53 - 2015-06-25 16:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-07-07 15:24 - 2016-07-07 15:24 - 000138752 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2019-06-11 17:16 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files (x86)\7-Zip\7-zip.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 17:17 - 2015-06-25 17:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 17:21 - 2015-06-25 17:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 17:14 - 2015-06-25 17:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 12:58 - 2015-07-02 12:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 17:03 - 2015-06-25 17:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 05:13 - 2015-06-25 05:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 17:00 - 2015-06-25 17:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 17:23 - 2015-06-25 17:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 17:28 - 2015-06-25 17:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 17:16 - 2015-06-25 17:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 17:08 - 2015-06-25 17:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 17:58 - 2015-06-25 17:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 16:59 - 2015-06-25 16:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\JaraVorel:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2019-01-26 15:04 - 067109104 ____N C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\JaraVorel\Desktop\Wallpapers-Skull-HD-Gallery-86-Plus-PIC-WPW3014543.png
DNS Servers: 10.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "ForteConfig"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\Run: => "Blogger"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\Run: => "Application Restart #2"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{783697F8-5A43-435A-AD89-A0E583E42EF0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C57CE64D-F5C6-4721-99B4-E7EFE28E12EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{C1100CB1-2DB6-43B7-B99E-911D2C97EC1B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{55E487B9-3277-4834-8352-B0A9E5422836}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{40EA970D-A40F-41D4-9130-4C9460236B43}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5684EDA3-3FAA-4549-BB27-B97CA1EB47CA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C28E62F4-DA7F-4A46-B519-AE511DF3FD4E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{82777C08-78C4-4E92-81C3-BDAA3CD60535}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{291059B2-AF89-4FFC-9A75-A6CAA66F4E73}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{CF01DBB2-8EA7-4806-9717-B46F1FDD7527}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [TCP Query User{53E12533-7C16-458D-A836-FBE6F0ADD5D2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2B95E693-B1C8-4292-BC3E-8B9CF9CF8085}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E68885FD-3FED-46F2-93F6-5B9E25070B2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{46E319B6-F251-44D5-9E6B-43B6A0724CC5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{58171C1A-841E-4D71-B380-ADC6F3E9184F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E451FACD-2840-451E-B86A-AAE8227FE966}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4E1D9841-289A-4DFD-8366-E3CE18D2760A}C:\users\jaravorel\appdata\local\discordgames\zombsroyaleio\content\zombsroyale.exe] => (Allow) C:\users\jaravorel\appdata\local\discordgames\zombsroyaleio\content\zombsroyale.exe () [File not signed]
FirewallRules: [UDP Query User{5DC49174-6B4F-477D-8FF4-E8AC47535FB5}C:\users\jaravorel\appdata\local\discordgames\zombsroyaleio\content\zombsroyale.exe] => (Allow) C:\users\jaravorel\appdata\local\discordgames\zombsroyaleio\content\zombsroyale.exe () [File not signed]
FirewallRules: [TCP Query User{D4ADD977-B380-4CD8-B6BD-8F2AD31901F1}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{2380858B-126E-476A-B072-0B2D9D755B58}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{CEF2CC2E-FF2B-4392-8D8F-7CE7CD58743C}C:\users\jaravorel\counter-strike 1.6\hl.exe] => (Allow) C:\users\jaravorel\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{E4F64BAC-BB97-451A-90B2-B323B6737039}C:\users\jaravorel\counter-strike 1.6\hl.exe] => (Allow) C:\users\jaravorel\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{284873C7-324B-41C6-ADFA-662860E36703}C:\program files (x86)\counter-strike\hl.exe] => (Allow) C:\program files (x86)\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{9483FBF2-A1E9-4223-B0AD-5F9D60085355}C:\program files (x86)\counter-strike\hl.exe] => (Allow) C:\program files (x86)\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [{73EEB410-0F96-4878-A182-C768A67F710E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{BF7586A9-3670-4E5C-9B94-D95F1C2525E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{139F6648-8798-4B88-A22B-9FA9504FD2B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6998F66F-492B-44CC-91CD-5BD4DD59E9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{57C3D1D5-473A-4A9D-BDAB-09587F5C5E9C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-07-2019 11:01:40 Naplánovaný kontrolní bod
17-07-2019 12:49:23 Naplánovaný kontrolní bod
17-07-2019 13:35:50 JRT Pre-Junkware Removal
17-07-2019 13:47:30 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2019 01:57:49 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:57:44 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:57:39 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:52:44 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:52:39 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:52:34 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:52:29 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:50:52 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

System errors:
=============
Error: (07/17/2019 02:01:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 02:01:26 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VBJU42V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-VBJU42V\JaraVorel (SID: S-1-5-21-4002784267-4110871527-199123456-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 01:59:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 01:59:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 01:52:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VBJU42V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-VBJU42V\JaraVorel (SID: S-1-5-21-4002784267-4110871527-199123456-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 01:50:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VBJU42V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-VBJU42V\JaraVorel (SID: S-1-5-21-4002784267-4110871527-199123456-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 01:46:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VBJU42V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-VBJU42V\JaraVorel (SID: S-1-5-21-4002784267-4110871527-199123456-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 01:45:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Windows Defender:
===================================
Date: 2019-07-08 12:25:45.450
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A8C1B23A-B52B-468D-A58F-61C0A87FB435}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-05 18:28:37.859
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D30C41EB-271C-4FBE-8BFA-81202AFF5CC0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-05 18:18:12.275
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D4A04B56-2A1D-4D8A-B758-1B45C7EAB777}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-01 10:40:28.325
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Contebrew.A!ml
ID: 251873
Závažnost: Střední
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\JaraVorel\AppData\Roaming\Gocoha\SyncTask.exe; file:_C:\WINDOWS\System32\Tasks\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99FED2DE-BE06-4228-89E7-CD29E6A5B546}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}; taskscheduler:_C:\WINDOWS\System32\Tasks\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.297.204.0, AS: 1.297.204.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.16100.4, NIS: 0.0.0.0

Date: 2019-07-01 09:51:13.786
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Contebrew.A!ml
ID: 251873
Závažnost: Střední
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\JaraVorel\AppData\Roaming\Gocoha\SyncTask.exe; file:_C:\WINDOWS\System32\Tasks\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99FED2DE-BE06-4228-89E7-CD29E6A5B546}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}; taskscheduler:_C:\WINDOWS\System32\Tasks\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.297.204.0, AS: 1.297.204.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.16100.4, NIS: 0.0.0.0

Date: 2019-04-19 08:51:40.826
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2019-04-06 16:46:30.045
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1153.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240016
Popis chyby

ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-02-18 08:56:51.894
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.287.189.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.8
Kód chyby: 0x80070643
Popis chyby

ři instalaci došlo k závažné chybě.

Date: 2019-02-17 16:55:44.934
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.287.93.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.8
Kód chyby: 0x80240438
Popis chyby

ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-01-30 08:46:35.973
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.341.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x8024402c
Popis chyby

ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-02-18 10:02:27.856
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 21:00:08.268
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 21:00:05.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:59:47.319
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:35:27.458
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:35:25.806
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:35:10.049
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:33:32.636
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO A4CN42WW (V 2.11) 07/27/2016
Motherboard: LENOVO Lancer 5B3
Processor: AMD FX-7500 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 66%
Total physical RAM: 3514.61 MB
Available physical RAM: 1191.31 MB
Total Virtual: 7226.61 MB
Available Virtual: 4536.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.6 GB) (Free:68.66 GB) NTFS

\\?\Volume{764186e3-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{764186e3-0000-0000-0000-80c537000000}\ () (Fixed) (Total:0.48 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 764186E3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=494 MB) - (Type=27)

==================== End of Addition.txt ============================

#2 Příspěvek od **Conder** » 17 črc 2019 18:45

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

ekki · #3 Příspěvek od **ekki** » 17 črc 2019 21:50

Už jsem ho párkrát pouštěl, to co se smazalo se stále vrací.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-07-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-17-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted ikpcpgklmefncbfgbdifkaphbaapgafh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2846 octets] - [17/07/2019 11:46:45]
AdwCleaner[C00].txt - [2738 octets] - [17/07/2019 11:50:16]
AdwCleaner[S01].txt - [1372 octets] - [17/07/2019 11:54:34]
AdwCleaner[S02].txt - [1461 octets] - [17/07/2019 13:28:42]
AdwCleaner[C02].txt - [1627 octets] - [17/07/2019 13:29:01]
AdwCleaner[S03].txt - [1583 octets] - [17/07/2019 13:35:32]
AdwCleaner[S04].txt - [1644 octets] - [17/07/2019 13:39:34]
AdwCleaner[C04].txt - [1810 octets] - [17/07/2019 13:39:42]
AdwCleaner[S05].txt - [1738 octets] - [17/07/2019 13:41:32]
AdwCleaner[C05].txt - [1924 octets] - [17/07/2019 13:41:39]
AdwCleaner[S06].txt - [1888 octets] - [17/07/2019 13:46:54]
AdwCleaner[S07].txt - [1949 octets] - [17/07/2019 22:45:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C07].txt ##########

#4 Příspěvek od **Conder** » 17 črc 2019 22:13

OK, poprosim o obidva nove logy z FRST.

ekki · #5 Příspěvek od **ekki** » 18 črc 2019 06:31

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by JaraVorel (administrator) on DESKTOP-VBJU42V (LENOVO 80EC) (18-07-2019 07:28:49)
Running from C:\Users\JaraVorel\Desktop
Loaded Profiles: JaraVorel (Available Profiles: JaraVorel)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PS Media s.r.o. -> PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5175568 2016-09-03] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2019-04-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6626184 2016-07-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Run: [Blogger] => C:\ProgramData\Blogger\Blogger.exe [1097728 2019-01-26] () [File not signed]
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Run: [Chromium] => c:\users\jaravorel\appdata\local\chromium\application\chrome.exe [4186112 2017-10-10] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=1|0|2|Default|0|chrome-extension://cfhdojbkjhnklbpkdaibdccddilifddb/|cfhdojbkjhnklbpkdaibdccddilifddb-b7353f98-6f7f-4ce3-9c4a-dd407ff3f207 --flag-switches-begin --flag-switches-end --restore-last-session
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-17] (Google LLC -> Google LLC)
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2CD10890-A6CE-472F-828C-F5846703A924} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {2CD3587C-B0BA-4054-82D2-212C4A504855} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10385288 2016-07-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4397DB2C-A8A0-4E98-9304-AA07CDDBC956} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5E2F5523-0F9D-4E12-897B-589CB1492B7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-24] (Google Inc -> Google Inc.)
Task: {71491548-4B2B-45D3-B867-C7F8D779D5B1} - System32\Tasks\L-6-6-38-1013280734-1407573534-1264001067-2524\{Q3Q99R3X-QF1-6AO5-NVMB-5P9H49L18K8B} => C:\Users\JaraVorel\AppData\Roaming\wow64_microsoft-windows-i..isapifilterbinaries_31bf3856ad364e35_10.0.17763.1_none_67b3bde5c5a75b0a\KBDINBE2.exe
Task: {9F4CB767-D105-4CA1-8B46-0B7F3EEC3643} - System32\Tasks\Opera scheduled Autoupdate 1539963586 => C:\Users\JaraVorel\AppData\Local\Programs\Opera\launcher.exe
Task: {A6DF58B8-A0AC-4878-82FC-0857AA12309D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [1456128 2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C94E1390-37A8-4F48-81F7-9C3A983836CD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6E2B8F0-1F27-4E43-B856-DB28581051EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-24] (Google Inc -> Google Inc.)
Task: {EAB24A77-DF02-4656-B163-2EE068D91DB2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{5a327f96-2d73-4a88-bea7-34005e556c26}: [NameServer] 10.10.10.9,10.10.10.8
Tcpip\..\Interfaces\{d417d9df-2427-4c32-842a-cfe09977fce6}: [DhcpNameServer] 10.1.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: xzloisxg.default-1549056420786
FF ProfilePath: C:\Users\JaraVorel\AppData\Roaming\Mozilla\Firefox\Profiles\xzloisxg.default-1549056420786 [2019-07-17]
FF Extension: (Service load app) - C:\Users\JaraVorel\AppData\Roaming\Mozilla\Firefox\Profiles\xzloisxg.default-1549056420786\Extensions\{54214dd6-6af4-4eab-c9e5-a0911d01ab28}.xpi [2019-05-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-4002784267-4110871527-199123456-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\JaraVorel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-09] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=chxtn15.1.13.1&q={searchTerms}&fr=chxtn15.1.13.1
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default [2019-07-18]
CHR Extension: (Disk Google) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-24]
CHR Extension: (YouTube) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-24]
CHR Extension: (Adblocker for Youtube™) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\honmgldinfkdoibjgmofiioodbclaomc [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Adblocker for Youtube™) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpglfhgfnhbgpjdenjgmdgoeiappafln [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-11]
CHR Profile: C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-17]
CHR Profile: C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-17]
CHR HKLM-x32\...\Chrome\Extension: [gndoicapfdaldiokbcdnllfhnapokcbk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mdhpacfhljhcombkalcmkahkhodpkbim] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\JaraVorel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oabbdaincgidlhkmnghlfabhbpimjfbo [2019-01-26]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-07-07] () [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [278544 2016-07-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8479904 2019-03-29] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2019-03-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-16] (ESET, spol. s r.o. -> ESET)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [11749648 2019-01-01] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7795984 2018-06-20] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [189048 2016-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [4058496 2017-12-29] (PS Media s.r.o. -> PS Media s.r.o.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-05-31] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [26714136 2016-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [509456 2016-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [78072 2016-07-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-03-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-03-14] (ESET, spol. s r.o. -> ESET)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [10962696 2019-01-01] (Mail.Ru LLC -> LLC Mail.Ru)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [735552 2016-05-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422656 2016-03-09] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3136272 2016-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2018-04-12] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 usbfilter; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [56352 2015-12-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47704 2019-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [367032 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-01-26] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-17 22:52 - 2019-07-17 22:52 - 007025360 _____ (Malwarebytes) C:\Users\JaraVorel\Downloads\adwcleaner_7.3 (1).exe
2019-07-17 14:07 - 2019-07-17 14:08 - 000053684 _____ C:\Users\JaraVorel\Desktop\Addition.txt
2019-07-17 14:05 - 2019-07-18 07:29 - 000020233 _____ C:\Users\JaraVorel\Desktop\FRST.txt
2019-07-17 14:05 - 2019-07-18 07:28 - 000000000 ____D C:\FRST
2019-07-17 14:04 - 2019-07-17 14:04 - 002095104 _____ (Farbar) C:\Users\JaraVorel\Downloads\FRST64.exe
2019-07-17 14:04 - 2019-07-17 14:04 - 002095104 _____ (Farbar) C:\Users\JaraVorel\Desktop\FRST64.exe
2019-07-17 13:40 - 2019-07-17 13:41 - 000279642 _____ C:\TDSSKiller.3.1.0.28_17.07.2019_13.40.19_log.txt
2019-07-17 13:38 - 2019-07-17 13:50 - 000000551 _____ C:\Users\JaraVorel\Desktop\JRT.txt
2019-07-17 13:34 - 2019-07-17 13:34 - 005054744 _____ (AO Kaspersky Lab) C:\Users\JaraVorel\Downloads\tdsskiller.exe
2019-07-17 13:33 - 2019-07-17 13:33 - 001790024 _____ (Malwarebytes) C:\Users\JaraVorel\Downloads\JRT.exe
2019-07-17 12:27 - 2019-07-17 12:27 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-07-17 12:10 - 2019-07-17 12:10 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-17 12:10 - 2019-07-17 12:10 - 000002896 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-17 12:10 - 2019-07-17 12:10 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-17 12:10 - 2019-07-17 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-07-17 12:10 - 2019-07-17 12:10 - 000000000 ____D C:\Program Files\CCleaner
2019-07-17 12:09 - 2019-07-17 12:09 - 020891464 _____ (Piriform Software Ltd) C:\Users\JaraVorel\Downloads\ccsetup560.exe
2019-07-17 11:56 - 2019-07-17 11:56 - 000448512 _____ (OldTimer Tools) C:\Users\JaraVorel\Downloads\TFC.exe
2019-07-17 11:46 - 2019-07-17 11:50 - 000000000 ____D C:\AdwCleaner
2019-07-17 11:45 - 2019-07-17 11:45 - 007025360 _____ (Malwarebytes) C:\Users\JaraVorel\Downloads\adwcleaner_7.3.exe
2019-07-17 10:48 - 2019-07-17 10:47 - 000110064 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2019-07-17 10:46 - 2019-07-17 10:46 - 000098288 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-07-17 10:46 - 2019-07-17 10:46 - 000000000 ____D C:\Program Files (x86)\Java
2019-07-17 10:44 - 2019-07-17 10:44 - 000000000 ____D C:\Users\JaraVorel\AppData\LocalLow\Oracle
2019-07-10 12:02 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-10 12:02 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-10 12:02 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-10 12:02 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 12:02 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-10 12:02 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-10 12:02 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 12:02 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-10 12:02 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-10 12:02 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-10 12:02 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-10 12:02 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-10 12:02 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-10 12:02 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-10 12:02 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-10 12:02 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-10 12:02 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-10 12:02 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-10 12:02 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-10 12:02 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-10 12:02 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-10 12:02 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-10 12:02 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-10 12:02 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-10 12:02 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 12:02 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 12:02 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 12:02 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-10 12:02 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-10 12:02 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 12:02 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 12:02 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 12:01 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-10 12:01 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-10 12:01 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-10 12:01 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-10 12:01 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-10 12:01 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-10 12:01 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-10 12:01 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-10 12:01 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-10 12:01 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-10 12:01 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-10 12:01 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-10 12:01 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-10 12:01 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-10 12:01 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-10 12:01 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-10 12:01 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-10 12:01 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-10 12:01 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-10 12:01 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-10 12:01 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-10 12:01 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-10 12:01 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-10 12:01 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-10 12:01 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-10 12:01 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-10 12:01 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-10 12:01 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-10 12:01 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-10 12:01 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-10 12:01 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-10 12:01 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-10 12:01 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-10 12:01 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-10 12:01 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-10 12:01 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-10 12:01 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-10 12:01 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-10 12:01 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-10 12:01 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-10 12:01 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 12:01 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-10 12:01 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-10 12:01 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-10 12:01 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-10 12:01 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-10 12:01 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-10 12:01 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-10 12:01 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-10 12:01 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-10 12:01 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-10 12:01 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-10 12:01 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-10 12:01 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-10 12:01 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-10 12:01 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-10 12:01 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-10 12:01 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-10 12:01 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-10 12:01 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-10 12:01 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-10 12:01 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-10 12:01 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-10 12:01 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-10 12:01 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-10 12:01 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-10 12:01 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-10 12:01 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-10 12:01 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-10 12:01 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-10 12:01 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-10 12:01 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-10 12:01 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-10 12:01 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-10 12:01 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-10 12:01 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-10 12:01 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-10 12:01 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-10 12:01 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-10 12:01 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-10 12:01 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-10 12:01 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-10 12:01 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-10 12:01 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 12:01 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-10 12:01 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-10 12:01 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-10 12:01 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-10 12:01 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-10 12:01 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-10 12:01 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-10 12:01 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-10 12:01 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-10 12:01 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-10 12:01 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-10 12:01 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-10 12:01 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-10 12:01 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-10 12:01 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-10 12:01 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-10 12:01 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-10 12:01 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-10 12:01 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-10 12:01 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-10 12:01 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-10 12:01 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-10 12:01 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-10 12:01 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-10 12:01 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-10 12:01 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-10 12:01 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 12:01 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-10 12:01 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-10 12:01 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-10 12:01 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-10 12:01 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-10 12:01 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-10 12:01 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-10 12:01 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-10 12:01 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-10 12:01 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-10 12:01 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-10 12:01 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-10 12:01 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-10 12:01 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-10 12:01 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-10 12:01 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-10 12:01 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-10 12:01 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-10 12:01 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-10 12:01 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-10 12:01 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-10 12:01 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-10 12:01 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-10 12:01 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-10 12:01 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-10 12:01 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-10 12:01 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-10 12:01 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-10 12:01 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-10 12:01 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-10 12:01 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-10 12:01 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-10 12:01 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-10 12:01 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-10 12:01 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-10 12:01 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-10 12:01 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-10 12:01 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-10 12:01 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-10 12:01 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-10 12:01 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-10 12:01 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-10 12:01 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-10 12:01 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-10 12:01 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 12:01 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-10 12:01 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-10 12:01 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-10 12:01 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-10 12:01 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-10 12:01 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-10 12:01 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-10 12:01 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-10 12:01 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-10 12:01 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-10 12:01 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-10 12:01 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-10 12:01 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-10 12:01 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-10 12:01 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-10 12:01 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-10 12:01 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-10 12:01 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-10 12:01 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-10 12:01 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 12:01 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-06 11:37 - 2019-07-06 11:37 - 000000000 ____D C:\Users\JaraVorel\Documents\Osiris
2019-07-05 21:20 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2019-07-05 20:59 - 2019-07-05 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2019-07-05 20:59 - 2019-07-05 20:59 - 000000000 ____D C:\Program Files\AutoHotkey
2019-07-05 19:48 - 2019-07-05 19:48 - 000001050 _____ C:\Users\JaraVorel\Desktop\STEAM.lnk
2019-07-05 19:39 - 2019-07-17 12:16 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-05 19:39 - 2019-07-05 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-02 09:32 - 2019-07-02 09:32 - 000001601 _____ C:\Users\JaraVorel\Desktop\Counter-Strike 1.6.lnk
2019-07-01 15:37 - 2019-07-02 09:32 - 000000000 ____D C:\Counter-Strike 1.6
2019-07-01 08:21 - 2019-07-02 09:27 - 000000000 ____D C:\Users\JaraVorel\Desktop\SKINS COUNTER STRIKE 1.6
2019-06-29 21:09 - 2019-06-29 21:21 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\Roblox
2019-06-29 21:09 - 2019-06-29 21:09 - 000001433 _____ C:\Users\JaraVorel\Desktop\ROBLOX.lnk
2019-06-29 21:09 - 2019-06-29 21:09 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-06-28 11:27 - 2019-06-28 11:27 - 000001692 _____ C:\Users\JaraVorel\Desktop\Modern Combat 5 eSports FPS.lnk
2019-06-28 11:26 - 2019-06-28 11:26 - 000000000 ____D C:\Users\JaraVorel\Documents\My Cheat Tables
2019-06-27 14:28 - 2019-06-27 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2019-06-27 14:26 - 2019-06-27 14:32 - 000000000 ____D C:\Program Files (x86)\Counter-Strike
2019-06-27 13:58 - 2019-07-01 16:35 - 000001929 _____ C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike.lnk
2019-06-27 13:52 - 2019-06-27 13:52 - 000000000 ____D C:\ProgramData\Norton
2019-06-26 17:00 - 2019-07-01 16:36 - 000000000 ____D C:\Users\JaraVorel\Counter-Strike 1.6
2019-06-26 16:53 - 2019-07-05 21:00 - 000000000 ____D C:\Users\JaraVorel\Desktop\HACKZ
2019-06-23 17:35 - 2019-07-17 11:35 - 000000298 _____ C:\Users\JaraVorel\AppData\Roaming\WB.CFG
2019-06-23 14:28 - 2019-06-23 14:34 - 000000000 ___RD C:\Users\JaraVorel\Documents\MEGA
2019-06-23 14:28 - 2019-06-23 14:33 - 000000000 ____D C:\Users\JaraVorel\Documents\MEGAsync Downloads
2019-06-21 17:43 - 2019-06-21 17:43 - 000002193 _____ C:\Users\JaraVorel\Desktop\MINECRAFT.lnk
2019-06-21 17:43 - 2019-06-21 17:43 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2019-06-21 17:38 - 2019-06-21 17:38 - 000000000 ____D C:\Program Files\UNP
2019-06-21 17:36 - 2019-06-21 17:37 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2019-06-21 17:36 - 2019-06-21 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2019-06-21 14:36 - 2019-06-21 14:36 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\chromium
2019-06-21 14:36 - 2019-06-21 14:36 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\AppKiwi
2019-06-21 14:35 - 2019-07-17 11:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\SyncTask
2019-06-21 14:35 - 2019-06-21 14:36 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\booking-nativefier-9f4f54
2019-06-21 14:35 - 2019-06-21 14:36 - 000000000 ____D C:\ProgramData\{948DA8B1-BCA5-D0C9-E4FD-F8E10C152039}
2019-06-21 14:35 - 2019-06-21 14:35 - 000001363 _____ C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2019-06-21 14:35 - 2019-06-21 14:35 - 000000000 ____D C:\ProgramData\NortonInstaller
2019-06-21 14:34 - 2019-06-21 14:37 - 000000000 ____D C:\ProgramData\qabfd
2019-06-21 14:34 - 2019-06-21 14:34 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\WarThunder
2019-06-21 14:34 - 2019-06-21 14:34 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-18 07:23 - 2018-06-15 09:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-17 22:48 - 2018-06-15 10:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-17 22:48 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-17 22:45 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-17 22:45 - 2017-08-24 12:52 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-07-17 14:26 - 2018-06-15 10:00 - 000813658 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-17 14:26 - 2018-04-12 17:50 - 002861566 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-17 14:26 - 2018-04-12 17:50 - 000782114 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-17 12:40 - 2019-01-26 14:52 - 000000000 __SHD C:\Users\JaraVorel\AppData\Roaming\wow64_microsoft-windows-i..isapifilterbinaries_31bf3856ad364e35_10.0.17763.1_none_67b3bde5c5a75b0a
2019-07-17 12:39 - 2017-08-25 07:44 - 000000000 ____D C:\Users\JaraVorel\AppData\LocalLow\Mozilla
2019-07-17 12:27 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-17 12:27 - 2017-08-24 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-07-17 12:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-17 12:17 - 2018-02-02 09:19 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\Packages
2019-07-17 12:14 - 2018-02-11 14:19 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\TS3Client
2019-07-17 11:15 - 2017-08-25 09:03 - 000000000 ____D C:\ProgramData\McAfee
2019-07-17 11:10 - 2019-03-15 14:54 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Discord
2019-07-17 10:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-17 10:48 - 2018-11-17 08:32 - 000000000 ____D C:\Program Files\Java
2019-07-17 10:48 - 2017-10-27 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-07-17 10:47 - 2018-11-17 08:33 - 000110064 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-07-17 10:42 - 2017-08-24 14:51 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-17 10:38 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-07-10 12:21 - 2019-06-13 18:21 - 000000000 ___RD C:\Users\JaraVorel\3D Objects
2019-07-10 12:21 - 2018-06-15 09:49 - 000405936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-10 12:21 - 2017-08-24 12:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-10 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-10 12:18 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-10 12:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-10 12:08 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 12:00 - 2017-08-30 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 11:55 - 2017-08-30 18:50 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 11:48 - 2019-01-18 18:36 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-09 10:22 - 2018-06-15 10:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-05 20:59 - 2017-08-24 14:58 - 000000000 ____D C:\WINDOWS\SHELLNEW
2019-07-05 19:38 - 2018-03-25 16:11 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-02 09:32 - 2018-03-22 17:50 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2019-07-01 18:48 - 2018-06-15 09:52 - 000000000 ____D C:\Users\JaraVorel
2019-07-01 13:15 - 2019-02-17 20:37 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\ElevatedDiagnostics
2019-06-29 21:09 - 2017-08-25 07:46 - 000000250 _____ C:\Users\JaraVorel\AppData\LocalLow\rbxcsettings.rbx
2019-06-28 10:04 - 2018-04-07 15:45 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\PlaceholderTileLogoFolder
2019-06-28 09:55 - 2017-08-24 12:41 - 000000000 ____D C:\Users\JaraVorel\AppData\Local\ConnectedDevicesPlatform
2019-06-23 18:27 - 2017-10-27 22:23 - 000000000 ____D C:\Users\JaraVorel\AppData\Roaming\.minecraft
2019-06-21 17:35 - 2019-02-01 23:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-21 17:35 - 2017-08-25 07:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-21 14:49 - 2019-02-01 23:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-21 14:21 - 2018-11-17 07:00 - 000000000 ____D C:\Program Files\rempl

==================== Files in the root of some directories ================

2019-03-15 19:32 - 2019-03-15 19:32 - 000000013 _____ () C:\Users\JaraVorel\AppData\Roaming\rbx_hook
2019-06-23 17:35 - 2019-07-17 11:35 - 000000298 _____ () C:\Users\JaraVorel\AppData\Roaming\WB.CFG

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by JaraVorel (18-07-2019 07:30:39)
Running from C:\Users\JaraVorel\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-06-15 08:00:32)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4002784267-4110871527-199123456-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4002784267-4110871527-199123456-503 - Limited - Disabled)
Guest (S-1-5-21-4002784267-4110871527-199123456-501 - Limited - Disabled)
JaraVorel (S-1-5-21-4002784267-4110871527-199123456-1001 - Administrator - Enabled) => C:\Users\JaraVorel
WDAGUtilityAccount (S-1-5-21-4002784267-4110871527-199123456-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{80CC2950-1814-AC9E-3D0D-C90A55E8D4DC}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{6B0B6172-7323-3978-C975-21DF6DF80E71}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{B75AE7D2-592B-59C9-D4AB-425E60BB37A3}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{587F9805-4CD8-0F20-D653-83401BE78CC2}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{CB010EC4-AA3B-BCE4-D404-1E2F8D2DCC5B}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{3A755952-64D5-23A9-A277-FFD385C1FB6B}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{92E1BEC3-CBE6-F9A9-D7E6-06D5F394E68D}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{6B24AFE6-AB87-D3D1-D373-16A1FBC7CFB0}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D971F05F-649C-207F-E93B-32948E534112}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{26F1F4A7-20CA-14F7-2FD4-881A091CC3B0}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{E56BC5C6-72A4-CB01-C088-4A49C08E8445}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{21BC8691-9AF5-3C88-9943-F29276660BAA}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{68B28E41-D54A-C41A-3E0B-347459597C2F}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{D3A475CA-EE19-EB26-2134-63AE67843005}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{B3CE29F8-87C4-96BF-7C94-82659E62710D}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{29BF8AF3-23C2-DC38-E15A-DD76865380CC}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{2845D5D2-5EEF-BDCF-8288-01DCEB918680}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C71FD137-A760-2E9E-2286-233EA5550C84}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{2E80A4A4-07BC-6AB4-64DF-05D825E23E7B}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{6A9E8B8B-88E8-E128-9F68-5CADD3F8598D}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{6E1880E5-FF3B-C060-7550-D173CA379F7A}) (Version: 2016.0707.1524.25901 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Counter-Strike (HKLM-x32\...\Counter-Strike) (Version: - )
Counter-Strike 1.6 (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 v43g (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Counter-Strike 1.6_is1) (Version: - Valve)
Discord (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Epic Games Launcher (HKLM-x32\...\{466EA30A-9B38-4AD2-A6B0-18D6E0C1A848}) (Version: 1.1.206.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version: - )
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Roblox Player for JaraVorel (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\roblox-player) (Version: - Roblox Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
ZombsRoyale.io (HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\519338998791929866) (Version: - )

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Modern Combat 5: eSports FPS -> C:\Program Files\WindowsApps\A278AB0D.ModernCombat5Blackout_3.9.0.7_x86__h6adky7gbf63m [2019-07-17] (Gameloft.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-17] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4002784267-4110871527-199123456-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-07-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\JaraVorel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=EqisVdWWsogBl3dQCGKynAA3aoCZD2qRxEN71cBWM8mgT3aN9Dd7ipJgAAACHul0Qie&click_id=3e315e7523b0da6d8759e2aa7dee94bff2b2437a --app-window-size=1538,865
ShortcutWithArgument: C:\Users\JaraVorel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=EqisVdWWsogBl3dQCGKynAA3aoCZD2qRxEN71cBWM8mgT3aN9Dd7ipJgAAACHul0Qie&click_id=3e315e7523b0da6d8759e2aa7dee94bff2b2437a

==================== Loaded Modules (Whitelisted) ==============

2016-07-07 15:24 - 2016-07-07 15:24 - 000138752 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2019-06-11 17:16 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files (x86)\7-Zip\7-zip.dll
2015-07-02 12:58 - 2015-07-02 12:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 17:03 - 2015-06-25 17:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 05:13 - 2015-06-25 05:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 17:00 - 2015-06-25 17:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 17:23 - 2015-06-25 17:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 17:28 - 2015-06-25 17:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 17:08 - 2015-06-25 17:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 17:58 - 2015-06-25 17:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 16:59 - 2015-06-25 16:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\JaraVorel:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2019-01-26 15:04 - 067109104 ____N C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\JaraVorel\Desktop\Wallpapers-Skull-HD-Gallery-86-Plus-PIC-WPW3014543.png
DNS Servers: 10.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "ForteConfig"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\Run: => "Blogger"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-4002784267-4110871527-199123456-1001\...\StartupApproved\Run: => "Application Restart #2"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{783697F8-5A43-435A-AD89-A0E583E42EF0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C57CE64D-F5C6-4721-99B4-E7EFE28E12EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{C1100CB1-2DB6-43B7-B99E-911D2C97EC1B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{55E487B9-3277-4834-8352-B0A9E5422836}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{40EA970D-A40F-41D4-9130-4C9460236B43}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5684EDA3-3FAA-4549-BB27-B97CA1EB47CA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C28E62F4-DA7F-4A46-B519-AE511DF3FD4E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{82777C08-78C4-4E92-81C3-BDAA3CD60535}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{291059B2-AF89-4FFC-9A75-A6CAA66F4E73}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{CF01DBB2-8EA7-4806-9717-B46F1FDD7527}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [TCP Query User{53E12533-7C16-458D-A836-FBE6F0ADD5D2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2B95E693-B1C8-4292-BC3E-8B9CF9CF8085}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E68885FD-3FED-46F2-93F6-5B9E25070B2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{46E319B6-F251-44D5-9E6B-43B6A0724CC5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{58171C1A-841E-4D71-B380-ADC6F3E9184F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E451FACD-2840-451E-B86A-AAE8227FE966}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4E1D9841-289A-4DFD-8366-E3CE18D2760A}C:\users\jaravorel\appdata\local\discordgames\zombsroyaleio\content\zombsroyale.exe] => (Allow) C:\users\jaravorel\appdata\local\discordgames\zombsroyaleio\content\zombsroyale.exe () [File not signed]
FirewallRules: [UDP Query User{5DC49174-6B4F-477D-8FF4-E8AC47535FB5}C:\users\jaravorel\appdata\local\discordgames\zombsroyaleio\content\zombsroyale.exe] => (Allow) C:\users\jaravorel\appdata\local\discordgames\zombsroyaleio\content\zombsroyale.exe () [File not signed]
FirewallRules: [TCP Query User{D4ADD977-B380-4CD8-B6BD-8F2AD31901F1}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{2380858B-126E-476A-B072-0B2D9D755B58}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{CEF2CC2E-FF2B-4392-8D8F-7CE7CD58743C}C:\users\jaravorel\counter-strike 1.6\hl.exe] => (Allow) C:\users\jaravorel\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{E4F64BAC-BB97-451A-90B2-B323B6737039}C:\users\jaravorel\counter-strike 1.6\hl.exe] => (Allow) C:\users\jaravorel\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{284873C7-324B-41C6-ADFA-662860E36703}C:\program files (x86)\counter-strike\hl.exe] => (Allow) C:\program files (x86)\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{9483FBF2-A1E9-4223-B0AD-5F9D60085355}C:\program files (x86)\counter-strike\hl.exe] => (Allow) C:\program files (x86)\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [{73EEB410-0F96-4878-A182-C768A67F710E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{BF7586A9-3670-4E5C-9B94-D95F1C2525E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{139F6648-8798-4B88-A22B-9FA9504FD2B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6998F66F-492B-44CC-91CD-5BD4DD59E9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{57C3D1D5-473A-4A9D-BDAB-09587F5C5E9C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-07-2019 11:01:40 Naplánovaný kontrolní bod
17-07-2019 12:49:23 Naplánovaný kontrolní bod
17-07-2019 13:35:50 JRT Pre-Junkware Removal
17-07-2019 13:47:30 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2019 07:26:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchUI.exe verze 10.0.17134.885 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2004

Čas spuštění: 01d53d293735c40d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

ID hlášení: 952d6ee3-1458-4ab7-a99e-4b6b37cf2dba

Úplný název balíčku s chybou: Microsoft.Windows.Cortana_1.10.8.17134_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: CortanaUI

Error: (07/18/2019 07:24:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2019.19051.16210.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1d04

Čas spuštění: 01d53ce2edb133ef

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 2ec608c3-719c-4cfc-a2e3-9ab941fc811f

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: App

Error: (07/18/2019 07:24:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchUI.exe verze 10.0.17134.885 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 13e0

Čas spuštění: 01d53ce10733d1d6

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

ID hlášení: fafe09df-71a4-4cc4-a182-06d4f6e75a62

Úplný název balíčku s chybou: Microsoft.Windows.Cortana_1.10.8.17134_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: CortanaUI

Error: (07/17/2019 11:00:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2019.19051.16210.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 210

Čas spuštění: 01d53ce1a5f24318

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 01d4a8de-2e11-4d8f-a8d3-76589283e8d9

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: App

Error: (07/17/2019 01:57:49 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:57:44 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:57:39 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (07/17/2019 01:52:44 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

System errors:
=============
Error: (07/17/2019 10:50:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 10:49:51 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VBJU42V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-VBJU42V\JaraVorel (SID: S-1-5-21-4002784267-4110871527-199123456-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 10:48:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 10:48:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 10:45:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Remediation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/17/2019 10:45:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdaptiveSleepService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/17/2019 10:45:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/17/2019 10:45:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant SmartAudio service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
===================================
Date: 2019-07-08 12:25:45.450
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A8C1B23A-B52B-468D-A58F-61C0A87FB435}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-05 18:28:37.859
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D30C41EB-271C-4FBE-8BFA-81202AFF5CC0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-05 18:18:12.275
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D4A04B56-2A1D-4D8A-B758-1B45C7EAB777}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-01 10:40:28.325
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Contebrew.A!ml
ID: 251873
Závažnost: Střední
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\JaraVorel\AppData\Roaming\Gocoha\SyncTask.exe; file:_C:\WINDOWS\System32\Tasks\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99FED2DE-BE06-4228-89E7-CD29E6A5B546}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}; taskscheduler:_C:\WINDOWS\System32\Tasks\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.297.204.0, AS: 1.297.204.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.16100.4, NIS: 0.0.0.0

Date: 2019-07-01 09:51:13.786
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Contebrew.A!ml
ID: 251873
Závažnost: Střední
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\JaraVorel\AppData\Roaming\Gocoha\SyncTask.exe; file:_C:\WINDOWS\System32\Tasks\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99FED2DE-BE06-4228-89E7-CD29E6A5B546}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}; taskscheduler:_C:\WINDOWS\System32\Tasks\SyncTask\{02519C1E-EA16-B0D2-AF1E-53239AC3EB45}
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.297.204.0, AS: 1.297.204.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.16100.4, NIS: 0.0.0.0

Date: 2019-04-19 08:51:40.826
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2019-04-06 16:46:30.045
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1153.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240016
Popis chyby

ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-02-18 08:56:51.894
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.287.189.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.8
Kód chyby: 0x80070643
Popis chyby

ři instalaci došlo k závažné chybě.

Date: 2019-02-17 16:55:44.934
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.287.93.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.8
Kód chyby: 0x80240438
Popis chyby

ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-01-30 08:46:35.973
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.341.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x8024402c
Popis chyby

ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-02-18 10:02:27.856
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 21:00:08.268
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 21:00:05.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:59:47.319
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:35:27.458
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:35:25.806
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:35:10.049
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

Date: 2019-01-05 20:33:32.636
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Steam\steamapps\common\Combat Arms Reloaded\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO A4CN42WW (V 2.11) 07/27/2016
Motherboard: LENOVO Lancer 5B3
Processor: AMD FX-7500 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 59%
Total physical RAM: 3514.61 MB
Available physical RAM: 1435.3 MB
Total Virtual: 7098.61 MB
Available Virtual: 4977.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.6 GB) (Free:68.62 GB) NTFS

\\?\Volume{764186e3-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{764186e3-0000-0000-0000-80c537000000}\ () (Fixed) (Total:0.48 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 764186E3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=494 MB) - (Type=27)

==================== End of Addition.txt ============================

#6 Příspěvek od **Conder** » 18 črc 2019 20:03

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\WINDOWS\System32\mracsvc.exe
File: C:\WINDOWS\System32\drivers\mracdrv.sys
File: C:\Windows\SysWOW64\ssins.exe
CMD: type "C:\Users\JaraVorel\AppData\Roaming\rbx_hook"
CMD: type "C:\Users\JaraVorel\AppData\Roaming\WB.CFG"

GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [No File]
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=chxtn15.1.13.1&q={searchTerms}&fr=chxtn15.1.13.1
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Extension: (Adblocker for Youtube™) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\honmgldinfkdoibjgmofiioodbclaomc [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Adblocker for Youtube™) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpglfhgfnhbgpjdenjgmdgoeiappafln [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [gndoicapfdaldiokbcdnllfhnapokcbk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mdhpacfhljhcombkalcmkahkhodpkbim] - hxxps://clients2.google.com/service/update2/crx
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [11749648 2019-01-01] (Mail.Ru LLC -> LLC Mail.Ru)
C:\WINDOWS\System32\mracsvc.exe
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [4058496 2017-12-29] (PS Media s.r.o. -> PS Media s.r.o.)
C:\Windows\SysWOW64\ssins.exe
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [10962696 2019-01-01] (Mail.Ru LLC -> LLC Mail.Ru)
C:\WINDOWS\System32\drivers\mracdrv.sys
2019-07-17 11:15 - 2017-08-25 09:03 - 000000000 ____D C:\ProgramData\McAfee
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
AlternateDataStreams: C:\Users\JaraVorel:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

ekki · #7 Příspěvek od **ekki** » 19 črc 2019 06:19

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by JaraVorel (19-07-2019 07:12:29) Run:1
Running from C:\Users\JaraVorel\Desktop
Loaded Profiles: JaraVorel (Available Profiles: JaraVorel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\WINDOWS\System32\mracsvc.exe
File: C:\WINDOWS\System32\drivers\mracdrv.sys
File: C:\Windows\SysWOW64\ssins.exe
CMD: type "C:\Users\JaraVorel\AppData\Roaming\rbx_hook"
CMD: type "C:\Users\JaraVorel\AppData\Roaming\WB.CFG"

GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [No File]
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=chxtn15.1.13.1&q={searchTerms}&fr=chxtn15.1.13.1
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Extension: (Adblocker for Youtube�) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\honmgldinfkdoibjgmofiioodbclaomc [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Adblocker for Youtube�) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpglfhgfnhbgpjdenjgmdgoeiappafln [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [gndoicapfdaldiokbcdnllfhnapokcbk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mdhpacfhljhcombkalcmkahkhodpkbim] - hxxps://clients2.google.com/service/update2/crx
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [11749648 2019-01-01] (Mail.Ru LLC -> LLC Mail.Ru)
C:\WINDOWS\System32\mracsvc.exe
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [4058496 2017-12-29] (PS Media s.r.o. -> PS Media s.r.o.)
C:\Windows\SysWOW64\ssins.exe
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [10962696 2019-01-01] (Mail.Ru LLC -> LLC Mail.Ru)
C:\WINDOWS\System32\drivers\mracdrv.sys
2019-07-17 11:15 - 2017-08-25 09:03 - 000000000 ____D C:\ProgramData\McAfee
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\JaraVorel:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 4861
Average :
Sum : 32936714644
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

========================= File: C:\WINDOWS\System32\mracsvc.exe ========================

C:\WINDOWS\System32\mracsvc.exe
File is digitally signed
MD5: 9B6EB9A331F16D76872D928FD05F0A74
Creation and modification date: 2018-10-19 21:55 - 2019-01-01 19:05
Size: 011749648
Attributes: ----A
Company Name: Mail.Ru LLC -> LLC Mail.Ru
Internal Name: mracsvc.exe
Original Name: mracsvc.exe
Product: Mail.Ru AntiCheat
Description: Mail.Ru AntiCheat Service
File Version: 2.46.0
Product Version: 2.46.0
Copyright: Copyright (C) 2018 LLC Mail.Ru
VirusTotal: https://www.virustotal.com/file/6ef91a1 ... 559712784/

====== End of File: ======

========================= File: C:\WINDOWS\System32\drivers\mracdrv.sys ========================

C:\WINDOWS\System32\drivers\mracdrv.sys
File is digitally signed
MD5: 9893F237A6EA56986203A6EFECAB1B4D
Creation and modification date: 2018-10-19 21:55 - 2019-01-01 19:05
Size: 010962696
Attributes: ----A
Company Name: Mail.Ru LLC -> LLC Mail.Ru
Internal Name: mracdrv.sys
Original Name: mracdrv.sys
Product: Mail.Ru AntiCheat
Description: Mail.Ru AntiCheat Driver
File Version: 2.46.0
Product Version: 2.46.0
Copyright: Copyright (C) 2018 LLC Mail.Ru
VirusTotal: https://www.virustotal.com/file/067ce82 ... 561104740/

====== End of File: ======

========================= File: C:\Windows\SysWOW64\ssins.exe ========================

C:\Windows\SysWOW64\ssins.exe
File is digitally signed
MD5: FD52B94C4E60D83E1A29BC2C23FDFCA4
Creation and modification date: 2017-12-29 20:17 - 2017-12-29 20:17
Size: 004058496
Attributes: ----A
Company Name: PS Media s.r.o. -> PS Media s.r.o.
Internal Name: Seznam instalator
Original Name: sinstalator.exe
Product: Seznam.cz instalátor - služba
Description: Seznam.cz Instalátor
File Version: 3.5.0.0
Product Version: 3.5.0.0
Copyright: Radek Szurman
VirusTotal: https://www.virustotal.com/file/0adf344 ... 553156934/

====== End of File: ======

========= type "C:\Users\JaraVorel\AppData\Roaming\rbx_hook" =========

click_disable
========= End of CMD: =========

========= type "C:\Users\JaraVorel\AppData\Roaming\WB.CFG" =========

1222021553\+20,`j-13,V`2>:2<3+W,2;3<=;38+95,let-2,?40<<<5+Q,<==:>12>+73,f-21,gs-1,940<<<6+Q,90=:=839+73,q-4,n-2,)nmgp2>:2:8+W,763<3>=?+95,im[nlep2i-0,jPy-1,pkrci-4,a-4,k`-4,gw=3-4,=7h:a>mV56U;1Pyzc?:+4>,lkVtnxhi-1,7+V,w-0,y),+K^Zal7819;:2738=/+U,mp2Y;3<;),+li4gu*+V,w-0,l+4>,ckzp-2,oyk-23,4M+20,I-d
========= End of CMD: =========

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0 => removed successfully
"Chrome HomePage" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
CHR Extension: (Adblocker for Youtube�) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\honmgldinfkdoibjgmofiioodbclaomc [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Adblocker for Youtube�) - C:\Users\JaraVorel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpglfhgfnhbgpjdenjgmdgoeiappafln [2019-01-26] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gndoicapfdaldiokbcdnllfhnapokcbk => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ikpcpgklmefncbfgbdifkaphbaapgafh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mdhpacfhljhcombkalcmkahkhodpkbim => removed successfully
HKLM\System\CurrentControlSet\Services\mracsvc => removed successfully
mracsvc => service removed successfully
C:\WINDOWS\System32\mracsvc.exe => moved successfully
HKLM\System\CurrentControlSet\Services\ssinstall => removed successfully
ssinstall => service removed successfully
C:\Windows\SysWOW64\ssins.exe => moved successfully
HKLM\System\CurrentControlSet\Services\mracdrv => removed successfully
mracdrv => service removed successfully
C:\WINDOWS\System32\drivers\mracdrv.sys => moved successfully
C:\ProgramData\McAfee => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
C:\Users\JaraVorel => ":Heroes & Generals" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28512979 B
Java, Flash, Steam htmlcache => 41586017 B
Windows/system/drivers => 143792 B
Edge => 8283 B
Chrome => 37423183 B
Firefox => 19697361 B
Opera => 140706 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 9 B
LocalService => 12070 B
LocalService => 0 B
NetworkService => 6656 B
NetworkService => 0 B
JaraVorel => 2093539 B

RecycleBin => 0 B
EmptyTemp: => 134.4 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 07:15:35 ====

#8 Příspěvek od **Conder** » 19 črc 2019 16:37

Plocha ma vyse 30 GB, co je prilis vela. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Ako to vyzera s PC? Su nejake problemy?

VIRY.CZ

Kontrola

Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola

Re: Kontrola