Prosím o kontrolu logu

Zpráva

#16 Příspěvek od **Conder** » 21 led 2020 22:46

OK, poprosim este o obidva nove logy z FRST.

kamistr · #17 Příspěvek od **kamistr** » 22 led 2020 02:33

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-01-2020
Ran by Kamil (22-01-2020 02:33:45)
Running from C:\Users\Kamil\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2012-04-18 17:26:20)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3867848799-1210266518-3605795662-500 - Administrator - Disabled)
Guest (S-1-5-21-3867848799-1210266518-3605795662-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3867848799-1210266518-3605795662-1002 - Limited - Enabled)
Kamil (S-1-5-21-3867848799-1210266518-3605795662-1000 - Administrator - Enabled) => C:\Users\Kamil

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
Adblock Plus pre IE (32-bitová verzia) (HKLM\...\{1C4B00CA-AA30-4A84-9BC0-1F4B52CB8A0A}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat Reader DC - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.321 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
AIDA64 Extreme Edition v2.30 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 2.30 - FinalWire Ltd.)
Aimersoft Helper Compact 2.5.1 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.1 - Aimersoft)
AIMP (HKLM\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam)
Aktualizácie NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
ANNO 1404 (HKLM\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft)
Anno 1404 (HKLM\...\{518A54AE-002F-406F-BB48-620676AB9960}) (Version: 1.00.0000 - Ubisoft) Hidden
Any DVD Converter Professional 4.0.3 (HKLM\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Apowersoft Online Launcher version 1.4.6 (HKLM\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED)
Apowersoft Video Konvertor V4.5.9 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.5.9 - APOWERSOFT LIMITED)
Apowersoft Video Stahovač V6.4.6 (HKLM\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.4.6 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 10 v.10.0.15 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
ASUS Bluetooth Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.02.000.60 - ASUS Communications)
ASUS nVidia Driver (HKLM\...\{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}) (Version: 1.00.0000 - ASUSTek) Hidden
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.61.1065 - AB Team, d.o.o.)
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4600 (HKLM\...\{9E0E1E3B-229C-4CF9-8A39-4455477327E4}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
C4600_NCL_Help (HKLM\...\{F39AB038-876C-4FAE-8D40-6A21632BF92D}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (HKLM\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.0 Build R3009 - Hagel Technologies Ltd)
ESET Security (HKLM\...\{A159EF1D-B3A2-441D-9731-06A345BF258F}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Etron USB3.0 Host Controller (HKLM\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HD Tune Pro 5.00 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{1E1746EF-F5BF-4677-8F30-04FE399130DA}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Quest III (HKLM\...\{34AF0799-8123-41BA-885A-BDEB157607F9}) (Version: 1.0.0 - LeeGTs Games)
LightScribe System Software (HKLM\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
MediaCoder 2011 (HKLM\...\MediaCoder) (Version: 2011 - Broad Intelligence)
MediaInfo 0.7.48 (HKLM\...\MediaInfo) (Version: 0.7.48 - MediaArea.net)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Encarta World Atlas 1998 Edition (HKLM\...\Encarta Virtual Globe 3.0) (Version: - )
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 72.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 72.0.1 (x86 sk)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
Mozilla Thunderbird 68.3.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 68.3.1 (x86 cs)) (Version: 68.3.1 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Need for Speed™ Undercover (HKLM\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia Suite (HKLM\...\{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}) (Version: 3.7.22.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
NVIDIA 3D Vision radič ovládača 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Opera 11.51 (HKLM\...\Opera 11.51.1087) (Version: 11.51.1087 - Opera Software ASA)
Ovládací panel NVIDIA 353.62 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.62 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Počítačový prístup k internetu Nokia (HKLM\...\{653A52D8-127C-476D-BAD9-27117A3A4959}) (Version: 2.0.1.3 - Nokia) Hidden
Počítačový prístup k internetu Nokia (HKLM\...\Nokia PC Internet Access) (Version: 2.0.1.3 - Nokia)
PS_AIO_05_C4600_Software_Min (HKLM\...\{1CA3A991-B03D-4C92-9922-315E5434E87B}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTransfer (HKLM\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
RogueKiller version 14.0.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.0.4.0 - Adlice Software)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verzia 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SmartWebPrinting (HKLM\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Status (HKLM\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander Ultima Prime 4.5.0.0 (HKLM\...\TC UP) (Version: 4.5.0.0 - ULTIMA PRIME)
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
UmmyVideoDownloader (HKLM\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.7.2.4 - ) <==== ATTENTION
Uninstall DS Clock (HKLM\...\DS Clock_is1) (Version: 1.5 - Duality Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UsbFix Anti-Malware Premium (HKLM\...\Usbfix) (Version: 11.0.2.6 - SOSVirus (SOSVirus.Net))
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Video Fixer 3.23 (HKLM\...\Video Fixer 3.23_is1) (Version: - video-fixer Inc.)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Bluetooth Suite\BtvAppExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Bluetooth Suite\ShellContextExt.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-10-14] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [TCUPShellExt] -> {544F5441-4C43-4D44-5550-5348454C4C00} => C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll [2008-01-30] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader\Help\ђусский.lnk -> C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\help\Ummy_rus.pdf () <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2012-12-21 15:29 - 2012-12-21 15:29 - 000110080 _____ () [File not signed] C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
2008-01-30 18:08 - 2008-01-30 18:08 - 000160256 _____ () [File not signed] C:\Program Files\TC UP\PLUGINS\Library\TCUPShellExt.dll
2012-04-18 19:46 - 2011-03-02 11:40 - 000140288 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2015-08-13 16:13 - 2016-10-14 19:34 - 001317960 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files\AIMP3\System\aimp_menu32.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000064672 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthCopyHook.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000033440 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BPP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000037024 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTBIP.DLL
2011-03-01 15:42 - 2011-03-01 15:42 - 000040096 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStore.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000036000 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtFileStoreOpp.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtObexFt.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000158880 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BTOBEXOP.dll
2011-03-01 15:42 - 2011-03-01 15:42 - 000154784 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\BtvAppExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\goep.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_bpp.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\GOEP_SINGLE.DLL
2011-03-01 15:43 - 2011-03-01 15:43 - 000076960 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Handsfree.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000101536 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\L2capLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000879776 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\OutLookLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000072864 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\RfcommLib.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000244384 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\ShellContextExt.dll
2011-03-01 15:43 - 2011-03-01 15:43 - 000068768 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\Sync.dll
2013-03-24 03:04 - 2007-10-15 15:18 - 000395264 _____ (Hagel Technologies Ltd) [File not signed] C:\Program Files\DU Meter\sqlite3.dll
2009-11-18 03:42 - 2009-11-18 03:42 - 000253568 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqcxs08.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000217728 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddcmn.dll
2009-11-18 03:16 - 2009-11-18 03:16 - 000137344 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddsvc.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000033792 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2010-06-16 12:45 - 2010-06-16 12:45 - 000110592 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2012-12-21 15:30 - 2012-12-21 15:30 - 000599552 _____ (Igor Pavlov) [File not signed] C:\Program Files\Nokia\Nokia Suite\7z.DLL
2013-08-17 08:15 - 2013-08-17 08:15 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2013-08-17 08:16 - 2013-08-17 08:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-12-21 15:28 - 2012-12-21 15:28 - 001106944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Nokia\Nokia Suite\libeay32.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15195365.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\75932084.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15195365.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\75932084.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2020-01-15 19:54 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\TC UP\PLUGINS\Library;C:\Program Files\VDownloader;C:\Program Files\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: D: =>
MSCONFIG\startupreg: DU Meter => C:\Program Files\DU Meter\DUMeter.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: NokiaPCInternetAccess => "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FE7AC9CF-3561-47A5-B99A-69042B495B0B}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D7A9353B-05AF-41BB-AEC5-24E5A30E4BC9}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{F388A335-B65D-4EB0-9F4E-867A81A8DEB5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{F60AC1A0-B039-4980-A08A-FC770460757C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB4E05BA-042A-4CCE-985A-2842E3FD6740}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1B9D84F-D9C4-4F69-B7A7-8123CB72A58F}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC115943-2074-4D67-86FD-304E973A8A07}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{077124A8-39E9-4C48-8F68-258E5426535D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01E3A908-8988-414D-8EFA-76B4264EEF93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{41A4F2EE-D814-434F-8059-6EEFE13045E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DBF38C8D-71CE-41FE-8CC7-D3F53D63EEB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5C6334B-DDA4-4EBB-B509-0C3D816A18A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8E0A802B-A8DE-4DAB-BC8C-BDF2CF4E4A93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E9B6AD04-798C-4BA7-88B4-C0D397E9A1DF}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [UDP Query User{AA1B92BD-0FF8-4665-88C0-3C0AA70918D8}C:\users\kamil\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kamil\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [{73ACB86A-9ACB-49D1-B939-813CC1D16D71}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{598C2D51-05EE-4313-AB37-D8A4FE4BD351}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CE6E99D3-D187-4BEE-9211-1ECBA00A910C}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{89DD17C6-9B3B-4FD2-922E-092D68856D3E}] => (Allow) C:\Users\Kamil\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{649C8FDF-A5D3-4B69-872E-79D05B54C656}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{39CC2FED-E291-4825-9D17-04FD47F52A69}] => (Allow) C:\Program Files\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{B565FEC6-4AA6-43CC-BDAD-4765CE2475B9}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{7746F667-6FC9-48F5-9DF3-96B8BE3FB5D6}] => (Allow) C:\Users\Kamil\AppData\Roaming\skype.exe No File
FirewallRules: [{D4BFA56F-42DD-4729-BC10-7F5D568A0415}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9834E6EE-D943-4C3F-9CD6-C5E22428B2BF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{2913477A-8313-4412-AD83-EB90BE61B927}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{FC95DE93-382E-401E-B9FA-CA5E3763026C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{7BB1B054-2824-446D-BB61-56609EB37AC1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9CA61943-BBAE-4F24-BD93-D07CD82E5626}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{D416DD57-4189-4309-A68B-043B1EBC022C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{713C67D3-8693-4AA7-BB8A-46A238724BF3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{44BA0745-1436-49E9-8F46-E07661FD8C6F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard) [File not signed]
FirewallRules: [{A5A5FD06-C66B-479C-99FB-3C34745CB483}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B4549B05-C21C-45C1-88DA-2CC7C746D3FA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{68C9AE4C-A7AF-4990-A530-B0F3E2C70A02}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{50C54499-3900-4437-B5EF-F0DC696F7BEA}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{F5E00402-58D3-4984-BA38-A7262B7E42BE}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{07E7C946-C6CD-4426-84E6-E45A85CFD3D4}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{05BB745C-4079-4C1E-BAA2-EF970F6B72C0}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{B183860A-0B39-4E91-A072-E790550A4384}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [TCP Query User{99526F96-7CEF-41F3-A3BB-3A070F596371}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{551B6C6C-542A-4C44-BE40-E9F34A859164}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{770CBAE4-EE3F-4386-A4FC-E50CA29E48FD}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D1614519-6472-4369-82DD-332040705988}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC265BB4-0A03-4C18-AF94-584A889A38FB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9530D7A0-71D4-4F8E-855A-0B0F94674685}] => (Allow) C:\Program Files\Ubisoft\Related Designs\ANNO 1404\Anno4.exe (Related Designs Software -> )
FirewallRules: [{424160AC-F1BB-4576-B105-2E33D4DF76E1}] => (Allow) C:\Program Files\Ubisoft\Related Designs\ANNO 1404\Anno4.exe (Related Designs Software -> )
FirewallRules: [{395B082C-8899-46EA-98AB-35982D6F32E9}] => (Allow) C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe (Related Designs Software -> )
FirewallRules: [{74C73AB5-7C51-49BA-AE8C-25140FAA0854}] => (Allow) C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe (Related Designs Software -> )
FirewallRules: [{34220FFF-1ADA-4B58-B97B-D5B5D18ECBD8}] => (Allow) C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Benchmark.exe (Related Designs Software -> )
FirewallRules: [{D598742D-9E4E-476A-AACF-61641051A85F}] => (Allow) C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Benchmark.exe (Related Designs Software -> )

==================== Restore Points =========================

20-01-2020 06:01:42 Plánovaný kontrolný bod
21-01-2020 16:27:52 Installed DirectX

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/21/2020 04:27:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary 38A70478.

System Error:
Systém nemôže nájsť zadaný súbor.
.

Error: (01/21/2020 04:27:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Prístup je odmietnutý.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f0749905-a99e-4143-9073-1941877eab18}

Error: (01/21/2020 10:28:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/21/2020 05:22:03 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll".Error in manifest or policy file "c:\program files\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" on line 8.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/20/2020 04:04:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/20/2020 03:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Explorer.EXE, verzia: 6.1.7601.17514, časová značka: 0x4ce796f3
Názov chybového modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x038d0fef
Identifikácia chybného procesu: 0xfb8
Čas spustenia chybnej aplikácie: 0x01d5ccdba557cfc1
Cesta chybnej aplikácie: C:\Windows\Explorer.EXE
Cesta chybného modulu: unknown
Identifikácia hlásenia: 0be038b4-3b95-11ea-bf8c-50e549c82b33

Error: (01/20/2020 05:55:59 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll".Error in manifest or policy file "c:\program files\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" on line 8.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/19/2020 07:00:18 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohovanie sa nedokončilo v dôsledku chyby zápisu do umiestnenia zálohy H:\. Vyskytla sa chyba: Umiestnenie zálohy sa nedá nájsť alebo nie je platné. Skontrolujte svoje nastavenie zálohovania a umiestnenie zálohy. (0x81000006).

System errors:
=============
Error: (01/21/2020 10:27:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd

Error: (01/21/2020 10:26:52 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .

Error: (01/21/2020 10:26:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba UPnP Device Host bola ukončená s nasledujúcou chybou:
Prístup je odmietnutý.

Error: (01/21/2020 10:21:09 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"5"
Happened while starting this command:
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding

Error: (01/21/2020 10:21:09 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error:
"5"
Happened while starting this command:
C:\Windows\system32\wbem\wmiprvse.exe -Embedding

Error: (01/20/2020 04:02:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
sptd

Error: (01/20/2020 04:02:16 PM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .

Error: (01/19/2020 10:32:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMI Performance Adapter bola ukončená s nasledujúcou chybou:
Neznáma chyba

==================== Memory info ===========================

BIOS: Award Software International, Inc. F9 10/13/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-990XA-UD3
Processor: AMD Phenom(tm) II X6 1045T Processor
Percentage of memory in use: 87%
Total physical RAM: 3069.24 MB
Available physical RAM: 392.97 MB
Total Virtual: 6136.85 MB
Available Virtual: 2588.19 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:107.42 GB) (Free:32.09 GB) NTFS
Drive d: () (Fixed) (Total:1289.74 GB) (Free:37.79 GB) NTFS
Drive h: (ESD-USB) (Removable) (Total:28.8 GB) (Free:26.06 GB) FAT32

\\?\Volume{bacf6a23-897a-11e1-a07a-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 809EDEEA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1289.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 28.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-01-2020
Ran by Kamil (administrator) on KAMIL-PC (Gigabyte Technology Co., Ltd. GA-990XA-UD3) (22-01-2020 02:32:22)
Running from C:\Users\Kamil\Desktop
Loaded Profiles: Kamil (Available Profiles: Kamil)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [File not signed] C:\Program Files\Bluetooth Suite\BtvStack.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Home Theater v4\pcee4.exe
(Duality Software) [File not signed] C:\Program Files\DS Clock\dsclock.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Hagel Technologies Ltd -> Hagel Technologies Ltd) [File not signed] C:\Program Files\DU Meter\DUMeterSvc.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nokia -> Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Nokia -> Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10807912 2011-08-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1571432 2011-08-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Dolby Home Theater v4] => C:\Program Files\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-03-01] (Atheros Communications Inc. -> Atheros Communications) [File not signed]
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [173688 2019-11-29] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [DS Clock] => C:\Program Files\DS Clock\dsclock.exe [323584 2003-06-06] (Duality Software) [File not signed]
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia -> Nokia)
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files\Common Files\LightScribe\LSRunOnce.exe [2010-06-16] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {28DE678F-CAA4-43CC-92FD-F915E0ABB696} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {679C185F-C174-41DA-B645-3EAAE5A7E7C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-28] (Google Inc -> Google Inc.)
Task: {87A65AD8-152C-439B-B8F5-EB8507425E69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-21] (Adobe Inc. -> Adobe)
Task: {8E4DD813-46BA-4117-A16C-34C045517E55} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-28] (Google Inc -> Google Inc.)
Task: {907DBFB6-690F-4BD0-9CF1-E8AE3E9867B1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000Core => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {96CCE673-A4E1-48EE-8E1D-33CD41B8B1C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000UA => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {9D863C86-5BED-43A8-87BD-7F9DF0AFBE9D} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [77824 2008-06-27] () [File not signed]
Task: {E719B26C-D23E-4B45-A96D-B6635B79C680} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-21] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000Core.job => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000UA.job => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{7CE69006-A9F5-4F2A-9FC9-BA743A4AF9ED}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{D620EBB2-40AB-4CB4-B107-5F6BCF8B53C0}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\ProgramData\LangSoft\WebIE.dll [2016-12-29] () [File not signed]
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll [2016-12-29] () [File not signed]

FireFox:
========
FF DefaultProfile: ht3jbfth.default-1368257689736
FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736 [2020-01-22]
FF DownloadDir: C:\Users\Kamil\Downloads
FF Homepage: Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736 -> hxxp://www.google.sk/
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-02-02] [Legacy]
FF Extension: (YouTube mp3) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\info@youtube-mp3.org.xpi [2017-01-03] [Legacy]
FF Extension: (Translate This!) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2017-01-03] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-12-30]
FF Extension: (Google™ Translator) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2017-01-01] [Legacy]
FF Extension: (Translator Widget) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-Gz4hrxvpY3RFJw@jetpack.xpi [2017-02-20] [Legacy]
FF Extension: (AdBlock) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-10-13]
FF Extension: (S3.Translator) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\s3google@translator.xpi [2018-10-13]
FF Extension: (Google Translator for Firefox) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\translator@zoli.bod.xpi [2019-12-14]
FF Extension: (Stylus Blue) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{11a41736-a1d5-4b1d-9cc3-983ed6a3ad30}.xpi [2019-03-21]
FF Extension: (walnut) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{192acb99-bee0-4373-9d46-09b18ad6fba9}.xpi [2019-03-28]
FF Extension: (Autumn Forest) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{46e6b376-15af-4ceb-8ac0-4820dd7e19d4}.xpi [2019-03-28]
FF Extension: (Grungedpaper) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{91ef5856-a93b-4a8a-b102-909b6f6865e9}.xpi [2019-03-21]
FF Extension: (rustic walnut) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{a91e51b1-7ed9-4087-8dce-4f1d42436be8}.xpi [2019-03-21]
FF Extension: (Video DownloadHelper) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-24]
FF Extension: (Online Translator Toolbar) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{BD4B37E6-7AE7-48d7-A2D7-6FF5775924AB}.xpi [2017-02-20] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-10-13]
FF Extension: (Spring and Swallows) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\Extensions\{decd5f4c-bc93-4cc3-a305-0221fa9420c7}.xpi [2019-03-28]
FF SearchPlugin: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ht3jbfth.default-1368257689736\searchplugins\bing-.xml [2016-12-25]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2017-07-12] [Legacy] [not signed]
FF HKU\S-1-5-21-3867848799-1210266518-3605795662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] (Nokia -> )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-22]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2020-01-16]
CHR Extension: (Prekladač Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Speed Test) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeghledigokaedmpimgnfplidhdhlchg [2017-12-12]
CHR Extension: (internet Download Manager For Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blhjobkfabeopalncconblmakfcllmhk [2017-09-24]
CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-30]
CHR Extension: (Google Search) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-18]
CHR Extension: (S3.Translator) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\debnnjfbneojbmioajinefnflopdohjk [2019-12-15]
CHR Extension: (Social Network Adblocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgjckeibmdfndlflobjhddhmemajjld [2018-11-22]
CHR Extension: (Translate Selected Text) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbimffnjoeobhjhochngikepgfejjmgj [2017-06-24]
CHR Extension: (uBlock Adblock Plus) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdecnmmdccnkogcidionikojplkjfgie [2017-07-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-19]
CHR Extension: (Zoom for Google Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2019-12-31]
CHR Extension: (Skype) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-12]
CHR Extension: (Video DownloadHelper) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2019-06-26]
CHR Extension: (Kontrola pošty Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-03-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Hover Zoom+) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2019-10-08]
CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems)
R2 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [72864 2011-03-01] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [1382672 2007-10-15] (Hagel Technologies Ltd -> Hagel Technologies Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1888008 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1888008 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5570712 2020-01-16] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2905656 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2018360 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2012-04-19] (Even Balance, Inc. -> )
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14155832 2020-01-06] (Adlice -> )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11944 2017-03-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [43680 2011-03-01] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2020-01-08] (Tages SA -> )
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2017-03-28] (IVT CORPORATION -> IVT Corporation.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [128648 2019-11-29] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [147776 2019-11-29] (ESET, spol. s r.o. -> ESET)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG -> Elaborate Bytes AG)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [99496 2019-11-29] (ESET, spol. s r.o. -> ESET)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [51328 2017-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [71552 2017-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [92032 2007-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-03-12] (Martin Malik - REALiX -> REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2020-01-08] (Tages SA -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [183768 2020-01-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [213912 2020-01-21] (Malwarebytes Inc -> Malwarebytes)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18560 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27704 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [50744 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [171072 2016-10-06] (WDKTestCert charles-yeh,131069736795923936 -> Prolific Technology Inc.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2012-04-19] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [15872 2006-01-13] (Flint Incorporation) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [20256 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 WsAudioDevice_383; C:\Windows\System32\drivers\WsAudioDevice_383.sys [25632 2016-02-29] (Wondershare Software Co., Ltd. -> Wondershare)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 RkFlt; \??\C:\Windows\System32\drivers\rkflt.sys [X]
U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-22 02:32 - 2020-01-22 02:33 - 000029224 _____ C:\Users\Kamil\Desktop\FRST.txt
2020-01-22 02:32 - 2020-01-22 02:32 - 000000000 ____D C:\Users\Kamil\Desktop\FRST-OlderVersion
2020-01-21 09:21 - 2020-01-21 10:20 - 000000000 ____D C:\KVRT_Data
2020-01-21 09:18 - 2020-01-21 09:21 - 179783608 _____ (AO Kaspersky Lab) C:\Users\Kamil\Downloads\KVRT.exe
2020-01-20 16:03 - 2020-01-20 16:10 - 001427048 _____ C:\TDSSKiller.3.1.0.28_20.01.2020_16.03.06_log.txt
2020-01-20 16:03 - 2020-01-20 16:03 - 000183768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-01-20 16:02 - 2020-01-21 10:27 - 000213912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-01-20 15:59 - 2020-01-20 16:00 - 000005646 _____ C:\TDSSKiller.3.1.0.28_20.01.2020_15.59.14_log.txt
2020-01-20 15:57 - 2020-01-20 15:57 - 000000825 _____ C:\Users\Kamil\Desktop\Nový textový dokument.txt
2020-01-20 15:48 - 2020-01-20 15:48 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Kamil\Desktop\tdsskiller.exe
2020-01-20 15:47 - 2020-01-20 15:48 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Kamil\Downloads\tdsskiller.exe
2020-01-17 19:56 - 2020-01-17 19:56 - 000398008 _____ C:\Users\Kamil\Downloads\Windows Product Key _ 10,8,7,XP,Vista.zip
2020-01-16 20:29 - 2020-01-16 20:29 - 000000000 ___HD C:\$Windows.~WS
2020-01-16 15:10 - 2020-01-16 15:11 - 2939158528 _____ C:\Users\Kamil\Documents\Windows 10.iso
2020-01-16 14:27 - 2020-01-16 14:27 - 019255000 _____ (Microsoft Corporation) C:\Users\Kamil\Downloads\MediaCreationTool1909.exe
2020-01-16 04:56 - 2020-01-16 04:56 - 000001553 _____ C:\Users\Kamil\Documents\mbam.txt
2020-01-16 04:21 - 2020-01-16 04:21 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-16 04:21 - 2020-01-16 04:21 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-16 04:21 - 2020-01-16 04:21 - 000000000 ____D C:\Users\Kamil\AppData\Local\mbamtray
2020-01-16 04:21 - 2020-01-16 04:21 - 000000000 ____D C:\Users\Kamil\AppData\Local\mbam
2020-01-16 04:21 - 2020-01-16 04:21 - 000000000 ____D C:\Users\Kamil\AppData\Local\cache
2020-01-16 04:21 - 2020-01-16 04:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-16 04:20 - 2020-01-16 04:20 - 000129056 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2020-01-16 04:19 - 2020-01-16 04:19 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-16 04:18 - 2020-01-16 04:18 - 001883976 _____ (Malwarebytes) C:\Users\Kamil\Downloads\MBSetup.exe
2020-01-16 04:11 - 2020-01-22 02:32 - 002303488 _____ (Farbar) C:\Users\Kamil\Desktop\FRST.exe
2020-01-16 04:10 - 2020-01-16 04:12 - 002303488 _____ (Farbar) C:\Users\Kamil\Downloads\FRST.exe
2020-01-15 15:39 - 2020-01-15 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2020-01-15 15:39 - 2020-01-15 15:39 - 000000000 ____D C:\ProgramData\ESET
2020-01-15 15:39 - 2020-01-15 15:39 - 000000000 ____D C:\Program Files\ESET
2020-01-15 15:37 - 2020-01-15 15:37 - 005504824 ___SH (ESET) C:\Users\Kamil\Downloads\._cache_eset_nod32_antivirus_live_installer(2).exe
2020-01-15 14:37 - 2019-02-21 04:59 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-01-15 14:37 - 2019-02-21 04:59 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2020-01-15 14:37 - 2019-02-21 04:59 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-01-15 14:37 - 2019-02-21 04:59 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2020-01-15 14:37 - 2019-02-21 04:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2020-01-15 14:37 - 2019-02-21 04:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-15 14:37 - 2019-02-21 04:58 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-01-15 14:37 - 2019-02-21 04:58 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-01-15 14:37 - 2019-02-21 04:56 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:38 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-01-15 14:37 - 2019-02-21 04:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-01-15 14:37 - 2019-02-21 04:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-01-15 14:37 - 2019-02-21 04:38 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-01-15 14:37 - 2019-02-21 04:38 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-01-15 14:37 - 2019-02-21 04:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-01-15 14:37 - 2019-02-21 04:36 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-01-15 14:37 - 2019-02-21 04:36 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-01-15 14:37 - 2019-02-21 04:36 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-01-15 14:37 - 2019-02-21 04:34 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-01-15 14:37 - 2019-02-21 04:34 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-01-15 14:37 - 2019-02-21 04:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-01-15 14:37 - 2019-02-21 04:34 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-01-15 14:37 - 2019-02-21 04:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-01-15 14:37 - 2019-02-21 04:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-01-15 14:37 - 2019-02-10 17:43 - 000078560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2020-01-15 14:37 - 2019-02-10 17:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2020-01-15 14:37 - 2019-02-10 17:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-01-15 14:37 - 2019-02-10 17:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2020-01-15 14:37 - 2019-02-10 17:37 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2020-01-15 14:37 - 2019-02-10 17:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2020-01-15 14:37 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2020-01-15 14:37 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2020-01-15 14:37 - 2019-02-10 17:28 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-01-15 14:37 - 2019-02-10 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2020-01-15 14:37 - 2019-02-10 17:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2020-01-15 14:37 - 2019-02-10 17:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2020-01-15 14:37 - 2019-02-10 17:19 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-01-15 14:37 - 2019-02-10 17:19 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2020-01-15 14:37 - 2019-02-10 17:19 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-01-15 14:37 - 2018-11-18 03:59 - 000410080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-01-15 14:37 - 2018-11-18 03:44 - 000535616 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-01-15 14:37 - 2018-11-18 03:44 - 000470704 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-01-15 14:37 - 2018-11-18 03:43 - 000374872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-01-15 14:37 - 2018-11-18 03:43 - 000249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2020-01-15 14:33 - 2019-02-16 06:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-01-15 13:58 - 2020-01-15 13:58 - 000000000 ____D C:\ProgramData\AVG
2020-01-15 13:14 - 2020-01-15 13:15 - 000001837 _____ C:\Users\Kamil\Desktop\UsbFix Anti-Malware.lnk
2020-01-15 13:14 - 2020-01-15 13:15 - 000000000 ____D C:\Program Files\UsbFix
2020-01-15 12:54 - 2020-01-15 12:54 - 019255000 ___SH (Microsoft Corporation) C:\Users\Kamil\Downloads\._cache_MediaCreationTool1909.exe
2020-01-15 12:25 - 2020-01-22 02:32 - 000000000 ____D C:\FRST
2020-01-15 12:09 - 2020-01-15 12:09 - 000001005 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-01-15 12:09 - 2020-01-15 12:09 - 000001005 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-01-15 11:19 - 2020-01-16 21:23 - 000000000 ____D C:\ESD
2020-01-15 11:16 - 2020-01-15 11:16 - 000000000 ____D C:\$WINDOWS.~BT
2020-01-08 20:12 - 2020-01-08 20:12 - 000000000 ____D C:\ProgramData\Tages
2020-01-08 20:11 - 2020-01-08 20:11 - 000281760 _____ C:\Windows\system32\Drivers\atksgt.sys
2020-01-08 20:11 - 2020-01-08 20:11 - 000025888 _____ C:\Windows\system32\Drivers\lirsgt.sys
2020-01-08 20:11 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2020-01-08 20:11 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2020-01-08 20:11 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2020-01-08 20:11 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2020-01-08 20:11 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2020-01-08 20:11 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2020-01-08 20:11 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2020-01-08 20:11 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2020-01-08 20:11 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2020-01-08 20:11 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2020-01-08 20:11 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2020-01-08 20:11 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2020-01-08 20:11 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2020-01-08 20:11 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2020-01-08 20:11 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2020-01-08 20:11 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2020-01-08 20:11 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2020-01-08 20:11 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2020-01-08 20:11 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2020-01-08 20:11 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2020-01-08 20:11 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2020-01-08 20:11 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2020-01-08 20:11 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2020-01-08 20:11 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2020-01-08 20:11 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2020-01-08 20:11 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2020-01-08 20:11 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2020-01-08 20:11 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2020-01-08 20:11 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2020-01-08 20:11 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2020-01-08 20:11 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2020-01-08 20:11 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2020-01-08 20:11 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2020-01-08 20:11 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2020-01-08 20:11 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2020-01-08 20:11 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2020-01-08 20:11 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2020-01-08 20:11 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2020-01-08 20:11 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2020-01-08 20:11 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-01-08 20:11 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2020-01-08 20:11 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2020-01-08 20:11 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2020-01-08 20:11 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2020-01-08 20:11 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2020-01-08 20:11 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2020-01-08 20:11 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2020-01-08 20:11 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2020-01-08 20:11 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2020-01-08 20:11 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2020-01-08 20:11 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2020-01-08 20:11 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2020-01-08 20:08 - 2020-01-08 20:08 - 000000000 ____D C:\Program Files\Ubisoft
2020-01-07 13:25 - 2020-01-07 13:25 - 000054842 _____ C:\Users\Kamil\Downloads\3620003683.pdf
2019-12-31 12:40 - 2019-12-31 12:40 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Sun
2019-12-31 12:40 - 2019-12-31 12:40 - 000000000 ____D C:\Program Files\Common Files\Java
2019-12-31 12:39 - 2019-12-31 12:39 - 000112696 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2019-12-31 12:39 - 2019-12-31 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-12-31 12:39 - 2019-12-31 12:39 - 000000000 ____D C:\Program Files\Java
2019-12-31 12:39 - 2019-12-31 12:39 - 000000000 ____D C:\Program Files\Common Files\Oracle

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-22 02:29 - 2019-03-22 07:33 - 000000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2020-01-22 02:29 - 2019-03-22 07:33 - 000000035 _____ C:\ProgramData\Documents\AtherosServiceConfig.ini
2020-01-22 02:29 - 2016-12-13 15:38 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Mozilla
2020-01-22 02:28 - 2012-04-18 19:27 - 000000946 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000UA.job
2020-01-21 18:39 - 2012-04-18 19:27 - 000000894 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867848799-1210266518-3605795662-1000Core.job
2020-01-21 17:18 - 2018-03-13 23:18 - 000004462 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-21 17:18 - 2012-07-19 15:59 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2020-01-21 17:18 - 2012-07-19 15:59 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2020-01-21 17:18 - 2012-07-19 15:59 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-21 17:18 - 2012-07-19 15:59 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-21 16:46 - 2012-04-19 15:22 - 000183112 _____ C:\Windows\system32\PnkBstrB.exe
2020-01-21 16:46 - 2012-04-19 15:22 - 000138184 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2020-01-21 16:28 - 2009-07-14 05:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-01-21 16:25 - 2012-04-18 18:32 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2020-01-21 11:04 - 2009-07-14 05:34 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-21 11:04 - 2009-07-14 05:34 - 000021504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-21 10:27 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-19 10:32 - 2010-11-20 22:01 - 000008582 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-18 08:17 - 2016-06-26 05:21 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\vlc
2020-01-17 20:00 - 2013-04-02 16:25 - 000001516 _____ C:\Users\Kamil\Desktop\Heslo.txt
2020-01-17 12:13 - 2016-12-15 19:05 - 000000212 _____ C:\Users\Kamil\Desktop\Chaturbate.txt
2020-01-16 20:29 - 2012-04-18 19:19 - 000000000 ____D C:\Windows\Panther
2020-01-16 15:16 - 2013-08-20 08:57 - 000141312 ___SH C:\Users\Kamil\Documents\Thumbs.db
2020-01-16 04:20 - 2012-06-23 20:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-15 17:40 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2020-01-15 15:46 - 2015-10-08 13:54 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\uTorrent
2020-01-15 15:45 - 2012-04-18 18:26 - 000000000 ____D C:\Users\Kamil
2020-01-15 15:42 - 2017-04-25 11:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-15 15:39 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-01-15 15:32 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\Dism
2020-01-15 13:59 - 2012-04-18 19:56 - 000000000 ____D C:\Program Files\AVG
2020-01-15 13:11 - 2019-03-08 03:11 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Adblock Plus for IE
2020-01-15 12:09 - 2015-08-27 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-01-15 12:09 - 2015-08-27 23:54 - 000000000 ____D C:\Program Files\RogueKiller
2020-01-15 12:09 - 2015-03-21 10:07 - 000000000 ____D C:\ProgramData\RogueKiller
2020-01-15 11:05 - 2017-03-29 04:36 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-01-09 05:25 - 2017-03-28 16:19 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-04 06:05 - 2014-11-25 19:35 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2020-01-03 14:11 - 2018-07-13 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-01-01 11:45 - 2013-03-21 20:27 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Thunderbird
2019-12-31 16:16 - 2012-05-28 10:02 - 000000000 ____D C:\Program Files\JDownloader

==================== Files in the root of some directories ========

2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l2-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-localization-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-processthreads-l1-1-1.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-synch-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-timezone-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022280 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-convert-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-environment-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-filesystem-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000019208 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-heap-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-locale-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000028936 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-math-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000026376 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-multibyte-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022792 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-runtime-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-stdio-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-string-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-time-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-utility-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 001172232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\ucrtbase.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000082752 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\vcruntime140.dll
2015-10-27 18:05 - 2016-12-21 06:39 - 000057344 _____ () C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-20 14:11 - 2018-12-20 14:11 - 000002404 _____ () C:\Users\Kamil\AppData\Local\recently-used.xbel
2016-07-22 16:35 - 2019-03-11 09:47 - 000007622 _____ () C:\Users\Kamil\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-01-18 09:13
==================== End of FRST.txt ========================

#18 Příspěvek od **Conder** » 22 led 2020 22:54

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\system32\giveio.sys
File: C:\Windows\System32\Drivers\VD_FileDisk.sys
File: C:\Windows\gdrv.sys
File: C:\Windows\System32\drivers\rkflt.sys
File: C:\Windows\System32\drivers\truesight.sys
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1
Folder: C:\Users\Kamil\AppData\Local\UmmyVideoDownloader
Folder: C:\FRST\Quarantine

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 RkFlt; \??\C:\Windows\System32\drivers\rkflt.sys [X]
U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]
2020-01-22 02:32 - 2020-01-22 02:32 - 000000000 ____D C:\Users\Kamil\Desktop\FRST-OlderVersion
2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l2-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-localization-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-processthreads-l1-1-1.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-synch-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-timezone-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022280 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-convert-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-environment-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-filesystem-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000019208 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-heap-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-locale-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000028936 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-math-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000026376 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-multibyte-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022792 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-runtime-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-stdio-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-string-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-time-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-utility-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 001172232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\ucrtbase.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000082752 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\vcruntime140.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15195365.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\75932084.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15195365.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\75932084.sys => ""="Driver"
MSCONFIG\startupreg: D: => 

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

kamistr · #19 Příspěvek od **kamistr** » 23 led 2020 05:26

Fix result of Farbar Recovery Scan Tool (x86) Version: 22-01-2020 01
Ran by Kamil (23-01-2020 05:21:46) Run:2
Running from C:\Users\Kamil\Desktop
Loaded Profiles: Kamil (Available Profiles: Kamil)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\system32\giveio.sys
File: C:\Windows\System32\Drivers\VD_FileDisk.sys
File: C:\Windows\gdrv.sys
File: C:\Windows\System32\drivers\rkflt.sys
File: C:\Windows\System32\drivers\truesight.sys
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1
Folder: C:\Users\Kamil\AppData\Local\UmmyVideoDownloader
Folder: C:\FRST\Quarantine

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 RkFlt; \??\C:\Windows\System32\drivers\rkflt.sys [X]
U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]
2020-01-22 02:32 - 2020-01-22 02:32 - 000000000 ____D C:\Users\Kamil\Desktop\FRST-OlderVersion
2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018184 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l2-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-localization-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-processthreads-l1-1-1.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-synch-l1-2-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-core-timezone-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022280 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-convert-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-environment-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-filesystem-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000019208 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-heap-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-locale-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000028936 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-math-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000026376 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-multibyte-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000022792 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-runtime-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-stdio-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000024328 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-string-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000020744 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-time-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000018696 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-utility-l1-1-0.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 001172232 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\ucrtbase.dll
2019-09-20 06:14 - 2019-08-10 13:37 - 000082752 _____ (Microsoft Corporation) C:\Users\Kamil\AppData\Roaming\vcruntime140.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15195365.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\75932084.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15195365.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\75932084.sys => ""="Driver"
MSCONFIG\startupreg: D: =>

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 1627
Average :
Sum : 3492850179
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

========================= File: C:\Windows\system32\giveio.sys ========================

C:\Windows\system32\giveio.sys
File not signed
MD5: 77EBF3E9386DAA51551AF429052D88D0
Creation and modification date: 1996-04-03 20:33 - 1996-04-03 20:33
Size: 000005248
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/94c3294 ... 578942772/

====== End of File: ======

========================= File: C:\Windows\System32\Drivers\VD_FileDisk.sys ========================

C:\Windows\System32\Drivers\VD_FileDisk.sys
File not signed
MD5: E3389E42561670D112D77A431010377B
Creation and modification date: 2006-01-13 14:00 - 2006-01-13 14:00
Size: 000015872
Attributes: ----A
Company Name: Flint Incorporation
Internal Name: vd_filedisk
Original Name: vd_filedisk.sys
Product: VD_FileDisk
Description: VD_FileDisk Virtual Disk Driver
File Version: 1.30 beta 2
Product Version: 1.30 beta 2
Copyright: Copyright © 2005 Flint Incorporation
VirusTotal: https://www.virustotal.com/file/1b4b637 ... 579393642/

====== End of File: ======

========================= File: C:\Windows\gdrv.sys ========================

"C:\Windows\gdrv.sys" => not found
====== End of File: ======

========================= File: C:\Windows\System32\drivers\rkflt.sys ========================

"C:\Windows\System32\drivers\rkflt.sys" => not found
====== End of File: ======

========================= File: C:\Windows\System32\drivers\truesight.sys ========================

"C:\Windows\System32\drivers\truesight.sys" => not found
====== End of File: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1]
"Inno Setup: Setup Version"="5.5.9 (u)"
"Inno Setup: App Path"="C:\Users\Kamil\AppData\Local\UmmyVideoDownloader"
"InstallLocation"="C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\"
"Inno Setup: Icon Group"="UmmyVideoDownloader"
"Inno Setup: User"="Kamil"
"Inno Setup: Language"="default"
"DisplayName"="UmmyVideoDownloader"
"DisplayIcon"="C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\UmmyVideoDownloader.exe,0"
"UninstallString"=""C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\unins000.exe""
"QuietUninstallString"=""C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\unins000.exe" /SILENT"
"DisplayVersion"="1.7.2.4"
"URLInfoAbout"="http://videodownloader.ummy.net/"
"HelpLink"="http://videodownloader.ummy.net/"
"URLUpdateInfo"="http://videodownloader.ummy.net/"
"NoModify"="1"
"NoRepair"="1"
"InstallDate"="20161224"
"MajorVersion"="1"
"MinorVersion"="7"
"VersionMajor"="1"
"VersionMinor"="7"
"EstimatedSize"="69098"

=== End of ExportKey ===

========================= Folder: C:\Users\Kamil\AppData\Local\UmmyVideoDownloader ========================

2016-12-24 17:38 - 2015-12-04 10:07 - 000060114 ____A [66CFF2248A748D4589B22AE0421E52F3] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\License.txt
2016-12-24 17:39 - 2019-02-24 19:21 - 000000472 ____A [68E57C7AC63AE929EF27AC2E75D1DF0A] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\settings.uvd
2016-12-24 17:38 - 2019-02-24 19:20 - 015176872 ____A [60C1F8D7E12BCD84A1E2176E0518FC6E] (Magicbit, Inc) C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\UmmyVideoDownloader.exe
2016-12-24 17:38 - 2016-12-24 17:39 - 000064528 ____A [9CA266109E11ABEE1255C96A5A05EB65] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\unins000.dat
2016-12-24 17:39 - 2016-12-24 17:39 - 001253073 ____A [435B0D001E0A6211B7CF2EF81262B810] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\unins000.exe
2016-12-24 17:38 - 2016-12-24 17:39 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4
2016-12-24 17:38 - 2016-10-01 22:37 - 033437184 ____A [F867C321CC0A72577CAE5C8E33E746DB] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\ffmpeg.exe
2016-12-24 17:38 - 2016-10-01 22:37 - 001362944 ____A [C39B8D8BD482B717EBDD17DCAE374C9B] (The OpenSSL Project, http://www.openssl.org/) C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\libeay32.dll
2016-12-24 17:38 - 2016-10-01 22:37 - 000357888 ____A [89172A85C3B07BFF7541720D42D31BC6] (The OpenSSL Project, http://www.openssl.org/) C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\ssleay32.dll
2016-12-24 17:38 - 2016-12-24 17:39 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\help
2016-12-24 17:38 - 2016-10-17 09:57 - 009544282 ____A [432C82425DC29A9EBC64A45ADB258FE2] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\help\Ummy_eng.pdf
2016-12-24 17:38 - 2016-10-17 09:57 - 009552929 ____A [BEB5FFC3FD3665329CBD12D5B9BA356E] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\help\Ummy_rus.pdf
2016-12-24 17:38 - 2016-12-24 17:39 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang
2016-12-24 17:38 - 2016-10-05 13:03 - 000003125 ____A [97A91EEDF649F260F85A5669CDB75B06] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\deu.po
2016-12-24 17:38 - 2016-10-05 13:03 - 000006496 ____A [60DBFD6386970DA80D8A1536CFF423F6] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\esp.po
2016-12-24 17:38 - 2016-10-05 13:03 - 000006274 ____A [F9CD7BFD437CA869AD529F9459FEFF89] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\ind.po
2016-12-24 17:38 - 2016-10-19 15:20 - 000008600 ____A [40D0DED1B55822781EE70A4A93503D34] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\rus.po
2016-12-24 17:38 - 2016-10-01 22:37 - 000000334 ____A [6057EAF29E55C8F68BD9FB5DC49128D4] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\tips.deu
2016-12-24 17:38 - 2016-10-01 22:37 - 000000586 ____A [69EA872740AA61B922E69BE88C5A8110] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\tips.eng
2016-12-24 17:38 - 2016-10-01 22:37 - 000000590 ____A [09CEA1F6244E5D82A73ECAD55EB74763] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\tips.esp
2016-12-24 17:38 - 2016-10-01 22:37 - 000000664 ____A [9C8C25EF4C2A621FA341FB60D4251E3A] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\tips.ind
2016-12-24 17:38 - 2016-10-01 22:37 - 000000660 ____A [DD0E795527B5CE8147F77EA4CD9CC2B8] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\tips.rus
2016-12-24 17:38 - 2016-10-01 22:37 - 000000648 ____A [E5F6C308ADDAA173C368840F171B50F4] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\tips.trk
2016-12-24 17:38 - 2016-10-05 13:04 - 000006304 ____A [1F09A2F5C7BAC89C4F55E68E8FE0ED25] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\1.7.2.4\lang\trk.po
2016-12-24 17:39 - 2019-02-24 19:21 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\save
2016-12-24 17:39 - 2019-02-24 19:21 - 000000036 ____A [536B6941B726A6603B4E86D8DD2B7223] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\save\history
2016-12-24 17:39 - 2016-12-24 17:39 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\save\files
2019-02-24 19:21 - 2019-02-24 19:21 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Kamil\AppData\Local\UmmyVideoDownloader\save\img

====== End of Folder: ======

========================= Folder: C:\FRST\Quarantine ========================

2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\ProgramData
2019-09-19 15:37 - 2020-01-15 15:58 - 000000000 __SHD [00000000000000000000000000000000] () C:\FRST\Quarantine\C\ProgramData\Synaptics
2019-09-19 15:38 - 2019-09-19 15:38 - 000287744 ____A [3460680E5CF0C10F871D7A4C7E9EF0F5] () C:\FRST\Quarantine\C\ProgramData\Synaptics\libeay32.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000063488 ____A [6C0A224D480108C56FE2FF42E960F2FD] () C:\FRST\Quarantine\C\ProgramData\Synaptics\ssleay32.dll
2019-09-19 15:38 - 2019-09-19 15:38 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\ProgramData\Synaptics\WS
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Users
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Users\Kamil
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Users\Kamil\AppData
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming
2019-09-20 06:14 - 2019-08-10 13:37 - 000453416 ____A [9DDA681B0406C3575E666F52CBDE4F80] (Microsoft Corporation) C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\msvcp140.dll.xBAD
2019-09-20 06:14 - 2019-08-10 13:37 - 002696736 ____A [CB819EB22AF4886B254C0A9F86FED815] (Mozilla Foundation) C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\nss3.dll.xBAD
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft
2019-09-24 17:08 - 2020-01-21 10:21 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates
2019-09-24 17:08 - 2018-11-02 21:41 - 000020608 ____A [477B55AB1242F6A86E34953716BA5231] (Microsoft Corporation) C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates\api-ms-win-crt-conio-l1-1-0.dll
2019-09-24 17:08 - 2019-02-27 15:06 - 000675984 ____A [28D16214F6726F019273231497C749A9] (Microsoft Corporation) C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates\msvcp140.dll
2019-09-24 17:08 - 2018-06-12 18:53 - 015544832 ____A [75CE028BA3C02783C002D58941901A84] (NVIDIA Corporation) C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates\nvrtc64_92.dll
2019-09-24 17:08 - 2018-06-12 18:53 - 003213312 ____A [79ECDC6585CE79779E4500D4BBCA4AC9] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates\nvrtc-builtins64_92.dll
2019-09-24 17:08 - 2018-09-17 10:19 - 000168976 ____A [7FCF1E9832D2252D269A1D077E3AE096] (Khronos Group) C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates\OpenCL.dll
2019-09-24 17:08 - 2019-06-11 13:10 - 000000296 ____A [B49D2454917984D134D4B452A2168C59] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates\setup.bat
2019-09-24 17:08 - 2019-04-29 13:06 - 000000167 ____A [134D1504C43C89D882052006E2563F17] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates\start.vbs
2019-09-24 17:08 - 2019-03-07 01:02 - 000087872 ____A [5578B8106BC09064343C421D9285AD29] (Microsoft Corporation) C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates\vcruntime140.dll
2019-09-24 17:08 - 2019-07-13 18:26 - 000000235 ____A [33FADEF8FA3619D2C02916B905458793] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\Microsoft\Updates\winlogon.vbs
2019-09-19 15:38 - 2020-01-15 11:05 - 000000000 __SHD [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl
2020-01-10 04:22 - 2020-01-10 08:00 - 000000424 ____A [F1AFFA5E40658020CC285A05C89B1B5D] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L10. 1. 2020
2020-01-11 03:58 - 2020-01-11 07:54 - 000000812 ____A [05BEA17D758F5C2223AAD23AA39DDBE2] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L11. 1. 2020
2019-10-11 06:40 - 2019-10-11 07:38 - 000000315 ____A [6305E06D18AEA1E587C96440BA9999FA] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L11. 10. 2019
2019-12-14 04:14 - 2019-12-14 13:57 - 000001105 ____A [013DA80B246F758C1E0EAD8AEB9371BF] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L14. 12. 2019
2020-01-15 11:05 - 2020-01-15 15:42 - 000007308 ____A [4D5B63D630A27C8C8E4211D7C27F44CB] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L15. 1. 2020
2019-12-17 16:13 - 2019-12-17 23:16 - 000015377 ____A [9E6DEEACFA048A8F812742CB9D280657] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L17. 12. 2019
2019-12-18 07:31 - 2019-12-18 07:31 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L18. 12. 2019
2019-11-19 22:43 - 2019-11-19 23:53 - 000000428 ____A [CD5DE80EFE4DB2EF4BF2D6ADA818DD19] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L19. 11. 2019
2019-09-19 15:38 - 2019-09-19 15:38 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L19. 9. 2019
2019-11-20 01:05 - 2019-11-20 18:49 - 000003489 ____A [09EA8AFA4BB5B92C8A8A6671CF87CF4C] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L20. 11. 2019
2019-09-23 07:23 - 2019-09-23 08:05 - 000000920 ____A [F26C9956F5431540E33DDECAA069769D] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L23. 9. 2019
2019-09-24 22:45 - 2019-09-24 22:59 - 000000468 ____A [638214A88B57FDE27119FC0A3F578536] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L24. 9. 2019
2019-09-24 23:00 - 2019-09-25 06:34 - 000001097 ____A [35C99981548C066F42958AFB7BECC0C6] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L25. 9. 2019
2019-09-27 03:19 - 2019-09-27 06:03 - 000000524 ____A [FE1E7F21647337FA1273D8C183C56B1D] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L27. 9. 2019
2019-12-28 11:20 - 2019-12-28 20:05 - 000002250 ____A [651B41D361C094DE0D13467C9B604F8A] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L28. 12. 2019
2019-09-28 04:59 - 2019-09-28 05:56 - 000000820 ____A [7691DEDE9CC6CA8A16C37F7A1FDAA3AF] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L28. 9. 2019
2019-12-29 06:49 - 2019-12-29 07:43 - 000000284 ____A [58F75DEFDDD41EE5C11A1CBEE62F10A1] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L29. 12. 2019
2019-09-28 23:56 - 2019-09-29 07:55 - 000001243 ____A [69BF58FF01473C50039D7CA67B9DEA47] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L29. 9. 2019
2019-10-30 06:21 - 2019-10-30 07:12 - 000000588 ____A [F8AE69A5CDF441BDE13A1ACCB95A3FEB] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L30. 10. 2019
2019-12-30 19:25 - 2019-12-30 20:32 - 000004546 ____A [111354E9CF48FC429F72B8F8337BA880] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L30. 12. 2019
2019-10-31 07:48 - 2019-10-31 19:13 - 000002062 ____A [4C0F596139F495F894CD54EA0662E2E6] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L31. 10. 2019
2019-12-31 08:08 - 2019-12-31 13:11 - 000009032 ____A [1EB6DB891FC1B5EC8716F480FAA3B6B9] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L31. 12. 2019
2020-01-04 06:14 - 2020-01-04 08:10 - 000001583 ____A [25036286A7D97777C50F46253D928416] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L4. 1. 2020
2020-01-08 20:16 - 2020-01-08 20:58 - 000006408 ____A [C36DBC8D661DCEE68D48728D4ED145A9] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L8. 1. 2020
2019-10-08 17:17 - 2019-10-08 22:59 - 000003939 ____A [3E1D963B3CD53A7E2849218533F07E21] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L8. 10. 2019
2019-11-08 06:34 - 2019-11-08 07:46 - 000000400 ____A [5AB08469D8E9AC9D75FEDD67CAF48C37] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L8. 11. 2019
2020-01-09 05:23 - 2020-01-09 08:23 - 000001291 ____A [5179DC67D9181F22529046EF65C7C790] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L9. 1. 2020
2019-10-08 23:00 - 2019-10-09 01:42 - 000001534 ____A [DEC5D0700C9CF393ADDE4630888CCD15] () C:\FRST\Quarantine\C\Users\Kamil\AppData\Roaming\WinSl\L9. 10. 2019
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Users\Kamil\Desktop
2020-01-08 20:50 - 2020-01-08 20:50 - 050540001 ____A [F013928C3E8141ECBD274972BEB37F87] () C:\FRST\Quarantine\C\Users\Kamil\Desktop\._cache_An1404.exe.xBAD
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Windows
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Windows\System32
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Windows\System32\Drivers
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Windows\System32\Drivers\etc
2009-07-14 03:04 - 2009-06-10 22:39 - 000000824 ____A [3688374325B992DEF12793500307566D] () C:\FRST\Quarantine\C\Windows\System32\Drivers\etc\hosts.xBAD
2020-01-15 19:54 - 2020-01-15 19:54 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\Windows\System32\Tasks
2016-12-12 20:35 - 2016-12-12 20:35 - 000003110 ____A [0DBDFCF7ADDC02953CDE68E3FE8AFB9B] () C:\FRST\Quarantine\C\Windows\System32\Tasks\{2F53AFB3-BF87-41BA-9906-924B8988776D}.xBAD
2012-08-19 15:17 - 2012-08-19 15:17 - 000003032 ____A [3D0B4242BE49BAFC930F52109B5DF7BA] () C:\FRST\Quarantine\C\Windows\System32\Tasks\{3AE4C49B-AF29-4392-8EA2-B09B36DB8B5F}.xBAD
2016-12-13 06:01 - 2016-12-13 06:01 - 000003110 ____A [0DBDFCF7ADDC02953CDE68E3FE8AFB9B] () C:\FRST\Quarantine\C\Windows\System32\Tasks\{6A9A6746-189F-40E9-866D-A794DD628277}.xBAD
2017-04-22 06:17 - 2017-04-22 06:17 - 000003118 ____A [E5894F55D693CAF474E2DA6EDFC40770] () C:\FRST\Quarantine\C\Windows\System32\Tasks\{6D875A5B-0703-47AD-919B-1C85F19B83F0}.xBAD
2016-12-13 05:56 - 2016-12-13 05:56 - 000003110 ____A [0DBDFCF7ADDC02953CDE68E3FE8AFB9B] () C:\FRST\Quarantine\C\Windows\System32\Tasks\{F6C0A0DD-0931-4144-8E4C-FC5BD8DE0259}.xBAD
2017-03-12 19:58 - 2017-05-28 05:35 - 000002874 ____A [D56E663886920BA4CA7D4FE3DF0CF34B] () C:\FRST\Quarantine\C\Windows\System32\Tasks\Driver Booster SkipUAC (Kamil).xBAD
2012-04-18 19:57 - 2013-04-10 07:56 - 000003230 ____A [9B7DD89F133CA1BD9830886D99F9EC12] () C:\FRST\Quarantine\C\Windows\System32\Tasks\SidebarExecute.xBAD
2017-03-24 15:41 - 2017-03-24 15:41 - 000003436 ____A [991017B24E6012012E3B24807C2C01E2] () C:\FRST\Quarantine\C\Windows\System32\Tasks\sssssssss.xBAD

====== End of Folder: ======

HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\System\CurrentControlSet\Services\AthBTPort => removed successfully.
AthBTPort => service removed successfully.
HKLM\System\CurrentControlSet\Services\BTATH_A2DP => removed successfully.
BTATH_A2DP => service removed successfully.
HKLM\System\CurrentControlSet\Services\BTATH_HCRP => removed successfully.
BTATH_HCRP => service removed successfully.
HKLM\System\CurrentControlSet\Services\BTATH_LWFLT => removed successfully.
BTATH_LWFLT => service removed successfully.
HKLM\System\CurrentControlSet\Services\BTATH_RCP => removed successfully.
BTATH_RCP => service removed successfully.
HKLM\System\CurrentControlSet\Services\BtFilter => removed successfully.
BtFilter => service removed successfully.
HKLM\System\CurrentControlSet\Services\gdrv => removed successfully.
gdrv => service removed successfully.
HKLM\System\CurrentControlSet\Services\RkFlt => removed successfully.
RkFlt => service removed successfully.
HKLM\System\CurrentControlSet\Services\TrueSight => removed successfully.
TrueSight => service removed successfully.

"C:\Users\Kamil\Desktop\FRST-OlderVersion" folder move:

Could not move "C:\Users\Kamil\Desktop\FRST-OlderVersion" => Scheduled to move on reboot.

C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l1-2-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-core-file-l2-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-core-localization-l1-2-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-core-processthreads-l1-1-1.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-core-synch-l1-2-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-core-timezone-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-convert-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-environment-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-filesystem-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-heap-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-locale-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-math-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-multibyte-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-runtime-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-stdio-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-string-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-time-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\api-ms-win-crt-utility-l1-1-0.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\ucrtbase.dll => moved successfully
C:\Users\Kamil\AppData\Roaming\vcruntime140.dll => moved successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\15195365.sys => removed successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\75932084.sys => removed successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\15195365.sys => removed successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\75932084.sys => removed successfully.
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSCONFIG\startupreg: D: =>" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11206155 B
Java, Flash, Steam htmlcache => 1485 B
Windows/system/drivers => 477578387 B
Edge => 0 B
Chrome => 12952018 B
Firefox => 1088249716 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 128 B
NetworkService => 6270 B
Kamil => 186235785 B

RecycleBin => 1249843 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 23-01-2020 05:28:02)

C:\Users\Kamil\Desktop\FRST-OlderVersion => is moved successfully

==== End of Fixlog 05:28:02 ====

#20 Příspěvek od **Conder** » 23 led 2020 23:02

Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
```
Start
Zip: C:\FRST\Quarantine
End
```
Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Pockaj na dokoncenie
Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj

Na ploche by sa mal vytvorit ZIP archiv s aktualnym datumom a casom v nazve, posli ho ako priohu k dalsiemu prispevku alebo nahraj ho napr. na leteckaposta.cz (alebo na ine ulozisko) a posli odkaz na stiahnutie.

kamistr · #21 Příspěvek od **kamistr** » 24 led 2020 09:16

Fix result of Farbar Recovery Scan Tool (x86) Version: 22-01-2020 01
Ran by Kamil (24-01-2020 09:18:46) Run:3
Running from C:\Users\Kamil\Desktop
Loaded Profiles: Kamil (Available Profiles: Kamil)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
Zip: C:\FRST\Quarantine
End
*****************

================== Zip: ===================
C:\FRST\Quarantine -> copied successfully to C:\Users\Kamil\Desktop\24.01.2020_09.18.46.zip
=========== Zip: End ===========

==== End of Fixlog 09:19:01 ====

kamistr · #22 Příspěvek od **kamistr** » 24 led 2020 10:05

http://leteckaposta.cz/643095932

#23 Příspěvek od **Conder** » 24 led 2020 15:59

OK. Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

kamistr · #24 Příspěvek od **kamistr** » 24 led 2020 18:56

Zdravim,

zatial ziadny utok... PC vyzera byt v poriadku ! Dakujem za radu !!!

#25 Příspěvek od **Conder** » 25 led 2020 14:18

Ak si este neurobil, odporucam zmenit hesla k internetovym uctom, na ktore sa prihlasovalo z tohto PC.

A este upraceme po pouzitych nastrojoch:

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

VIRY.CZ

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu