Preventivní kontrola

Zpráva

toox · #1 Příspěvek od **toox** » 28 črc 2019 15:22

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by YMER (administrator) on DESKTOP-00MKO9B (Gigabyte Technology Co., Ltd. P55-UD3L) (28-07-2019 16:19:40)
Running from E:\YMER\Desktop
Loaded Profiles: YMER (Available Profiles: YMER)
Platform: Windows 10 Education Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BitTorrent Inc -> BitTorrent Inc.) E:\YMER\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) E:\YMER\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe
(ManyCam -> Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(NewSoftwares.net, Inc SDN. BHD. -> NewSoftwares.net) C:\Windows\SysWOW64\WinFLService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(SafeNet, Inc. -> SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [uTorrent] => E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe [1983672 2018-04-18] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-07-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-17] (Google LLC -> Google LLC)
IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1AC345DB-4580-4478-AC2F-20113B9AFBCB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3ACCC9F8-B9D3-4120-8B9D-9AEA1940A74A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {43D43F24-7A10-42C8-B31C-C72FDFAFEA8C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {51E12E58-4570-47BF-A1F9-C77C912514D9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {71D05E32-FE43-454E-8CF0-C6884B323213} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {72269900-38AC-424A-A4C5-D240FD6A71F0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {79D688C3-C226-4A6E-9C5A-82BB92E210C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A31E0422-AE8C-4A3E-8D0E-3C2E147358E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A838C60B-8F80-4C08-A6CD-58847758ACDA} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.4.0\Scheduler.exe [149776 2019-03-29] (IObit Information Technology -> IObit)
Task: {BA275E91-D49A-4015-8201-246518447F57} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E884A262-B17B-4797-870F-273D05121EF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {EADEC08D-E7BA-4E67-A423-8D22194ADBBD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {EBD9B64B-B57D-4380-852D-5A60FC817FEF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE287196-5399-4B11-B186-3251014985CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {FA211A20-E0C1-4156-8016-4AF3CC92CCF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{befebb7f-74f7-44af-93c9-456282bae772}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

FireFox:
========
FF DefaultProfile: orxdtu8e.default-1544966886308
FF ProfilePath: C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 [2019-07-28]
FF Extension: (Pinned Google Drive) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2019-05-19]
FF Extension: (Double-click Image Downloader) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\jid1-xgtdawe3yyUeBQ@jetpack.xpi [2019-07-12]
FF Extension: (Avast Online Security) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\wrc@avast.com.xpi [2019-07-23] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Blue Mozilla Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{250785ec-4aec-42b6-823f-05343d80e109}.xpi [2019-06-04]
FF Extension: (have a fox dream) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{3f1aff6b-0363-410f-b81b-9a286ffb4b10}.xpi [2019-05-13]
FF Extension: (Beach) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7668c7ca-266d-42af-8bb0-fff91d127aaf}.xpi [2019-05-14]
FF Extension: (YouTube High Definition) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2019-07-10]
FF Extension: (Mozilla: Firefox OS) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2019-07-12]
FF Extension: (esafox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-06-02]
FF Extension: (Complete Black Theme for Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{c161a71c-fb42-4608-b001-5634b3f59a8b}.xpi [2019-06-04]
FF Extension: (No Name) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-26] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-26] (Adobe Inc. -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-21]
CHR Extension: (Prezentace) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-10]
CHR Extension: (Dokumenty) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-12]
CHR Extension: (Disk Google) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (YouTube) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-07]
CHR Extension: (Tabulky) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-12]
CHR Extension: (Avast Online Security) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-10]
CHR Extension: (Gmail) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; E:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 FLService; C:\Windows\SysWOW64\WinFLService.exe [94728 2018-10-01] (NewSoftwares.net, Inc SDN. BHD. -> NewSoftwares.net)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (ManyCam -> Visicom Media Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5073792 2019-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc. -> SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc. -> SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc. -> SafeNet, Inc.)
S3 sshd; C:\Windows\System32\OpenSSH\sshd.exe [970240 2018-05-20] (Microsoft Windows -> )
S3 SshdBroker; C:\Windows\System32\SshdBroker.dll [285696 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [118088 2019-04-20] (Alcorlink Corp. -> )
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279336 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387896 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2018-07-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2018-05-24] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-11-07] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-07-27] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-24] (Martin Malik - REALiX -> REALiX(tm))
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2018-10-01] (NewSoftwares.net Inc. SDN. BHD. -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2019-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1138136 2019-04-20] (Realtek Semiconductor Corp. -> Realtek )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [56840 2019-04-20] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-10] (Microsoft Windows -> Microsoft Corporation)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36472 2018-10-01] (Newsoftwares.net, Inc SDN BHD -> )
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2018-10-01] (NewSoftwares.net Inc. SDN. BHD. -> NewSoftwares.net, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-28 13:14 - 2019-07-28 13:14 - 000000000 ____D C:\Users\YMER\AppData\LocalLow\uTorrent
2019-07-22 14:41 - 2019-07-22 14:41 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-22 14:41 - 2019-07-22 14:41 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-07-22 14:41 - 2019-07-22 14:41 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-20 21:08 - 2019-07-21 12:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-13 19:03 - 2019-07-13 19:59 - 000000000 ____D C:\ProgramData\Reprise
2019-07-13 19:00 - 2019-07-13 19:00 - 000000110 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2019-07-13 19:00 - 2019-07-13 19:00 - 000000000 ____D C:\Users\YMER\AppData\Roaming\3D Systems
2019-07-13 19:00 - 2019-07-13 19:00 - 000000000 ____D C:\Users\YMER\AppData\Local\3D Systems
2019-07-13 18:56 - 2019-07-13 18:56 - 000000000 ____D C:\Users\YMER\AppData\Local\3D_Systems
2019-07-13 18:50 - 2019-07-13 18:50 - 000000000 ____D C:\ProgramData\3D Systems
2019-07-13 18:50 - 2019-07-13 18:50 - 000000000 ____D C:\Program Files\3D Systems
2019-07-13 18:47 - 2019-07-13 18:47 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2019-07-13 18:47 - 2013-08-01 15:11 - 004609928 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe
2019-07-13 18:47 - 2013-08-01 15:11 - 004609928 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe
2019-07-13 18:47 - 2013-08-01 15:11 - 000331328 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys
2019-07-13 18:47 - 2013-08-01 15:11 - 000198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll
2019-07-13 18:47 - 2013-08-01 15:11 - 000140736 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys
2019-07-13 18:47 - 2013-08-01 15:11 - 000091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys
2019-07-13 18:47 - 2009-09-17 07:05 - 000145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys
2019-07-13 18:46 - 2019-07-13 18:46 - 000000000 ____D C:\Users\YMER\Documents\Downloaded Installations
2019-07-13 18:46 - 2019-07-13 18:46 - 000000000 ____D C:\Program Files (x86)\SafeNet Sentinel
2019-07-10 10:13 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-07-10 10:13 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2019-07-10 10:13 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-10 10:13 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 10:13 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-07-10 10:13 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2019-07-10 10:13 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 10:13 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2019-07-10 10:13 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-07-10 10:13 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-07-10 10:13 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-10 10:13 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-10 10:13 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-07-10 10:13 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2019-07-10 10:13 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-10 10:13 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-07-10 10:13 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2019-07-10 10:13 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-10 10:13 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2019-07-10 10:13 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-07-10 10:13 - 2019-06-13 12:11 - 001539896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-07-10 10:13 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll
2019-07-10 10:13 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-07-10 10:13 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-07-10 10:13 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2019-07-10 10:13 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2019-07-10 10:13 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2019-07-10 10:13 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 10:13 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 10:13 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 10:13 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-07-10 10:13 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2019-07-10 10:13 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2019-07-10 10:13 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 10:13 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 10:13 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-10 10:13 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 10:12 - 2019-07-04 11:45 - 001786680 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-07-10 10:12 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-07-10 10:12 - 2019-07-04 11:41 - 000304144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2019-07-10 10:12 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-07-10 10:12 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-07-10 10:12 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-07-10 10:12 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-07-10 10:12 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2019-07-10 10:12 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-10 10:12 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-07-10 10:12 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-10 10:12 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-07-10 10:12 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-07-10 10:12 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-07-10 10:12 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-07-10 10:12 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-07-10 10:12 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-10 10:12 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-07-10 10:12 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-07-10 10:12 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-07-10 10:12 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-07-10 10:12 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-07-10 10:12 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-10 10:12 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-10 10:12 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-07-10 10:12 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2019-07-10 10:12 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-07-10 10:12 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-07-10 10:12 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-07-10 10:12 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2019-07-10 10:12 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-07-10 10:12 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-10 10:12 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-07-10 10:12 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-10 10:12 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-07-10 10:12 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-07-10 10:12 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-07-10 10:12 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2019-07-10 10:12 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-07-10 10:12 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-10 10:12 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 10:12 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-07-10 10:12 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-07-10 10:12 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-07-10 10:12 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-07-10 10:12 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-07-10 10:12 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-07-10 10:12 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-10 10:12 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-07-10 10:12 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-07-10 10:12 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-10 10:12 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-07-10 10:12 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-07-10 10:12 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-07-10 10:12 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-10 10:12 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-07-10 10:12 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-07-10 10:12 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-07-10 10:12 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-10 10:12 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-10 10:12 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-07-10 10:12 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-07-10 10:12 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-07-10 10:12 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-07-10 10:12 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2019-07-10 10:12 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2019-07-10 10:12 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-10 10:12 - 2019-07-04 05:01 - 000001312 _____ C:\Windows\system32\tcbres.wim
2019-07-10 10:12 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-07-10 10:12 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-10 10:12 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-10 10:12 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-10 10:12 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-10 10:12 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-10 10:12 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-10 10:12 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-10 10:12 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-07-10 10:12 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-10 10:12 - 2019-06-13 13:43 - 001427984 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-07-10 10:12 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 10:12 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-07-10 10:12 - 2019-06-13 13:42 - 002266936 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-07-10 10:12 - 2019-06-13 13:42 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-07-10 10:12 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2019-07-10 10:12 - 2019-06-13 13:41 - 001626936 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-07-10 10:12 - 2019-06-13 13:41 - 000830264 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2019-07-10 10:12 - 2019-06-13 13:41 - 000825144 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-07-10 10:12 - 2019-06-13 13:41 - 000670008 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2019-07-10 10:12 - 2019-06-13 13:40 - 000749880 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-07-10 10:12 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-10 10:12 - 2019-06-13 13:40 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2019-07-10 10:12 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2019-07-10 10:12 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2019-07-10 10:12 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2019-07-10 10:12 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2019-07-10 10:12 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-10 10:12 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2019-07-10 10:12 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-07-10 10:12 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-10 10:12 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2019-07-10 10:12 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2019-07-10 10:12 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2019-07-10 10:12 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2019-07-10 10:12 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2019-07-10 10:12 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-07-10 10:12 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2019-07-10 10:12 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-07-10 10:12 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2019-07-10 10:12 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-07-10 10:12 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\DesktopSwitcherDataModel.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2019-07-10 10:12 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2019-07-10 10:12 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2019-07-10 10:12 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-07-10 10:12 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2019-07-10 10:12 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 10:12 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-07-10 10:12 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-07-10 10:12 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-10 10:12 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2019-07-10 10:12 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2019-07-10 10:12 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-07-10 10:12 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-07-10 10:12 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-07-10 10:12 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2019-07-10 10:12 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2019-07-10 10:12 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-10 10:12 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-07-10 10:12 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-07-10 10:12 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2019-07-10 10:12 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-07-10 10:12 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2019-07-10 10:12 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-07-10 10:12 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-07-10 10:12 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-07-10 10:12 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-10 10:12 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-07-10 10:12 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-07-10 10:12 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-10 10:12 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2019-07-10 10:12 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-07-10 10:12 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2019-07-10 10:12 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-07-10 10:12 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-07-10 10:12 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-07-10 10:12 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2019-07-10 10:12 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\KdsCli.dll
2019-07-10 10:12 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-07-10 10:12 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-10 10:12 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-07-10 10:12 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
2019-07-10 10:12 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-07-10 10:12 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-07-10 10:12 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-07-10 10:12 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2019-07-10 10:12 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-07-10 10:12 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2019-07-10 10:12 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-07-10 10:12 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-07-10 10:12 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-07-10 10:12 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-07-10 10:12 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-07-10 10:12 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 10:12 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-07-10 10:12 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-07-10 10:12 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-07-10 10:12 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2019-07-10 10:12 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-07-10 10:12 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-10 10:12 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-07-10 10:12 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-07-10 10:12 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2019-07-10 10:12 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2019-07-10 10:12 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2019-07-10 10:12 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-07-10 10:12 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-07-10 10:12 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-07-10 10:12 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-07-10 10:12 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-07-10 10:12 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-07-10 10:12 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-07-10 10:12 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 10:12 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-28 16:19 - 2018-12-16 15:50 - 000000000 ____D C:\FRST
2019-07-28 16:19 - 2018-05-12 18:42 - 000000000 ____D C:\Users\YMER\AppData\LocalLow\Mozilla
2019-07-28 15:55 - 2018-05-12 18:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-28 15:55 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-28 15:15 - 2019-03-28 02:16 - 000003176 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-28 15:15 - 2018-12-20 08:27 - 000003400 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-28 15:15 - 2018-05-13 09:14 - 000002896 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2019-07-28 15:15 - 2018-05-13 09:14 - 000002444 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2019-07-28 15:15 - 2018-05-13 09:14 - 000002392 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2019-07-28 15:15 - 2018-05-13 09:14 - 000002388 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2019-07-28 15:15 - 2018-05-13 09:14 - 000002374 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2019-07-28 15:15 - 2018-05-13 09:14 - 000002370 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2019-07-28 13:51 - 2018-05-12 23:25 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-07-28 10:44 - 2018-05-12 18:27 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-28 10:43 - 2018-05-12 18:24 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-28 10:43 - 2018-04-12 17:51 - 000715034 _____ C:\Windows\system32\perfh005.dat
2019-07-28 10:43 - 2018-04-12 17:51 - 000144328 _____ C:\Windows\system32\perfc005.dat
2019-07-28 10:43 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-07-28 10:38 - 2018-11-23 20:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-28 10:38 - 2018-05-12 18:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-28 00:18 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-07-25 19:45 - 2019-03-10 00:21 - 000000000 _____ C:\end
2019-07-25 18:41 - 2018-05-12 23:25 - 000387896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-07-25 06:35 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-07-22 17:58 - 2018-05-12 18:21 - 000000000 ____D C:\Users\YMER
2019-07-22 16:41 - 2018-06-14 07:31 - 000000000 ____D C:\Users\YMER\AppData\Local\CrashDumps
2019-07-22 14:41 - 2019-02-22 16:45 - 000279336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-07-22 14:41 - 2019-01-14 23:51 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-07-22 14:41 - 2019-01-08 17:06 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-07-22 14:41 - 2019-01-08 17:06 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-07-22 14:41 - 2019-01-08 17:06 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-07-22 14:41 - 2018-10-24 08:46 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000003990 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-22 14:41 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-07-22 14:39 - 2018-12-16 15:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-21 12:06 - 2018-12-16 13:56 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-17 17:06 - 2018-05-14 20:38 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-17 17:06 - 2018-05-14 20:38 - 000002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-14 09:42 - 2018-05-12 18:16 - 001717936 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-13 22:45 - 2018-08-23 21:47 - 000001382 _____ C:\Users\Public\Desktop\Skype.lnk
2019-07-13 22:45 - 2018-08-23 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-13 18:47 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\setup
2019-07-11 11:33 - 2017-11-22 01:24 - 000000000 ____D C:\Users\YMER\Documents\Tickets
2019-07-10 22:26 - 2018-05-12 18:21 - 000000000 __RHD C:\Users\YMER\3D Objects
2019-07-10 22:26 - 2018-05-12 18:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 12:29 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellComponents
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Provisioning
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-07-10 12:29 - 2018-04-11 23:04 - 000000000 ____D C:\Windows\system32\Dism
2019-07-10 10:16 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-07-10 10:12 - 2018-05-12 22:26 - 000000000 ____D C:\Windows\system32\MRT
2019-07-10 10:10 - 2018-05-12 22:25 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-04 06:43 - 2018-05-12 19:15 - 000407784 __RSH C:\bootmgr

==================== Files in the root of some directories ================

2018-05-28 23:58 - 2019-04-28 01:06 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2019-03-30 23:49 - 2019-03-30 23:53 - 000002971 _____ () C:\Users\YMER\AppData\Roaming\downloads.json
2018-11-05 16:33 - 2018-11-05 16:33 - 000001013 _____ () C:\Users\YMER\AppData\Roaming\pictur.jpeg
2019-04-21 11:22 - 2019-04-21 11:22 - 000003584 _____ () C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-25 20:16 - 2018-12-25 20:16 - 000000000 ___SH () C:\Users\YMER\AppData\Local\LumaEmu
2018-05-12 20:18 - 2018-05-12 20:18 - 000000017 _____ () C:\Users\YMER\AppData\Local\resmon.resmoncfg

==================== FLock ================

2018-05-12 18:19 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by YMER (28-07-2019 16:21:13)
Running from E:\YMER\Desktop
Windows 10 Education Version 1803 17134.885 (X64) (2018-05-12 16:18:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-169180647-2445698039-3035944160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169180647-2445698039-3035944160-503 - Limited - Disabled)
Guest (S-1-5-21-169180647-2445698039-3035944160-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-169180647-2445698039-3035944160-504 - Limited - Disabled)
YMER (S-1-5-21-169180647-2445698039-3035944160-1001 - Administrator - Enabled) => C:\Users\YMER

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Age of Empires: Definitive Edition [FULL REMOVAL] (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\{1F36588A-148D-4BED-AD83-12C63E1F780E}_is1) (Version: 1.3.5101.2 - Microsoft Studios)
Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Syndicate (HKLM-x32\...\Assassins Creed - Syndicate_is1) (Version: 1.12.0.0 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Batman Arkham Knight (HKLM-x32\...\Batman Arkham Knight_is1) (Version: 1.0.4.5 - Релиз от R.G. Steamgames)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Commandos III (HKLM-x32\...\{995B6371-8B64-4DBB-B63E-3B9FC6C58A00}) (Version: 1.00.000 - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Divinity: Original Sin Enhanced Edition (2.0.119.430_(hotfix)) (HKLM-x32\...\1445516929_is1) (Version: 0.1.1.310 - GOG.com)
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.4.0 - IObit)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.3.1 - Hotger)
Folder Lock (HKLM-x32\...\Folder Lock) (Version: - New Softwares.net)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.43.5305 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Icecream Screen Recorder verze 5.30 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.30 - Icecream Apps)
Intel(R) Update Manager (HKLM-x32\...\{AA8BC571-E96E-4478-927F-CB44CC7D7D07}) (Version: 3.5.2247 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.5.2.400 - Intel Corporation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - )
Mozilla Firefox 68.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 68.0.1 (x64 cs)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
Sentinel Protection Installer 7.6.5 (HKLM-x32\...\{DE09967A-E9E2-4562-A58D-989CA70FA65E}) (Version: 7.6.5 - SafeNet, Inc.)
Skype verze 8.49 (HKLM-x32\...\Skype_is1) (Version: 8.49 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{F7773180-1A27-11E7-864D-C2A106E0D44C}) (Version: 14.0.252 - VEGAS)
WebM Project Directshow Filters (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows KMS Activator Ultimate 2019 4.5 (HKLM\...\Windows KMS Activator Ultimate 2019 4.5_is1) (Version: 4.5 - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinTools.net Premium version 18.3.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.3.1 - WinTools Software Engineering, Ltd.)
Wolfenstein The Old Blood (HKLM-x32\...\{1A6EABD2-7063-4879-909C-D2C567DE5AB9}) (Version: 1.0.0 - Bethesda)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

Packages:
=========
Age of Empires: Definitive Edition -> C:\Users\YMER\UniversalApps\Age of Empires Definitive Edition [2018-05-13] (Microsoft Studios)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.2.173.0_x64__rz1tebttyb220 [2018-05-12] (Dolby Laboratories)
EdgeDevtoolsPlugin -> C:\Windows\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2018-09-08] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_30.1604.3938.0_x86__8xx8rvfyw5nnt [2018-07-05] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x86__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
MPEG2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.6.0_x64__8wekyb3d8bbwe [2018-08-21] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.24.11294.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21295.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2011-09-22 01:03 - 2011-09-22 01:03 - 000221184 _____ (SafeNet, Inc.) [File not signed] C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\MD5CHAP.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-01-04 20:48 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-169180647-2445698039-3035944160-1001\Control Panel\Desktop\\Wallpaper -> E:\YMER\Downloads\space_dream.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "LWS"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrace produktu.lnk"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "WinFLTray"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "FLBackup"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> )
FirewallRules: [TCP Query User{9CC264C7-A724-4A17-B5E2-2DC55958B989}E:\ymer\appdata\roaming\utorrent\utorrent.exe] => (Allow) E:\ymer\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{8076AA0B-D54B-4519-B483-2683973B12E4}E:\ymer\appdata\roaming\utorrent\utorrent.exe] => (Allow) E:\ymer\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1E74BCD0-1DDC-4A02-94C0-248432757734}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{81E73763-65A6-4728-90D2-FA284683CB41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{FB600992-DB5B-4089-B1D1-F5E3B5628ECF}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{09799398-045D-4372-90AF-B687258EF541}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{E0E98292-19D0-4908-A1E6-85D174BD5CB8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E8724A30-F49C-4523-B27F-C5EE2DB8D87C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8BE7BDBE-961F-424F-B862-D02B04DD896B}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{BDBE58D0-9D03-4302-9205-CA498D8F30D4}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{075EFF2E-0864-4F96-9260-4D494470675E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0571D62C-24D6-415C-AE9D-434F041AB26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7AC80EB-9BEE-4AC6-B595-10C35778C6DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CA790C4-1511-4D12-B644-39EF1FA6CBC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2FF1CA7F-544A-48E2-84A3-BD453E05EA30}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D377EB3B-A0D9-44DC-8B5D-05AD8B64A629}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{1B473C89-987B-4CFC-8FAE-CC37A37E156D}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{E3D70879-BE59-4DA1-A415-00AA1111EFAD}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [{37BDB13B-2DD9-4B63-9A53-E7272750605E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C7452D39-903B-4898-83D7-9397CD15AF59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E173D714-A66D-408E-923D-6FA2841C2FCC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{872ECFA6-2368-46F3-95DA-6CAC8A5102AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FD978F39-CB2D-4BAA-8E9A-4262DA6F4825}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7D383B14-0B8A-49B4-AD08-521E3C8B872F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DF86EB55-793E-4326-9722-2FF2F00E99B9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{C6ABAC0F-526E-486A-B5FE-B10A1637C551}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{E6927D0B-6929-42C3-A2A0-7FA62DAC7C68}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{60276C61-D568-45DB-BAFB-70202FD11157}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [TCP Query User{820311FB-A5B6-4329-9C95-20EC0DEA16FF}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{F41A292A-E85A-4AD1-8E1F-D78A9C2ECD98}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [TCP Query User{C9560EE3-43E7-416B-AD1D-B1B723E2F153}C:\program files (x86)\eidos\commandos iii\commandos3.exe] => (Block) C:\program files (x86)\eidos\commandos iii\commandos3.exe () [File not signed]
FirewallRules: [UDP Query User{C5576710-8E09-4564-93E9-CC7051655CB9}C:\program files (x86)\eidos\commandos iii\commandos3.exe] => (Block) C:\program files (x86)\eidos\commandos iii\commandos3.exe () [File not signed]
FirewallRules: [{957C4D20-C068-4E4A-95B6-3829737E4B3A}] => (Allow) E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1FBF9AFF-1728-45C4-B32E-DA89A829E3D2}] => (Allow) E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7F17FB02-11F2-44CE-974D-FD3833507644}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc. -> SafeNet, Inc)
FirewallRules: [{EF8A0F2F-D088-4905-9FD0-280FDA559534}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc. -> SafeNet, Inc)
FirewallRules: [{59B67373-67EA-4E99-9901-8A8A44DE82CB}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc. -> SafeNet, Inc.)
FirewallRules: [{53C4BBF3-BD70-45B9-B9A0-C20F710E9CC0}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc. -> SafeNet, Inc.)
FirewallRules: [{39E80BF1-4733-4485-A038-0F1DD1DF5314}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [TCP Query User{B278306A-B4D5-4856-8AAF-5CB71188301E}E:\ymer\desktop\rlmserver\rlm.exe] => (Block) E:\ymer\desktop\rlmserver\rlm.exe No File
FirewallRules: [UDP Query User{3E2BDB1F-2C82-4E34-819D-D38AC5AF83AC}E:\ymer\desktop\rlmserver\rlm.exe] => (Block) E:\ymer\desktop\rlmserver\rlm.exe No File
FirewallRules: [TCP Query User{912FBEA4-9D58-49BF-9995-9FB8FE63955F}E:\ymer\desktop\rlm.exe] => (Allow) E:\ymer\desktop\rlm.exe No File
FirewallRules: [UDP Query User{0AD1FA04-464B-40E8-BE7F-AA0460F6EA34}E:\ymer\desktop\rlm.exe] => (Allow) E:\ymer\desktop\rlm.exe No File
FirewallRules: [{A43884FE-C6B4-4857-A169-67F354715A8F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F9F3C3D-5823-473B-8EA8-4F176E5EA732}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48D49ECF-ECD4-4CAE-9C75-EFE62E0D1AA5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

13-07-2019 20:07:47 Odebráno: GibbsCAM 2016 64-bit v11.3.7.0cs-CZ
20-07-2019 22:05:16 Naplánovaný kontrolní bod
28-07-2019 11:06:22 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2019 10:44:40 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/28/2019 10:44:00 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/28/2019 10:39:09 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/28/2019 10:39:07 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/27/2019 02:20:39 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/27/2019 02:16:08 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/27/2019 02:16:06 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/26/2019 01:12:06 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

System errors:
=============
Error: (07/28/2019 10:44:40 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Došlo k chybě:
5
při provádění příkazu:
C:\Windows\system32\SppExtComObj.exe -Embedding

Error: (07/28/2019 10:44:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/28/2019 10:44:00 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Došlo k chybě:
5
při provádění příkazu:
C:\Windows\system32\SppExtComObj.exe -Embedding

Error: (07/28/2019 10:39:09 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Došlo k chybě:
5
při provádění příkazu:
C:\Windows\system32\SppExtComObj.exe -Embedding

Error: (07/28/2019 10:39:07 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Došlo k chybě:
5
při provádění příkazu:
C:\Windows\system32\SppExtComObj.exe -Embedding

Error: (07/28/2019 12:18:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Uživatelská služba nabízených oznámení Windows_3ee970f bylo dosaženo časového limitu (30000 ms).

Error: (07/28/2019 12:18:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_3ee970f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/27/2019 02:20:39 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Došlo k chybě:
5
při provádění příkazu:
C:\Windows\system32\SppExtComObj.exe -Embedding

Windows Defender:
===================================
Date: 2018-08-12 13:53:08.881
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C31CD767-0A7D-481B-BC3E-6EA8999EB489}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-28 02:49:36.526
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {40FD5BC1-3BE3-45B2-91AE-87528C0A660B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-00MKO9B\YMER

Date: 2018-07-27 20:42:31.127
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:57.974
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:43.866
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

==================== Memory info ===========================

BIOS: Award Software International, Inc. FI 11/01/2010
Motherboard: Gigabyte Technology Co., Ltd. P55-UD3L
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 54%
Total physical RAM: 8183.49 MB
Available physical RAM: 3694.14 MB
Total Virtual: 9783.49 MB
Available Virtual: 5622.63 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:223.58 GB) (Free:25.01 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (HDD) (Fixed) (Total:931.41 GB) (Free:336.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0201E900)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7F2C3E95)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#2 Příspěvek od **Conder** » 29 črc 2019 03:07

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

toox · #3 Příspěvek od **toox** » 29 črc 2019 22:02

Ahoj tady je log

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-29-2019
# Duration: 00:00:01
# OS: Windows 10 Education
# Cleaned: 8
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\IOBIT\Driver Booster
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\YMER\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\YMER\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1268 octets] - [16/12/2018 18:29:21]
AdwCleaner[C00].txt - [1434 octets] - [16/12/2018 18:29:32]
AdwCleaner[S01].txt - [1390 octets] - [03/03/2019 19:59:53]
AdwCleaner[C01].txt - [1556 octets] - [03/03/2019 20:00:08]
AdwCleaner[S02].txt - [2116 octets] - [29/07/2019 23:01:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

#4 Příspěvek od **Conder** » 29 črc 2019 22:08

Odporucam nepouzivat a odinstalovat vsetky programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd.) - su to cinske smejdy, ktore mozu poskodit system.

Poprosim o obidva nove logy z FRST.

toox · #5 Příspěvek od **toox** » 29 črc 2019 22:19

Řekl bych že jsem tyhle programy už smazal

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2019
Ran by YMER (administrator) on DESKTOP-00MKO9B (Gigabyte Technology Co., Ltd. P55-UD3L) (29-07-2019 23:18:17)
Running from E:\YMER\Desktop
Loaded Profiles: YMER (Available Profiles: YMER)
Platform: Windows 10 Education Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(ManyCam -> Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NewSoftwares.net, Inc SDN. BHD. -> NewSoftwares.net) C:\Windows\SysWOW64\WinFLService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [uTorrent] => E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe [1983672 2018-04-18] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-07-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-17] (Google LLC -> Google LLC)
IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1AC345DB-4580-4478-AC2F-20113B9AFBCB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3ACCC9F8-B9D3-4120-8B9D-9AEA1940A74A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {51E12E58-4570-47BF-A1F9-C77C912514D9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {71D05E32-FE43-454E-8CF0-C6884B323213} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {72269900-38AC-424A-A4C5-D240FD6A71F0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {79D688C3-C226-4A6E-9C5A-82BB92E210C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A31E0422-AE8C-4A3E-8D0E-3C2E147358E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA275E91-D49A-4015-8201-246518447F57} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E884A262-B17B-4797-870F-273D05121EF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBD9B64B-B57D-4380-852D-5A60FC817FEF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE287196-5399-4B11-B186-3251014985CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {FA211A20-E0C1-4156-8016-4AF3CC92CCF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{befebb7f-74f7-44af-93c9-456282bae772}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

FireFox:
========
FF DefaultProfile: orxdtu8e.default-1544966886308
FF ProfilePath: C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 [2019-07-29]
FF Extension: (Pinned Google Drive) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2019-05-19]
FF Extension: (Double-click Image Downloader) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\jid1-xgtdawe3yyUeBQ@jetpack.xpi [2019-07-12]
FF Extension: (Avast Online Security) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\wrc@avast.com.xpi [2019-07-23] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Blue Mozilla Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{250785ec-4aec-42b6-823f-05343d80e109}.xpi [2019-06-04]
FF Extension: (have a fox dream) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{3f1aff6b-0363-410f-b81b-9a286ffb4b10}.xpi [2019-05-13]
FF Extension: (Beach) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7668c7ca-266d-42af-8bb0-fff91d127aaf}.xpi [2019-05-14]
FF Extension: (YouTube High Definition) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2019-07-10]
FF Extension: (Mozilla: Firefox OS) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2019-07-12]
FF Extension: (esafox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-06-02]
FF Extension: (Complete Black Theme for Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{c161a71c-fb42-4608-b001-5634b3f59a8b}.xpi [2019-06-04]
FF Extension: (No Name) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-28] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-28] (Adobe Inc. -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-21]
CHR Extension: (Prezentace) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-10]
CHR Extension: (Dokumenty) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-12]
CHR Extension: (Disk Google) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (YouTube) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-12]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-07]
CHR Extension: (Tabulky) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-12]
CHR Extension: (Avast Online Security) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-10]
CHR Extension: (Gmail) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; E:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 FLService; C:\Windows\SysWOW64\WinFLService.exe [94728 2018-10-01] (NewSoftwares.net, Inc SDN. BHD. -> NewSoftwares.net)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (ManyCam -> Visicom Media Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5073792 2019-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\Windows\System32\OpenSSH\sshd.exe [970240 2018-05-20] (Microsoft Windows -> )
S3 SshdBroker; C:\Windows\System32\SshdBroker.dll [285696 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [118088 2019-04-20] (Alcorlink Corp. -> )
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279336 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387896 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2018-07-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2018-05-24] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-11-07] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-07-27] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-24] (Martin Malik - REALiX -> REALiX(tm))
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2018-10-01] (NewSoftwares.net Inc. SDN. BHD. -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2019-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1138136 2019-04-20] (Realtek Semiconductor Corp. -> Realtek )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [56840 2019-04-20] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-10] (Microsoft Windows -> Microsoft Corporation)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36472 2018-10-01] (Newsoftwares.net, Inc SDN BHD -> )
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2018-10-01] (NewSoftwares.net Inc. SDN. BHD. -> NewSoftwares.net, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-22 14:41 - 2019-07-22 14:41 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-22 14:41 - 2019-07-22 14:41 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-07-22 14:41 - 2019-07-22 14:41 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-20 21:08 - 2019-07-21 12:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-13 19:03 - 2019-07-13 19:59 - 000000000 ____D C:\ProgramData\Reprise
2019-07-13 19:00 - 2019-07-13 19:00 - 000000110 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2019-07-13 19:00 - 2019-07-13 19:00 - 000000000 ____D C:\Users\YMER\AppData\Roaming\3D Systems
2019-07-13 19:00 - 2019-07-13 19:00 - 000000000 ____D C:\Users\YMER\AppData\Local\3D Systems
2019-07-13 18:56 - 2019-07-13 18:56 - 000000000 ____D C:\Users\YMER\AppData\Local\3D_Systems
2019-07-13 18:50 - 2019-07-13 18:50 - 000000000 ____D C:\ProgramData\3D Systems
2019-07-13 18:50 - 2019-07-13 18:50 - 000000000 ____D C:\Program Files\3D Systems
2019-07-13 18:47 - 2019-07-13 18:47 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2019-07-13 18:47 - 2013-08-01 15:11 - 004609928 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe
2019-07-13 18:47 - 2013-08-01 15:11 - 004609928 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe
2019-07-13 18:47 - 2013-08-01 15:11 - 000331328 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys
2019-07-13 18:47 - 2013-08-01 15:11 - 000198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll
2019-07-13 18:47 - 2013-08-01 15:11 - 000140736 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys
2019-07-13 18:47 - 2013-08-01 15:11 - 000091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys
2019-07-13 18:47 - 2009-09-17 07:05 - 000145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys
2019-07-13 18:46 - 2019-07-13 18:46 - 000000000 ____D C:\Users\YMER\Documents\Downloaded Installations
2019-07-10 10:13 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-07-10 10:13 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2019-07-10 10:13 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-10 10:13 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 10:13 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-07-10 10:13 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2019-07-10 10:13 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 10:13 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2019-07-10 10:13 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-07-10 10:13 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-07-10 10:13 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-10 10:13 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-10 10:13 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-07-10 10:13 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2019-07-10 10:13 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-10 10:13 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-07-10 10:13 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2019-07-10 10:13 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-10 10:13 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2019-07-10 10:13 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-07-10 10:13 - 2019-06-13 12:11 - 001539896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-07-10 10:13 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll
2019-07-10 10:13 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-07-10 10:13 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-07-10 10:13 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2019-07-10 10:13 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2019-07-10 10:13 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2019-07-10 10:13 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 10:13 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 10:13 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 10:13 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-07-10 10:13 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2019-07-10 10:13 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2019-07-10 10:13 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 10:13 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 10:13 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-10 10:13 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 10:12 - 2019-07-04 11:45 - 001786680 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-07-10 10:12 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-07-10 10:12 - 2019-07-04 11:41 - 000304144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2019-07-10 10:12 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-07-10 10:12 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-07-10 10:12 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-07-10 10:12 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-07-10 10:12 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2019-07-10 10:12 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-10 10:12 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-07-10 10:12 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-10 10:12 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-07-10 10:12 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-07-10 10:12 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-07-10 10:12 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-07-10 10:12 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-07-10 10:12 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-10 10:12 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-07-10 10:12 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-07-10 10:12 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-07-10 10:12 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-07-10 10:12 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-07-10 10:12 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-10 10:12 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-10 10:12 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-07-10 10:12 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2019-07-10 10:12 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-07-10 10:12 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-07-10 10:12 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-07-10 10:12 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-07-10 10:12 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2019-07-10 10:12 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-07-10 10:12 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-10 10:12 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-07-10 10:12 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-10 10:12 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-07-10 10:12 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-07-10 10:12 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-07-10 10:12 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-07-10 10:12 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2019-07-10 10:12 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-07-10 10:12 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-10 10:12 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 10:12 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-07-10 10:12 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-07-10 10:12 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-07-10 10:12 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-07-10 10:12 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-07-10 10:12 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-07-10 10:12 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-07-10 10:12 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-10 10:12 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-07-10 10:12 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-07-10 10:12 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-10 10:12 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-07-10 10:12 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-07-10 10:12 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-07-10 10:12 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-10 10:12 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-07-10 10:12 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2019-07-10 10:12 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-07-10 10:12 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2019-07-10 10:12 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-07-10 10:12 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-10 10:12 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-10 10:12 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-07-10 10:12 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-07-10 10:12 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-07-10 10:12 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-07-10 10:12 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2019-07-10 10:12 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2019-07-10 10:12 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-10 10:12 - 2019-07-04 05:01 - 000001312 _____ C:\Windows\system32\tcbres.wim
2019-07-10 10:12 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-07-10 10:12 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-10 10:12 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-10 10:12 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-10 10:12 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-10 10:12 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-10 10:12 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-10 10:12 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-10 10:12 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-07-10 10:12 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-10 10:12 - 2019-06-13 13:43 - 001427984 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-07-10 10:12 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 10:12 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-07-10 10:12 - 2019-06-13 13:42 - 002266936 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-07-10 10:12 - 2019-06-13 13:42 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-07-10 10:12 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2019-07-10 10:12 - 2019-06-13 13:41 - 001626936 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-07-10 10:12 - 2019-06-13 13:41 - 000830264 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2019-07-10 10:12 - 2019-06-13 13:41 - 000825144 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-07-10 10:12 - 2019-06-13 13:41 - 000670008 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2019-07-10 10:12 - 2019-06-13 13:40 - 000749880 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-07-10 10:12 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-10 10:12 - 2019-06-13 13:40 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2019-07-10 10:12 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2019-07-10 10:12 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2019-07-10 10:12 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2019-07-10 10:12 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2019-07-10 10:12 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-10 10:12 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2019-07-10 10:12 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-07-10 10:12 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-10 10:12 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2019-07-10 10:12 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2019-07-10 10:12 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2019-07-10 10:12 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2019-07-10 10:12 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2019-07-10 10:12 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-07-10 10:12 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2019-07-10 10:12 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-07-10 10:12 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2019-07-10 10:12 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-07-10 10:12 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\DesktopSwitcherDataModel.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-07-10 10:12 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2019-07-10 10:12 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2019-07-10 10:12 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2019-07-10 10:12 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-07-10 10:12 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2019-07-10 10:12 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 10:12 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-07-10 10:12 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-07-10 10:12 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-10 10:12 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2019-07-10 10:12 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2019-07-10 10:12 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-07-10 10:12 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-07-10 10:12 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-07-10 10:12 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2019-07-10 10:12 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2019-07-10 10:12 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-10 10:12 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-07-10 10:12 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-07-10 10:12 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2019-07-10 10:12 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-07-10 10:12 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2019-07-10 10:12 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-07-10 10:12 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-07-10 10:12 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-07-10 10:12 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-10 10:12 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-07-10 10:12 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-07-10 10:12 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-10 10:12 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2019-07-10 10:12 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-07-10 10:12 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2019-07-10 10:12 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-07-10 10:12 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-07-10 10:12 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-07-10 10:12 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2019-07-10 10:12 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\KdsCli.dll
2019-07-10 10:12 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-07-10 10:12 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-10 10:12 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-07-10 10:12 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
2019-07-10 10:12 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-07-10 10:12 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-07-10 10:12 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-07-10 10:12 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2019-07-10 10:12 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2019-07-10 10:12 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-07-10 10:12 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2019-07-10 10:12 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-07-10 10:12 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-07-10 10:12 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-07-10 10:12 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-07-10 10:12 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-07-10 10:12 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 10:12 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-07-10 10:12 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-07-10 10:12 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-07-10 10:12 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2019-07-10 10:12 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-07-10 10:12 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-10 10:12 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-07-10 10:12 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-07-10 10:12 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2019-07-10 10:12 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2019-07-10 10:12 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2019-07-10 10:12 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-07-10 10:12 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-07-10 10:12 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-07-10 10:12 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-07-10 10:12 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-07-10 10:12 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-07-10 10:12 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-07-10 10:12 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 10:12 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-29 23:18 - 2018-12-16 15:50 - 000000000 ____D C:\FRST
2019-07-29 23:17 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-29 23:08 - 2018-05-12 18:24 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-29 23:08 - 2018-04-12 17:51 - 000715034 _____ C:\Windows\system32\perfh005.dat
2019-07-29 23:08 - 2018-04-12 17:51 - 000144328 _____ C:\Windows\system32\perfc005.dat
2019-07-29 23:08 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-07-29 23:03 - 2018-05-12 18:42 - 000000000 ____D C:\Users\YMER\AppData\LocalLow\Mozilla
2019-07-29 23:02 - 2018-11-23 20:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-29 23:02 - 2018-05-12 18:27 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-29 23:02 - 2018-05-12 18:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-29 23:02 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-07-29 23:01 - 2018-05-24 16:30 - 000000000 ____D C:\ProgramData\IObit
2019-07-29 23:01 - 2018-05-24 16:30 - 000000000 ____D C:\Program Files (x86)\IObit
2019-07-29 23:01 - 2018-05-24 16:29 - 000000000 ____D C:\Users\YMER\AppData\Roaming\IObit
2019-07-29 22:48 - 2018-05-12 18:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-29 22:48 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-07-29 12:04 - 2018-05-13 09:14 - 000002896 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2019-07-29 12:04 - 2018-05-13 09:14 - 000002444 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2019-07-29 12:04 - 2018-05-13 09:14 - 000002392 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2019-07-29 12:04 - 2018-05-13 09:14 - 000002388 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2019-07-29 12:04 - 2018-05-13 09:14 - 000002374 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2019-07-29 12:04 - 2018-05-13 09:14 - 000002370 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2019-07-29 11:41 - 2018-05-12 23:25 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-07-28 21:53 - 2018-05-13 11:09 - 000000000 ____D C:\Users\YMER\AppData\Roaming\Geek Uninstaller
2019-07-28 21:50 - 2019-03-29 16:49 - 000001039 _____ C:\Users\Public\Desktop\WinRAR.lnk
2019-07-28 21:50 - 2018-11-01 14:04 - 000000000 ____D C:\Users\YMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-28 21:50 - 2018-11-01 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-28 21:50 - 2018-11-01 14:04 - 000000000 ____D C:\Program Files\WinRAR
2019-07-28 21:50 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-28 21:50 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-28 19:44 - 2018-07-16 16:43 - 000000000 ____D C:\Users\YMER\AppData\Local\ManyCam
2019-07-25 18:41 - 2018-05-12 23:25 - 000387896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-07-22 17:58 - 2018-05-12 18:21 - 000000000 ____D C:\Users\YMER
2019-07-22 16:41 - 2018-06-14 07:31 - 000000000 ____D C:\Users\YMER\AppData\Local\CrashDumps
2019-07-22 14:41 - 2019-02-22 16:45 - 000279336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-07-22 14:41 - 2019-01-14 23:51 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-07-22 14:41 - 2019-01-08 17:06 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-07-22 14:41 - 2019-01-08 17:06 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-07-22 14:41 - 2019-01-08 17:06 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-07-22 14:41 - 2018-10-24 08:46 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-07-22 14:41 - 2018-05-12 23:25 - 000003990 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-22 14:41 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-07-22 14:39 - 2018-12-16 15:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-21 12:06 - 2018-12-16 13:56 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-17 17:06 - 2018-05-14 20:38 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-17 17:06 - 2018-05-14 20:38 - 000002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-14 09:42 - 2018-05-12 18:16 - 001717936 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-13 22:45 - 2018-08-23 21:47 - 000001382 _____ C:\Users\Public\Desktop\Skype.lnk
2019-07-13 22:45 - 2018-08-23 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-13 18:47 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\setup
2019-07-11 11:33 - 2017-11-22 01:24 - 000000000 ____D C:\Users\YMER\Documents\Tickets
2019-07-10 22:26 - 2018-05-12 18:21 - 000000000 __RHD C:\Users\YMER\3D Objects
2019-07-10 22:26 - 2018-05-12 18:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 12:29 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellComponents
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Provisioning
2019-07-10 12:29 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-07-10 12:29 - 2018-04-11 23:04 - 000000000 ____D C:\Windows\system32\Dism
2019-07-10 10:16 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-07-10 10:12 - 2018-05-12 22:26 - 000000000 ____D C:\Windows\system32\MRT
2019-07-10 10:10 - 2018-05-12 22:25 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-04 06:43 - 2018-05-12 19:15 - 000407784 __RSH C:\bootmgr

==================== Files in the root of some directories ================

2018-05-28 23:58 - 2019-04-28 01:06 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2019-03-30 23:49 - 2019-03-30 23:53 - 000002971 _____ () C:\Users\YMER\AppData\Roaming\downloads.json
2018-11-05 16:33 - 2018-11-05 16:33 - 000001013 _____ () C:\Users\YMER\AppData\Roaming\pictur.jpeg
2019-04-21 11:22 - 2019-04-21 11:22 - 000003584 _____ () C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-25 20:16 - 2018-12-25 20:16 - 000000000 ___SH () C:\Users\YMER\AppData\Local\LumaEmu
2018-05-12 20:18 - 2018-05-12 20:18 - 000000017 _____ () C:\Users\YMER\AppData\Local\resmon.resmoncfg

==================== FLock ================

2018-05-12 18:19 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by YMER (29-07-2019 23:19:40)
Running from E:\YMER\Desktop
Windows 10 Education Version 1803 17134.885 (X64) (2018-05-12 16:18:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-169180647-2445698039-3035944160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169180647-2445698039-3035944160-503 - Limited - Disabled)
Guest (S-1-5-21-169180647-2445698039-3035944160-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-169180647-2445698039-3035944160-504 - Limited - Disabled)
YMER (S-1-5-21-169180647-2445698039-3035944160-1001 - Administrator - Enabled) => C:\Users\YMER

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Age of Empires: Definitive Edition [FULL REMOVAL] (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\{1F36588A-148D-4BED-AD83-12C63E1F780E}_is1) (Version: 1.3.5101.2 - Microsoft Studios)
Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Syndicate (HKLM-x32\...\Assassins Creed - Syndicate_is1) (Version: 1.12.0.0 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Batman Arkham Knight (HKLM-x32\...\Batman Arkham Knight_is1) (Version: 1.0.4.5 - Релиз от R.G. Steamgames)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Commandos III (HKLM-x32\...\{995B6371-8B64-4DBB-B63E-3B9FC6C58A00}) (Version: 1.00.000 - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Divinity: Original Sin Enhanced Edition (2.0.119.430_(hotfix)) (HKLM-x32\...\1445516929_is1) (Version: 0.1.1.310 - GOG.com)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.3.1 - Hotger)
Folder Lock (HKLM-x32\...\Folder Lock) (Version: - New Softwares.net)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.43.5305 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Icecream Screen Recorder verze 5.30 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.30 - Icecream Apps)
Intel(R) Update Manager (HKLM-x32\...\{AA8BC571-E96E-4478-927F-CB44CC7D7D07}) (Version: 3.5.2247 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.5.2.400 - Intel Corporation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - )
Mozilla Firefox 68.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 68.0.1 (x64 cs)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.49 (HKLM-x32\...\Skype_is1) (Version: 8.49 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{F7773180-1A27-11E7-864D-C2A106E0D44C}) (Version: 14.0.252 - VEGAS)
WebM Project Directshow Filters (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows KMS Activator Ultimate 2019 4.5 (HKLM\...\Windows KMS Activator Ultimate 2019 4.5_is1) (Version: 4.5 - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 18.3.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.3.1 - WinTools Software Engineering, Ltd.)
Wolfenstein The Old Blood (HKLM-x32\...\{1A6EABD2-7063-4879-909C-D2C567DE5AB9}) (Version: 1.0.0 - Bethesda)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

Packages:
=========
Age of Empires: Definitive Edition -> C:\Users\YMER\UniversalApps\Age of Empires Definitive Edition [2018-05-13] (Microsoft Studios)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.2.173.0_x64__rz1tebttyb220 [2018-05-12] (Dolby Laboratories)
EdgeDevtoolsPlugin -> C:\Windows\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2018-09-08] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_30.1604.3938.0_x86__8xx8rvfyw5nnt [2018-07-05] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x86__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
MPEG2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.6.0_x64__8wekyb3d8bbwe [2018-08-21] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.24.11294.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21295.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-01-04 20:48 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-169180647-2445698039-3035944160-1001\Control Panel\Desktop\\Wallpaper -> E:\YMER\Downloads\space_dream.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "LWS"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrace produktu.lnk"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "WinFLTray"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "FLBackup"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> )
FirewallRules: [TCP Query User{9CC264C7-A724-4A17-B5E2-2DC55958B989}E:\ymer\appdata\roaming\utorrent\utorrent.exe] => (Allow) E:\ymer\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{8076AA0B-D54B-4519-B483-2683973B12E4}E:\ymer\appdata\roaming\utorrent\utorrent.exe] => (Allow) E:\ymer\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1E74BCD0-1DDC-4A02-94C0-248432757734}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{81E73763-65A6-4728-90D2-FA284683CB41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{FB600992-DB5B-4089-B1D1-F5E3B5628ECF}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{09799398-045D-4372-90AF-B687258EF541}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{E0E98292-19D0-4908-A1E6-85D174BD5CB8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E8724A30-F49C-4523-B27F-C5EE2DB8D87C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8BE7BDBE-961F-424F-B862-D02B04DD896B}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{BDBE58D0-9D03-4302-9205-CA498D8F30D4}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{075EFF2E-0864-4F96-9260-4D494470675E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0571D62C-24D6-415C-AE9D-434F041AB26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7AC80EB-9BEE-4AC6-B595-10C35778C6DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CA790C4-1511-4D12-B644-39EF1FA6CBC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2FF1CA7F-544A-48E2-84A3-BD453E05EA30}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D377EB3B-A0D9-44DC-8B5D-05AD8B64A629}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{1B473C89-987B-4CFC-8FAE-CC37A37E156D}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{E3D70879-BE59-4DA1-A415-00AA1111EFAD}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [{37BDB13B-2DD9-4B63-9A53-E7272750605E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C7452D39-903B-4898-83D7-9397CD15AF59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E173D714-A66D-408E-923D-6FA2841C2FCC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{872ECFA6-2368-46F3-95DA-6CAC8A5102AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FD978F39-CB2D-4BAA-8E9A-4262DA6F4825}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7D383B14-0B8A-49B4-AD08-521E3C8B872F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DF86EB55-793E-4326-9722-2FF2F00E99B9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{C6ABAC0F-526E-486A-B5FE-B10A1637C551}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{E6927D0B-6929-42C3-A2A0-7FA62DAC7C68}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [{60276C61-D568-45DB-BAFB-70202FD11157}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [TCP Query User{820311FB-A5B6-4329-9C95-20EC0DEA16FF}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{F41A292A-E85A-4AD1-8E1F-D78A9C2ECD98}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [TCP Query User{C9560EE3-43E7-416B-AD1D-B1B723E2F153}C:\program files (x86)\eidos\commandos iii\commandos3.exe] => (Block) C:\program files (x86)\eidos\commandos iii\commandos3.exe () [File not signed]
FirewallRules: [UDP Query User{C5576710-8E09-4564-93E9-CC7051655CB9}C:\program files (x86)\eidos\commandos iii\commandos3.exe] => (Block) C:\program files (x86)\eidos\commandos iii\commandos3.exe () [File not signed]
FirewallRules: [{957C4D20-C068-4E4A-95B6-3829737E4B3A}] => (Allow) E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1FBF9AFF-1728-45C4-B32E-DA89A829E3D2}] => (Allow) E:\YMER\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{39E80BF1-4733-4485-A038-0F1DD1DF5314}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [{A43884FE-C6B4-4857-A169-67F354715A8F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F9F3C3D-5823-473B-8EA8-4F176E5EA732}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48D49ECF-ECD4-4CAE-9C75-EFE62E0D1AA5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

13-07-2019 20:07:47 Odebráno: GibbsCAM 2016 64-bit v11.3.7.0cs-CZ
20-07-2019 22:05:16 Naplánovaný kontrolní bod
28-07-2019 11:06:22 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/29/2019 11:07:51 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/29/2019 11:03:08 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/29/2019 11:03:06 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/29/2019 10:25:51 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/29/2019 10:21:06 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/29/2019 10:21:04 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/29/2019 10:42:17 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

Error: (07/29/2019 10:42:10 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: Stroji pravidel se nepodařilo provést některé naplánované akce.
Kód chyby:0x80070002
Cesta:<none>
Argumenty:<none>

System errors:
=============
Error: (07/29/2019 11:07:51 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Došlo k chybě:
5
při provádění příkazu:
C:\Windows\system32\SppExtComObj.exe -Embedding

Error: (07/29/2019 11:03:08 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Došlo k chybě:
5
při provádění příkazu:
C:\Windows\system32\SppExtComObj.exe -Embedding

Error: (07/29/2019 11:03:06 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Došlo k chybě:
5
při provádění příkazu:
C:\Windows\system32\SppExtComObj.exe -Embedding

Error: (07/29/2019 11:01:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (07/29/2019 11:01:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (07/29/2019 11:01:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/29/2019 11:01:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ManyCam Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/29/2019 11:01:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FLService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
===================================
Date: 2018-08-12 13:53:08.881
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C31CD767-0A7D-481B-BC3E-6EA8999EB489}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-28 02:49:36.526
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {40FD5BC1-3BE3-45B2-91AE-87528C0A660B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-00MKO9B\YMER

Date: 2018-07-27 20:42:31.127
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:57.974
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:43.866
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

==================== Memory info ===========================

BIOS: Award Software International, Inc. FI 11/01/2010
Motherboard: Gigabyte Technology Co., Ltd. P55-UD3L
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 45%
Total physical RAM: 8183.49 MB
Available physical RAM: 4456.11 MB
Total Virtual: 9719.49 MB
Available Virtual: 5564.53 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:223.58 GB) (Free:23.94 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (HDD) (Fixed) (Total:931.41 GB) (Free:336.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0201E900)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7F2C3E95)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#6 Příspěvek od **Conder** » 29 črc 2019 22:41

Zostali tam este nejake zvysky, ale precistime aj tie.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe
2019-07-29 23:01 - 2018-05-24 16:30 - 000000000 ____D C:\ProgramData\IObit
2019-07-29 23:01 - 2018-05-24 16:30 - 000000000 ____D C:\Program Files (x86)\IObit
2019-07-29 23:01 - 2018-05-24 16:29 - 000000000 ____D C:\Users\YMER\AppData\Roaming\IObit
2018-12-25 20:16 - 2018-12-25 20:16 - 000000000 ___SH () C:\Users\YMER\AppData\Local\LumaEmu
FirewallRules: [{DF86EB55-793E-4326-9722-2FF2F00E99B9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{C6ABAC0F-526E-486A-B5FE-B10A1637C551}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{E6927D0B-6929-42C3-A2A0-7FA62DAC7C68}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [{60276C61-D568-45DB-BAFB-70202FD11157}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\YMER\AppData\Local\IObit
C:\Users\YMER\AppData\LocalLow\IObit
C:\Users\YMER\AppData\Roaming\IObit
C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

toox · #7 Příspěvek od **toox** » 29 črc 2019 22:50

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by YMER (29-07-2019 23:48:15) Run:2
Running from E:\YMER\Desktop
Loaded Profiles: YMER (Available Profiles: YMER)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe
2019-07-29 23:01 - 2018-05-24 16:30 - 000000000 ____D C:\ProgramData\IObit
2019-07-29 23:01 - 2018-05-24 16:30 - 000000000 ____D C:\Program Files (x86)\IObit
2019-07-29 23:01 - 2018-05-24 16:29 - 000000000 ____D C:\Users\YMER\AppData\Roaming\IObit
2018-12-25 20:16 - 2018-12-25 20:16 - 000000000 ___SH () C:\Users\YMER\AppData\Local\LumaEmu
FirewallRules: [{DF86EB55-793E-4326-9722-2FF2F00E99B9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{C6ABAC0F-526E-486A-B5FE-B10A1637C551}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{E6927D0B-6929-42C3-A2A0-7FA62DAC7C68}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [{60276C61-D568-45DB-BAFB-70202FD11157}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\YMER\AppData\Local\IObit
C:\Users\YMER\AppData\LocalLow\IObit
C:\Users\YMER\AppData\Roaming\IObit
C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Get-ChildItem : Přístup k cestě C:\Users\YMER\AppData\Local\Data aplikací byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\A...l\Data aplikací:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\AppData\Local\History byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\AppData\Local\History:String) [Get-ChildItem], Unauthor
izedAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\A...che\Content.IE5:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\A...Low\Content.IE5:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\AppData\Local\Microsoft\Windows\Temporary Internet Files byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\A... Internet Files:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\AppData\Local\Temporary Internet Files byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\A... Internet Files:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programy byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\A...t Menu\Programy:String) [Get-ChildItem], Unauthoriz
edAccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Data aplikací byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Data aplikací:String) [Get-ChildItem], UnauthorizedAcce
ssException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Documents\Filmy byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Documents\Filmy:String) [Get-ChildItem], UnauthorizedAc
cessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Documents\Hudba byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Documents\Hudba:String) [Get-ChildItem], UnauthorizedAc
cessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Documents\Obrázky byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Documents\Obrázky:String) [Get-ChildItem], Unauthorized
AccessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Dokumenty byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Dokumenty:String) [Get-ChildItem], UnauthorizedAccessEx
ception
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Local Settings byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Local Settings:String) [Get-ChildItem], UnauthorizedAcc
essException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Nabídka Start byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Nabídka Start:String) [Get-ChildItem], UnauthorizedAcce
ssException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Okolní síť byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Okolní síť:String) [Get-ChildItem], UnauthorizedAccessE
xception
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Okolní tiskárny byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Okolní tiskárny:String) [Get-ChildItem], UnauthorizedAc
cessException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Poslední byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Poslední:String) [Get-ChildItem], UnauthorizedAccessExc
eption
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\SendTo byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\SendTo:String) [Get-ChildItem], UnauthorizedAccessExcep
tion
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Soubory cookie byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Soubory cookie:String) [Get-ChildItem], UnauthorizedAcc
essException
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Get-ChildItem : Přístup k cestě C:\Users\YMER\Šablony byl odepřen.
At C:\FRST\tmp.ps1:1 char:1
+ Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Meas ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (C:\Users\YMER\Šablony:String) [Get-ChildItem], UnauthorizedAccessExce
ption
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand

Measure-Object : The property "Length" cannot be found in the input for any objects.
At C:\FRST\tmp.ps1:1 char:66
+ ... OFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Measure-Object], PSArgumentException
+ FullyQualifiedErrorId : GenericMeasurePropertyNotFound,Microsoft.PowerShell.Commands.MeasureObjectCommand

========= End of Powershell: =========

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe => removed successfully
C:\ProgramData\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
C:\Users\YMER\AppData\Roaming\IObit => moved successfully
C:\Users\YMER\AppData\Local\LumaEmu => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF86EB55-793E-4326-9722-2FF2F00E99B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C6ABAC0F-526E-486A-B5FE-B10A1637C551}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6927D0B-6929-42C3-A2A0-7FA62DAC7C68}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60276C61-D568-45DB-BAFB-70202FD11157}" => removed successfully
"C:\Program Files\IObit" => not found
"C:\Program Files (x86)\IObit" => not found
"C:\Program Files\Common Files\IObit" => not found
"C:\ProgramData\IObit" => not found
C:\ProgramData\ProductData => moved successfully
"C:\Users\YMER\AppData\Local\IObit" => not found
C:\Users\YMER\AppData\LocalLow\IObit => moved successfully
"C:\Users\YMER\AppData\Roaming\IObit" => not found

=========== "C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========

=========== "C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Local\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
"C:\Users\Default\AppData\Roaming\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========

=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

C:\Windows\IObit => moved successfully
C:\Windows\Tasks\ImCleanDisabled => moved successfully
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 135012556 B
Java, Flash, Steam htmlcache => 1506 B
Windows/system/drivers => 16618265 B
Edge => 19456 B
Chrome => 299139190 B
Firefox => 1103854628 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15438 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
YMER => 5999137 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 23:49:22 ====

#8 Příspěvek od **Conder** » 29 črc 2019 23:08

Vyzera to OK. Su s PC nejake problemy?

toox · #9 Příspěvek od **toox** » 29 črc 2019 23:16

všechno je v pořádku , díky moc

#10 Příspěvek od **Conder** » 30 črc 2019 17:56

Tak este upraceme po pouzitych nastrojoch:

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

VIRY.CZ

Preventivní kontrola

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola