Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Poprosím o preventívku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Poprosím o preventívku

#1 Příspěvek od PureHate44 »

PC sa zdá Ok....Ale človek nikdy nevie :-/

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
Ran by PC1 (administrator) on DESKTOP-NORVJE6 (MSI MS-7A39) (31-01-2020 13:14:46)
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1 (Available Profiles: PC1)
Platform: Windows 10 Home Version 1909 18363.592 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\PC1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\APP_Dragon_Center_Keeper.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\StorageMonitor\StorageMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Dragon Center\CC_Engine_x64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) E:\Program Files\txgameassistant\appmarket_10630734\AppMarket.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) E:\Program Files\txgameassistant\appmarket_10630734\QMEmulatorService.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) E:\Program Files\txgameassistant\appmarket_10630734\TBSWebRenderer.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) E:\Program Files\txgameassistant\appmarket_10630734\TBSWebRenderer.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) E:\Program Files\txgameassistant\appmarket_10630734\TBSWebRenderer.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [GoogleChromeAutoLaunch_19ACBD9F62975BB0B01B7468665DF1C7] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-09-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {283cab94-2c81-11ea-925c-309c239b7301} - "F:\setup_the_witcher_3_wild_hunt_goty_1.31_(a)_(9709).exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1909BAF4-B7ED-4E87-8CB8-6B32F5AF28C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-12-30] (Google Inc -> Google Inc.)
Task: {2D0256BD-0ECF-4F06-A242-F29E52BCE5B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-12-30] (Google Inc -> Google Inc.)
Task: {3A665250-C0C8-4587-A48C-9EB19F190A59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FB7D443-1B87-4E18-8E44-12A665F983C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {85135916-DA78-4EF2-B8D5-F7DCDA4579D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B68A6D00-81F4-46CF-822C-6B0E0283C27F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{a50c53b0-d4f4-49ee-b467-78734889d75b}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: 29i8chys.default
FF ProfilePath: C:\Users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\29i8chys.default [2019-12-30]
FF ProfilePath: C:\Users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\ocl9vi7m.default-release [2019-12-30]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-30] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-30] (Google LLC -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2020-01-31]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Prezentácie) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-31]
CHR Extension: (Magio GO) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2020-01-01]
CHR Extension: (Dokumenty) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-31]
CHR Extension: (Disk Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-31]
CHR Extension: (YouTube) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-31]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-01-01]
CHR Extension: (Aliexpress SuperStar - price history & currency) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2020-01-01]
CHR Extension: (Tabuľky) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-31]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-12-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-31]
CHR Extension: (GearBest Star, Price history, coupons ) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\obahoaepjklfhghnafdcganehbokgffh [2020-01-01]
CHR Extension: (Gmail) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-31]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe [508000 2019-09-18] (Advanced Micro Devices, Inc. -> AMD)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3648104 2018-09-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DragonCenter_Service; C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe [142512 2019-04-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 QMEmulatorService; E:\Program Files\TxGameAssistant\AppMarket_10630734\QMEmulatorService.exe [166384 2019-12-31] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\NisSrv.exe [3284840 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MsMpEng.exe [103168 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files (x86)\Wise Care 365\BootTime.exe [658600 2018-12-06] (Lespeed Technology Ltd. -> WiseCleaner.com)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmdag.sys [55249504 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atikmpag.sys [595040 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [102832 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R1 amdpsp; C:\Windows\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R2 aow_drv; E:\Program Files\TxGameAssistant\UI\3.21.296.100\aow_drv_x64_ev.sys [863824 2019-12-26] (Tencent Technology (Shenzhen) Company Limited -> Tencent)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111112 2017-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2020-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2020-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
R1 EneIo; C:\Windows\system32\drivers\ene.sys [16320 2018-03-20] (Ptolemy Tech Co., Ltd -> )
R3 ipadtst; C:\ProgramData\MSI\Super_Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider)
R3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\Dragon Center\Lib\Super_Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1154336 2019-06-19] (Realtek Semiconductor Corp. -> Realtek )
R3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [442128 2020-01-11] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [555064 2020-01-31] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [376032 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2020-01-02] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-31 13:14 - 2020-01-31 13:15 - 000019167 _____ C:\Users\PC1\Downloads\FRST.txt
2020-01-31 13:14 - 2020-01-31 13:14 - 002581504 _____ (Farbar) C:\Users\PC1\Downloads\FRST64.exe
2020-01-31 13:14 - 2020-01-31 13:14 - 000000000 ____D C:\FRST
2020-01-29 20:41 - 2020-01-29 20:41 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 025900032 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 022627840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 019849216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 018020352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 009928208 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 008012800 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 007754752 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 007600448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 007016448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 006520480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 005913600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-01-16 23:18 - 2020-01-16 23:18 - 003703296 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 002870784 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 002801152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-01-16 23:18 - 2020-01-16 23:18 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-01-16 23:18 - 2020-01-16 23:18 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 002494464 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 002473976 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001985928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001697280 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001655880 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001610752 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001399096 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 001330952 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001106944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001072952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 001051664 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 001020032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000896512 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000852480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000851456 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000689664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000678712 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000671232 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 000646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-01-16 23:18 - 2020-01-16 23:18 - 000542496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000432256 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-01-16 23:18 - 2020-01-16 23:18 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000363840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-01-16 23:18 - 2020-01-16 23:18 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000162696 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000127520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000102400 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-01-16 23:18 - 2020-01-16 23:18 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-01-16 23:18 - 2020-01-16 23:18 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 23:14 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-01-16 23:14 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-01-12 19:13 - 2020-01-12 19:13 - 000011269 _____ C:\Users\PC1\Downloads\[CzT]CzechCasting_Uliana_2526_12_1_2020_CZ_2160pLQ_.torrent
2020-01-12 10:47 - 2020-01-12 10:47 - 000000797 _____ C:\Users\PC1\Downloads\[CzT]Need_for_speed_Heat_Crackfix_2019_.torrent
2020-01-12 10:46 - 2020-01-12 10:46 - 000032768 _____ C:\Users\Public\Documents\crash_dump.bin
2020-01-12 10:46 - 2020-01-12 10:46 - 000032768 _____ C:\ProgramData\Documents\crash_dump.bin
2020-01-11 11:57 - 2020-01-11 11:57 - 000000000 ____D C:\Users\PC1\AppData\Roaming\AndroidTbox
2020-01-11 11:56 - 2020-01-31 12:40 - 000555064 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2020-01-11 11:56 - 2020-01-11 11:56 - 000442128 _____ (TENCENT) C:\Windows\system32\Drivers\tesrsdt.sys
2020-01-11 11:52 - 2020-01-11 11:52 - 009422320 _____ (Tencent) C:\Users\PC1\Downloads\oversea_marketv3_900202227.exe
2020-01-10 15:31 - 2020-01-10 15:31 - 000558095 _____ C:\Users\PC1\Downloads\Need.for.Speed.Heat.v1.0-v20191212.Plus.7.Trainer-FLiNG.rar
2020-01-10 15:31 - 2020-01-10 15:31 - 000000000 ____D C:\Users\PC1\AppData\Local\FLiNGTrainer
2020-01-08 09:46 - 2020-01-08 09:46 - 000000219 _____ C:\Users\PC1\Desktop\Counter-Strike Global Offensive.url
2020-01-08 09:46 - 2020-01-08 09:46 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-01-08 09:44 - 2020-01-08 09:44 - 000000000 ____D C:\Users\PC1\AppData\Local\Steam
2020-01-08 09:43 - 2020-01-30 10:12 - 000000000 ____D C:\Program Files (x86)\Steam
2020-01-08 09:43 - 2020-01-08 09:43 - 001573568 _____ C:\Users\PC1\Downloads\SteamSetup.exe
2020-01-08 09:43 - 2020-01-08 09:43 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2020-01-08 09:43 - 2020-01-08 09:43 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk
2020-01-08 09:43 - 2020-01-08 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-01-05 14:48 - 2020-01-11 11:52 - 000001038 _____ C:\Users\PC1\Desktop\GameLoop.lnk
2020-01-05 14:48 - 2020-01-05 14:48 - 000000000 ____D C:\Users\PC1\AppData\Local\Tencent
2020-01-05 14:48 - 2020-01-05 14:48 - 000000000 ____D C:\ProgramData\Tencent
2020-01-05 14:48 - 2020-01-05 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2020-01-05 14:47 - 2020-01-17 09:45 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Tencent
2020-01-05 14:47 - 2020-01-05 14:47 - 009566192 _____ (Tencent) C:\Users\PC1\Downloads\gamedownload_i18n_900205241_NormalPackage_2597 (1).exe
2020-01-05 14:43 - 2020-01-05 14:43 - 009566192 _____ (Tencent) C:\Users\PC1\Downloads\gamedownload_i18n_900205241_NormalPackage_2597.exe
2020-01-05 11:36 - 2020-01-17 20:00 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-05 10:54 - 2020-01-05 10:54 - 000000000 ____D C:\Users\PC1\AppData\Local\CEF
2020-01-05 10:51 - 2020-01-05 10:51 - 000961928 _____ (BlueStack Systems Inc.) C:\Users\PC1\Downloads\BlueStacksInstaller_4.150.11.1001_native_3bf7061f0931595ce5a4e9b1af023fdc_UmlzZSBvZiBLaW5nZG9tczogTG9zdCBDcnVzYWRl.exe
2020-01-04 18:26 - 2020-01-04 18:27 - 000000803 _____ C:\Users\PC1\Downloads\nox_setup_v6.3.0.0_full_intl.exe
2020-01-04 18:25 - 2020-01-19 17:35 - 000049064 _____ C:\Windows\system32\perfh01B.dat
2020-01-04 18:25 - 2020-01-19 17:35 - 000012206 _____ C:\Windows\system32\perfc01B.dat
2020-01-04 18:25 - 2020-01-04 18:25 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-01-04 18:25 - 2020-01-04 18:25 - 000000000 ____D C:\Program Files\MSBuild
2020-01-04 18:25 - 2020-01-04 18:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-01-04 18:24 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2020-01-04 18:24 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2020-01-04 18:24 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2020-01-04 18:24 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2020-01-04 18:24 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-01-04 18:24 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2020-01-04 18:23 - 2020-01-04 18:23 - 000113888 _____ (cometo digital) C:\Users\PC1\Downloads\nox_setup_v6.28.exe
2020-01-04 18:22 - 2020-01-04 18:22 - 003078984 _____ (Sun ) C:\Users\PC1\Downloads\nox_setup_v6.28_3984988944.exe
2020-01-04 18:22 - 2020-01-04 18:22 - 003078984 _____ (Sun ) C:\Users\PC1\Downloads\nox_setup_v6.28_2507383765.exe
2020-01-04 12:37 - 2020-01-04 12:37 - 000006276 _____ C:\Users\PC1\Downloads\PL_IPTV_m3u_PlayList1_2212019.m3u
2020-01-04 12:36 - 2020-01-04 12:38 - 000000000 ____D C:\Users\PC1\AppData\Roaming\vlc
2020-01-04 12:35 - 2020-01-04 12:35 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-04 12:35 - 2020-01-04 12:35 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-04 12:35 - 2020-01-04 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-01-04 12:35 - 2020-01-04 12:35 - 000000000 ____D C:\Program Files\VideoLAN
2020-01-04 12:34 - 2020-01-04 12:35 - 042030736 _____ C:\Users\PC1\Downloads\vlc-3.0.8-win64.exe
2020-01-04 12:34 - 2020-01-04 12:34 - 000030457 _____ C:\Users\PC1\Downloads\Czech_IPTV_VOD_PlayList_M3U_01_01_2020.m3u
2020-01-04 12:31 - 2020-01-04 12:31 - 000016810 _____ C:\Users\PC1\Downloads\[CzT]WinRAR_v_5_80_Final_Official_x86_x64_CZ_SK_.torrent
2020-01-03 19:14 - 2020-01-03 19:23 - 2242709138 _____ (n/a) C:\Users\PC1\Downloads\The Witcher 3 HD Reworked Project (Part 2)-1021-10-0-bugfixed-1564663051.exe
2020-01-03 19:14 - 2020-01-03 19:18 - 669089624 _____ ( ) C:\Users\PC1\Downloads\patch_the_witcher_3_wild_hunt_-_game_of_the_year_edition_1.31_(A)_to_1.32.exe
2020-01-03 19:14 - 2020-01-03 19:17 - 521046254 _____ (n/a) C:\Users\PC1\Downloads\The Witcher 3 HD Reworked Project (Part 3)-1021-10-0-bugfixed-1564658606.exe
2020-01-03 19:13 - 2020-01-03 19:23 - 2455616598 _____ (n/a) C:\Users\PC1\Downloads\The Witcher 3 HD Reworked Project (Part 1)-1021-10-0-bugfixed-1564729274.exe
2020-01-03 18:10 - 2020-01-03 18:10 - 000012144 _____ C:\Users\PC1\Downloads\[CzT]DAEMON_Tools_Lite_v_10_9_0_0616_CZ_EN_ (1).torrent
2020-01-03 18:09 - 2020-01-03 18:09 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2020-01-03 18:09 - 2020-01-03 18:09 - 000000000 ____D C:\Users\PC1\AppData\Local\Disc_Soft_Ltd
2020-01-03 18:09 - 2020-01-03 18:09 - 000000000 ____D C:\ProgramData\Documents\Daemon Tools Images
2020-01-03 18:08 - 2020-01-03 18:09 - 000000000 ____D C:\Users\PC1\AppData\Roaming\DAEMON Tools Lite
2020-01-03 18:08 - 2020-01-03 18:08 - 000047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2020-01-03 18:08 - 2020-01-03 18:08 - 000030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2020-01-03 18:08 - 2020-01-03 18:08 - 000001814 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2020-01-03 18:08 - 2020-01-03 18:08 - 000001814 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2020-01-03 18:08 - 2020-01-03 18:08 - 000000000 ____D C:\Users\Public\Documents\Catch!
2020-01-03 18:08 - 2020-01-03 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2020-01-03 18:08 - 2020-01-03 18:08 - 000000000 ____D C:\ProgramData\Documents\Catch!
2020-01-03 18:08 - 2020-01-03 18:08 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2020-01-03 18:07 - 2020-01-03 18:08 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2020-01-03 18:06 - 2020-01-03 18:06 - 000012144 _____ C:\Users\PC1\Downloads\[CzT]DAEMON_Tools_Lite_v_10_9_0_0616_CZ_EN_.torrent
2020-01-03 16:18 - 2020-01-03 18:04 - 4221239296 _____ C:\Users\PC1\Downloads\Zaklínač III - Divoký hon - Edice Hra roku.iso
2020-01-03 15:16 - 2020-01-03 15:16 - 000170666 _____ C:\Users\PC1\Downloads\[CzT]Zaklinac_3_Divoky_hon_The_Witcher_3_Wild_Hunt_Game_of_the_Year_Edition_2016_CZ_.torrent
2020-01-03 14:15 - 2020-01-03 14:15 - 000173865 _____ C:\Users\PC1\Downloads\[SkT]Zaklinac_3__Divoky_hon___The_Witcher_3__Wild_Hunt_ _DLC_(2016)(CZ).torrent
2020-01-02 10:31 - 2020-01-02 10:31 - 000033864 _____ (wisecleaner.com) C:\Windows\WiseHDInfo64.dll
2020-01-02 10:29 - 2020-01-04 18:28 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Uninstaller
2020-01-02 10:29 - 2020-01-02 14:19 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Care 365
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise_Reminder
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Reminder
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Program Uninstaller
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Memory Optimizer
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise JetSearch
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Game Booster
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Force Deleter
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Duplicate Finder
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Data Recovery
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Auto Shutdown
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2020-01-02 10:29 - 2020-01-02 10:29 - 000000000 ____D C:\Program Files (x86)\Wise Care 365
2020-01-02 10:27 - 2020-01-02 10:27 - 000014242 _____ C:\Users\PC1\Downloads\[CzT]Wise_Care_Pro_365_v_5_4_6_542_CZ_.torrent
2020-01-01 16:42 - 2020-01-01 16:44 - 000000000 ____D C:\Users\PC1\Documents\Need for Speed Heat
2020-01-01 16:41 - 2020-01-01 16:41 - 000000000 ____D C:\Users\PC1\AppData\Local\Origin
2020-01-01 14:47 - 2020-01-01 14:47 - 000000523 _____ C:\Users\Public\Desktop\Play Need for Speed Heat.lnk
2020-01-01 14:47 - 2020-01-01 14:47 - 000000523 _____ C:\ProgramData\Desktop\Play Need for Speed Heat.lnk
2020-01-01 14:46 - 2020-01-01 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed Heat
2020-01-01 12:02 - 2020-01-01 12:02 - 000754133 _____ C:\Users\PC1\Downloads\Kingdom.Come_.Deliverance.v1.2-v1.9.2.Plus_.16.Trainer-FLiNG.rar
2020-01-01 12:02 - 2020-01-01 12:02 - 000000000 ____D C:\Users\PC1\Documents\FLiNGTrainer
2020-01-01 12:02 - 2020-01-01 12:02 - 000000000 ____D C:\Users\PC1\AppData\Roaming\WinRAR
2020-01-01 12:02 - 2019-07-18 16:14 - 001623040 _____ (3DMGAME) C:\Users\PC1\Desktop\Kingdom Come Deliverance v1.2-v1.9.2 Plus 16 Trainer.exe
2020-01-01 11:56 - 2020-01-01 11:56 - 000000000 ____D C:\Users\PC1\AppData\Local\NVIDIA Corporation
2020-01-01 11:37 - 2020-01-01 11:37 - 000055948 _____ C:\Users\PC1\Downloads\[SkT]Need_for_Speed__Heat_-_Deluxe_Edition_(2019)[DODI_Repack].torrent
2020-01-01 11:34 - 2020-01-01 11:34 - 000000683 _____ C:\Users\PC1\Desktop\Total Commander 64 bit.lnk
2020-01-01 11:34 - 2020-01-01 11:34 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2020-01-01 11:34 - 2020-01-01 11:34 - 000000000 ____D C:\Users\PC1\AppData\Roaming\GHISLER
2020-01-01 11:34 - 2020-01-01 11:34 - 000000000 ____D C:\Users\PC1\AppData\Local\GHISLER
2020-01-01 11:34 - 2020-01-01 11:34 - 000000000 ____D C:\totalcmd
2020-01-01 11:33 - 2020-01-31 13:04 - 000000000 ____D C:\Users\PC1\AppData\Roaming\qBittorrent
2020-01-01 11:33 - 2020-01-01 11:33 - 000003440 _____ C:\Users\PC1\Downloads\[CzT]Total_Commander_v_9_22a_Final_x86_x64_CZ_SK_EN_.torrent
2020-01-01 11:33 - 2020-01-01 11:33 - 000000000 ____D C:\Users\PC1\Downloads\Total Commander v9.22a Final
2020-01-01 11:33 - 2020-01-01 11:33 - 000000000 ____D C:\Users\PC1\AppData\Local\qBittorrent
2020-01-01 11:32 - 2020-01-01 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-01-01 11:32 - 2020-01-01 11:32 - 000000000 ____D C:\Program Files\qBittorrent
2020-01-01 11:30 - 2020-01-01 11:30 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Google
2020-01-01 11:27 - 2020-01-01 11:28 - 025763945 _____ (The qBittorrent project) C:\Users\PC1\Downloads\qbittorrent_4.2.1_x64_setup.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-31 13:04 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-31 12:22 - 2019-12-30 13:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-01-31 09:15 - 2019-12-30 14:03 - 000000000 ____D C:\Users\PC1\AppData\Local\D3DSCache
2020-01-31 02:13 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2020-01-30 20:19 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-28 15:52 - 2019-12-30 13:46 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-01-23 11:16 - 2019-12-30 14:02 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 11:16 - 2019-12-30 14:02 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-23 11:16 - 2019-12-30 14:02 - 000002272 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-19 17:35 - 2019-12-30 13:55 - 000885446 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-19 17:35 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-01-19 12:39 - 2019-12-30 13:50 - 000000000 ____D C:\Users\PC1
2020-01-19 11:01 - 2019-12-30 13:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-17 11:58 - 2019-12-30 14:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-01-17 11:58 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-01-17 11:57 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\UNP
2020-01-17 11:57 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2020-01-17 11:57 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-01-17 11:57 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2020-01-16 23:21 - 2019-12-30 14:00 - 000000000 ____D C:\Windows\system32\MRT
2020-01-16 23:20 - 2019-12-30 14:00 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-16 23:20 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2020-01-12 19:16 - 2019-12-30 13:50 - 000000000 ____D C:\Users\PC1\AppData\Local\VirtualStore
2020-01-11 18:00 - 2019-12-30 13:51 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3805889190-2908880830-1705731779-1001
2020-01-11 18:00 - 2019-12-30 13:51 - 000000000 ___RD C:\Users\PC1\OneDrive
2020-01-11 18:00 - 2019-12-30 13:50 - 000002349 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-09 09:44 - 2019-12-30 14:02 - 000000000 ____D C:\Users\PC1\AppData\Local\Google
2020-01-02 14:55 - 2019-12-30 14:09 - 000000000 ____D C:\ProgramData\Packages
2020-01-02 10:30 - 2019-12-30 13:45 - 000000000 ____D C:\Windows\Panther
2020-01-02 10:30 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\Downloaded Program Files
2020-01-02 04:59 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2020-01-01 23:47 - 2019-12-30 13:50 - 000000000 ____D C:\Users\PC1\AppData\Local\Packages
2020-01-01 14:17 - 2019-12-30 13:52 - 000000000 ____D C:\Users\PC1\AppData\Local\PlaceholderTileLogoFolder

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím o preventívku

#2 Příspěvek od PureHate44 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
Ran by PC1 (31-01-2020 13:15:33)
Running from C:\Users\PC1\Downloads
Windows 10 Home Version 1909 18363.592 (X64) (2019-12-30 12:49:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3805889190-2908880830-1705731779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3805889190-2908880830-1705731779-503 - Limited - Disabled)
Guest (S-1-5-21-3805889190-2908880830-1705731779-501 - Limited - Disabled)
PC1 (S-1-5-21-3805889190-2908880830-1705731779-1001 - Administrator - Enabled) => C:\Users\PC1
WDAGUtilityAccount (S-1-5-21-3805889190-2908880830-1705731779-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.0.0.1110 - Advanced Micro Devices, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0616 - Disc Soft Ltd)
Dragon Center (HKLM-x32\...\{B252FABF-9582-4824-B02B-6D2DC93685C7}}_is1) (Version: 1.0.0.50 - MSI)
ENE IO Driver (HKLM-x32\...\{D0512FF6-6194-4D2E-967E-25B82A3322FF}) (Version: 1.0.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{2914DF72-932B-4DF2-9696-C2821EDA1CA9}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{546469ee-3f9d-4fe4-bf1c-893f79cf7327}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE_EHD_HAL (HKLM\...\{F56EC5A0-3A93-492E-882A-E036F5897CC7}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_HAL (HKLM-x32\...\{cc33eebd-777b-4177-8cd7-6ab9fd06ceed}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.48.5310 - GOM & Company)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 sk) (HKLM\...\Mozilla Firefox 71.0 (x64 sk)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
Need for Speed Heat (HKLM-x32\...\Need for Speed Heat_is1) (Version: 0.0.0 - DODI-Repacks)
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.71 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wise Care 365 5.4.6.542 (HKLM-x32\...\Wise Care 365_is1) (Version: 5.4.6.542 - lrepacks.ru)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0 [2020-01-21] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-01-17 22:01 - 2020-01-17 22:01 - 003155968 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DotNetCommon\ee12d6bb2bd4ea65ba3842585acf8ccc\DotNetCommon.ni.dll
2020-01-17 22:01 - 2020-01-17 22:01 - 004811776 _____ (Disc Soft Ltd) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\21931a53b6c166ad19ff4a2debb18a1f\DiscSoft.NET.Common.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B1635F01-399D-4AB0-8B13-D3F0791AA788}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{47D84D1F-2480-46B8-B9B7-95DFD83E7A3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B3C19F5D-CD51-402D-996C-E94EE931BC7A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{D17C4CAB-1CBA-476C-85E5-5A48851BEDE2}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{F5775ED7-8A4A-4BC9-B48A-A93391DC94AA}E:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) E:\games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{A24E0915-6D48-4F7F-8ED4-2329B463D488}E:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) E:\games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{C2BC3706-91F3-4F33-B762-942E6577B99F}E:\games\need for speed heat\needforspeedheat.exe] => (Block) E:\games\need for speed heat\needforspeedheat.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{37A2F572-259C-4169-A54C-3A74878B14C7}E:\games\need for speed heat\needforspeedheat.exe] => (Block) E:\games\need for speed heat\needforspeedheat.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{ABABC88A-2F35-4F10-95B2-375001177780}E:\games\kingdom come deliverance\bin\win64shared\kingdomcome.exe] => (Block) E:\games\kingdom come deliverance\bin\win64shared\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{778BE33C-DF60-4A9F-87E4-5E4410B39237}E:\games\kingdom come deliverance\bin\win64shared\kingdomcome.exe] => (Block) E:\games\kingdom come deliverance\bin\win64shared\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{AD89387D-338D-4180-9D79-00CDDF75F432}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C6E5F5C4-5BA8-4A9D-AC10-338132943454}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{90FC3B3E-0144-4612-BBA5-0C0B89710B85}] => (Allow) e:\program files\txgameassistant\appmarket_10630734\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{E4556690-F1B2-4C6B-997C-E0869D348D4C}] => (Allow) e:\program files\txgameassistant\appmarket_10630734\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{7E704D3A-5C18-4F6B-95DB-E72DD39EB455}] => (Allow) e:\program files\txgameassistant\appmarket_10630734\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{3E325EE7-96E6-4228-BB9B-268C43216641}] => (Allow) e:\program files\txgameassistant\appmarket_10630734\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B40519B9-8633-45E1-BBE7-8BF04FD84FC7}] => (Allow) e:\program files\txgameassistant\appmarket_10630734\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{6A524002-A9F8-4099-9930-BBB5372F4D02}] => (Allow) e:\program files\txgameassistant\appmarket_10630734\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F7A2F50E-95B4-41DA-9CAD-2BC103F7F346}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{2B9E4AA7-00A2-4751-9634-18ADD4BEA113}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{60799F98-0BA9-4999-BD2D-CD3EBA36B04A}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1AC56C64-A351-4ADA-B9B6-647B1C73DCFA}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1A722C80-7696-4158-83B0-76C7762403C0}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{6D266B30-4007-4CCF-96EE-BC4F3A2C72C9}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{8352484C-07BC-4EB6-A9F9-79F20C7315F6}] => (Allow) e:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{56405AEF-37E2-455B-9989-18F0FBB5FB9D}] => (Allow) e:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{7C270A04-F615-405A-B92D-AF01C6CF27CE}] => (Allow) e:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{815665D4-BA92-447B-BC39-CF7CBFADB71D}] => (Allow) e:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{D8905A0D-1D45-42A4-A5CE-683DFBE1780F}] => (Allow) e:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BBDDF042-F102-4390-BC3C-CBD422ABF084}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F9FF5EE5-6D67-4C59-8A19-99FC2C94914E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DE0099DD-FC22-49AF-A1EF-F42DFDC2FDA6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{60D2B0DE-C6FB-4D3A-8389-2F44D27455D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1AEF008A-7B41-4431-AFE8-D82916538CA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3D8018CC-AE93-4E53-8BD5-5648701D8AEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8F5AC7BD-5989-4998-A29A-644B49F5539D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C4926A3-7354-4580-A64A-6D5887899D65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FEECB9A6-F665-4B6C-8552-6D47DC986BD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C51AF7AA-F519-412D-AF7F-AC02938E46D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{038CD077-2912-4753-ABC6-3DD616A64E7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6984080-4D63-4AFC-9EF6-D3D74990217D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B600C9C9-B4C3-467C-870E-F187295DEAC7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF2C5DA8-9EBC-492C-8379-920ABA218B32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.124.91.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4CC904A3-343F-47B8-9EEB-4801FCF83C54}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BCE8A597-3C4F-43DF-8A39-86136B5804F8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5708FB3E-6636-41FF-BFA3-905AB6D47F3F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

==================== Restore Points =========================

13-01-2020 02:32:33 Scheduled Checkpoint
16-01-2020 23:14:49 Windows Update
26-01-2020 19:03:25 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/18/2020 10:19:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AppMarket.exe version 3.11.159.100 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2448

Start Time: 01d5cd687a1c7eca

Termination Time: 4294967295

Application Path: E:\Program Files\txgameassistant\appmarket_10630734\AppMarket.exe

Report Id: 01c908c5-9af9-49b1-b224-fe19b2eef8ef

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (01/17/2020 11:49:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AppMarket.exe version 3.11.159.100 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 5040

Start Time: 01d5cca1b5e1990f

Termination Time: 4294967295

Application Path: E:\Program Files\txgameassistant\appmarket_10630734\AppMarket.exe

Report Id: f267fa6c-a5cc-4c47-a417-c4c6278216fd

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (01/16/2020 11:21:43 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 25144 and the required size was 27888.

Error: (01/10/2020 03:25:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: KingdomCome.exe, verzia: 1.9.3.0, časová značka: 0x5d9b6386
Názov chybujúceho modulu: WHGame.DLL, verzia: 0.0.0.0, časová značka: 0x5da8c89e
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000006c7164
Identifikácia chybujúceho procesu: 0x2510
Čas spustenia chybujúcej aplikácie: 0x01d5c7bcab2f59b8
Cesta chybujúcej aplikácie: E:\Games\Kingdom Come Deliverance\bin\Win64Shared\KingdomCome.exe
Cesta chybujúceho modulu: E:\Games\Kingdom Come Deliverance\bin\Win64Shared\WHGame.DLL
Identifikácia hlásenia: f707aef4-7602-4428-b8f4-4ddff966b82f
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/08/2020 09:43:20 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (01/02/2020 04:05:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: KingdomCome.exe, verzia: 1.9.3.0, časová značka: 0x5d9b6386
Názov chybujúceho modulu: WHGame.DLL, verzia: 0.0.0.0, časová značka: 0x5da8c89e
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000500a2e
Identifikácia chybujúceho procesu: 0x2570
Čas spustenia chybujúcej aplikácie: 0x01d5c17453f3e369
Cesta chybujúcej aplikácie: E:\Games\Kingdom Come Deliverance\bin\Win64Shared\KingdomCome.exe
Cesta chybujúceho modulu: E:\Games\Kingdom Come Deliverance\bin\Win64Shared\WHGame.DLL
Identifikácia hlásenia: 637201be-ba97-4918-aec1-5f1690f8f680
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/30/2019 02:13:53 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 4124, ProfSvc PID: 1976.

Error: (12/30/2019 02:01:31 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 24040 and the required size was 25128.


System errors:
=============
Error: (01/28/2020 11:20:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia analytických nástrojov zabezpečenia pre Windows Defender Antivirus - KB2267602 (verzia 1.307.3177.0).

Error: (01/28/2020 04:01:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia analytických nástrojov zabezpečenia pre Windows Defender Antivirus - KB2267602 (verzia 1.307.3177.0).

Error: (01/28/2020 04:01:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia analytických nástrojov zabezpečenia pre Windows Defender Antivirus - KB2267602 (verzia 1.307.3177.0).

Error: (01/28/2020 04:01:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia analytických nástrojov zabezpečenia pre Windows Defender Antivirus - KB2267602 (verzia 1.307.3177.0).

Error: (01/28/2020 04:01:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia analytických nástrojov zabezpečenia pre Windows Defender Antivirus - KB2267602 (verzia 1.307.3177.0).

Error: (01/28/2020 04:01:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia analytických nástrojov zabezpečenia pre Windows Defender Antivirus - KB2267602 (verzia 1.307.3177.0).

Error: (01/28/2020 04:01:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia analytických nástrojov zabezpečenia pre Windows Defender Antivirus - KB2267602 (verzia 1.307.3177.0).

Error: (01/28/2020 04:01:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia analytických nástrojov zabezpečenia pre Windows Defender Antivirus - KB2267602 (verzia 1.307.3177.0).


Windows Defender:
===================================
Date: 2020-01-19 12:23:52.228
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B53034CD-5C78-462D-9627-65D4193B06F9}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-19 11:43:37.542
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F27F0154-55F3-4DEF-8BB1-129FB171ABCD}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-06 09:40:26.816
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {747051D6-5B7C-40A0-8FBF-3291FE0440AE}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-05 22:13:33.987
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8263FF06-C6B1-4367-A0B2-14D432D5EDFD}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-03 09:28:27.722
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {44C7298A-D821-4E7E-AB46-8DA57844FC5D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2.L0 01/22/2019
Motherboard: MSI B350M GAMING PRO (MS-7A39)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 16335.14 MB
Available physical RAM: 9736.51 MB
Total Virtual: 18767.14 MB
Available Virtual: 9099.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.58 GB) (Free:110.32 GB) NTFS
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:446.15 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Nové) (CDROM) (Total:43.93 GB) (Free:0 GB) UDF


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D0D77719)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 33D4E0CA)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Poprosím o preventívku

#3 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
FirewallRules: [{C6E5F5C4-5BA8-4A9D-AC10-338132943454}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{DE0099DD-FC22-49AF-A1EF-F42DFDC2FDA6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{60D2B0DE-C6FB-4D3A-8389-2F44D27455D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
Task: {1909BAF4-B7ED-4E87-8CB8-6B32F5AF28C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-12-30] (Google Inc -> Google Inc.)
Task: {2D0256BD-0ECF-4F06-A242-F29E52BCE5B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-12-30] (Google Inc -> Google Inc.)

EmptyTemp:
End
Uložte do C:\Users\PC1\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím o preventívku

#4 Příspěvek od PureHate44 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by PC1 (03-02-2020 12:20:30) Run:1
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1 (Available Profiles: PC1)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
FirewallRules: [{C6E5F5C4-5BA8-4A9D-AC10-338132943454}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{DE0099DD-FC22-49AF-A1EF-F42DFDC2FDA6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{60D2B0DE-C6FB-4D3A-8389-2F44D27455D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
Task: {1909BAF4-B7ED-4E87-8CB8-6B32F5AF28C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-12-30] (Google Inc -> Google Inc.)
Task: {2D0256BD-0ECF-4F06-A242-F29E52BCE5B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-12-30] (Google Inc -> Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Windows\System32 => ":tdsrset.gfc" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C6E5F5C4-5BA8-4A9D-AC10-338132943454}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE0099DD-FC22-49AF-A1EF-F42DFDC2FDA6}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60D2B0DE-C6FB-4D3A-8389-2F44D27455D5}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1909BAF4-B7ED-4E87-8CB8-6B32F5AF28C6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1909BAF4-B7ED-4E87-8CB8-6B32F5AF28C6}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D0256BD-0ECF-4F06-A242-F29E52BCE5B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D0256BD-0ECF-4F06-A242-F29E52BCE5B7}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7451373 B
Java, Flash, Steam htmlcache => 111434039 B
Windows/system/drivers => 419322 B
Edge => 29184 B
Chrome => 394306979 B
Firefox => 821341 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 2708 B
PC1 => 4586455 B

RecycleBin => 0 B
EmptyTemp: => 502.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:20:49 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Poprosím o preventívku

#5 Příspěvek od Rudy »

Smazáno, log by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím o preventívku

#6 Příspěvek od PureHate44 »

... Ďakujem :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Poprosím o preventívku

#7 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“