Právě je 13 říj 2019 22:50

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 14 ] 
Autor Zpráva
 Předmět příspěvku: Počítač nechce usnout
PříspěvekNapsal: 19 kvě 2019 11:02 
Offline
Návštěvník
Návštěvník

Registrován: 22 bře 2006 16:05
Příspěvky: 36
Hezký den,
prosím o kontrolu, jestli je vše OK a příp. radu, co může způsobovat, že počítač nechce usnout, vždy se po pokusu o usnutí opět hned nastartuje.
Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by Naruby (administrator) on DESKTOP-USMK7MO (Gigabyte Technology Co., Ltd. Z370 HD3P) (19-05-2019 11:52:56)
Running from C:\Users\Naruby\Desktop
Loaded Profiles: Naruby (Available Profiles: Naruby)
Platform: Windows 10 Home Version 1803 17134.765 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1903.21.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CÍGLER SOFTWARE, a.s. -> Solitea Česká republika, a.s.) C:\Program Files (x86)\Solitea\Money S3\MS3Auto.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\SwReporter\41.203.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\SwReporter\41.203.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\SwReporter\41.203.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\SwReporter\41.203.200\software_reporter_tool.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230816 2017-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-25] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobePSE17AutoAnalyzer] => C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\Solitea\Money S3\MS3Auto.exe [16953744 2019-03-19] (CÍGLER SOFTWARE, a.s. -> Solitea Česká republika, a.s.)
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\Run: [GoogleChromeAutoLaunch_23D47B7875A2AFA632B87F4CC0C1D800] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1723888 2019-05-14] (Google LLC -> Google Inc.)
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-15] (Google LLC -> Google Inc.)
Startup: C:\Users\Naruby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-09-23]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\Naruby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP DeskJet 5820 series.lnk [2019-05-19]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP DeskJet 5820 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP DeskJet 5820 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN75L5G1P006BN;CONNECTION=USB;MONITOR=1;
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E308E43-1B89-46DE-A23F-AE1FF2CE0E7D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655480 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27E8FCE0-BFB3-4D75-A6CD-88AE22E1FA0B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436344 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44ED17BB-BBAC-48A0-8C96-7DC2F480DF13} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B02BFE2-1F07-4D19-AD65-B676408F7962} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4103189983-1655372252-3466856821-1002 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-02-19] (Mega Limited -> Mega Limited)
Task: {669325E8-7E82-4A2D-85A8-7679A1E1456B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79A45494-27C5-44A6-B4CB-BC86C837D451} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {8001FE7C-C2E2-4F13-8DF4-F2EC2BBEFC05} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655480 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87FC824B-D4E7-4CE3-B912-D4F887D61311} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-27] (Google Inc -> Google Inc.)
Task: {8F71AE87-6882-45CC-8496-BC57E67AD8BB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {9F3F4369-6870-4D46-B075-F8B70BA144F1} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2018-04-11] () [File not signed]
Task: {A136DAC6-ED73-4FA3-AA89-AC6FBB720461} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B90E8E8F-E62C-4C9D-A930-28EFCB0317D4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {BBD3737F-B679-421A-B624-5C6439FDFBEF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960632 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C00A1548-96E0-4DAA-826A-4F9B72C22A48} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-USMK7MO-Naruby => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D775AA8C-EEB7-4078-B901-78C354C20815} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D9DA01E0-4516-4834-81F0-EA713BCD4D50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-27] (Google Inc -> Google Inc.)
Task: {E1AE0A49-AF9D-4A56-AFB1-CC000400FFFB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EA6F70C6-D341-4015-81A7-CBBD89685D41} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {EC20F66B-8F76-4FBD-BA2D-B6DFBF488722} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EC7EE4EB-AE4B-4CCD-BAEE-D33A689A1651} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-USMK7MO-Naruby => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F0790C3C-8AFF-4794-A773-9AA21BD5EE06} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F53957E7-417D-4F64-BC8F-1A498A3B6D80} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {FF04A8A4-CC2A-431D-A6AC-03E636349DBD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.9.1 213.168.176.3
Tcpip\..\Interfaces\{e72f4fe8-8f7c-4f9e-8e88-8343f87a2c9f}: [DhcpNameServer] 192.168.9.1 213.168.176.3

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4103189983-1655372252-3466856821-1002 -> {E3BA871E-7749-4E43-A9F9-E4C9367C5098} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default [2019-05-19]
CHR Extension: (Prezentace) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-06]
CHR Extension: (Rozšíření pro webové stránky - WP Screenshot) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\akgpcdalpfphjmfifkmfbpdmgdmeeaeo [2019-03-03]
CHR Extension: (Dokumenty) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-06]
CHR Extension: (Disk Google) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-06]
CHR Extension: (YouTube) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-06]
CHR Extension: (Flash Player) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2018-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-12]
CHR Extension: (Avast Passwords) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-05-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-06]
CHR Extension: (Tabulky) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-06]
CHR Extension: (Pomocník GIVT.cz) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop [2019-03-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (AdBlock) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-16]
CHR Extension: (Avast Online Security) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (feedly) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2018-09-05]
CHR Extension: (FormApps Extension) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-08-27]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2018-11-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-08-14]
CHR Extension: (Feedly Mini) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2019-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-12]
CHR HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-08-25] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-07-12] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
S3 gdrv; C:\Windows\gdrv.sys [26192 2017-12-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f936d37e592b25aa\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-19 11:52 - 2019-05-19 11:53 - 000029640 _____ C:\Users\Naruby\Desktop\FRST.txt
2019-05-19 11:52 - 2019-05-19 11:52 - 000000000 ____D C:\FRST
2019-05-19 11:50 - 2019-05-19 11:50 - 000125682 _____ C:\Users\Naruby\Documents\cc_20190519_115042.reg
2019-05-19 11:49 - 2019-05-19 11:49 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-19 11:49 - 2019-05-19 11:49 - 000002890 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-19 11:49 - 2019-05-19 11:49 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-19 11:49 - 2019-05-19 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-19 11:49 - 2019-05-19 11:49 - 000000000 ____D C:\Program Files\CCleaner
2019-05-19 11:48 - 2019-05-19 11:49 - 021315608 _____ (Piriform Software Ltd) C:\Users\Naruby\Downloads\ccsetup557.exe
2019-05-19 11:48 - 2019-05-19 11:48 - 002435072 _____ (Farbar) C:\Users\Naruby\Desktop\FRST64.exe
2019-05-19 11:42 - 2019-05-19 11:43 - 000000000 ____D C:\Users\Naruby\Desktop\plošné
2019-05-15 08:49 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-15 08:49 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-15 08:49 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-15 08:49 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-15 08:49 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-15 08:49 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-15 08:49 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-15 08:49 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-15 08:49 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-15 08:49 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-15 08:49 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-15 08:49 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-15 08:49 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-15 08:49 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-15 08:49 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-15 08:49 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-15 08:49 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-15 08:49 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-15 08:49 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-15 08:49 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-15 08:49 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-15 08:49 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-15 08:49 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-15 08:49 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-15 08:49 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-15 08:49 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-15 08:49 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-15 08:49 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-15 08:49 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-15 08:49 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-15 08:49 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-15 08:49 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-15 08:49 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-15 08:49 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-15 08:49 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-15 08:49 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-15 08:49 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-15 08:49 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-15 08:49 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-15 08:49 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-15 08:49 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-15 08:49 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-15 08:49 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-15 08:49 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-15 08:49 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-15 08:49 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-15 08:49 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-15 08:49 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-15 08:49 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-15 08:49 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-15 08:49 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-15 08:49 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-15 08:49 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-15 08:49 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-15 08:49 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-15 08:49 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-15 08:49 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-15 08:49 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-15 08:49 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-15 08:49 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-15 08:49 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-15 08:49 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-15 08:49 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-15 08:49 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-15 08:49 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-15 08:49 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-15 08:49 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-15 08:49 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 08:49 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-15 08:49 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-15 08:49 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-15 08:49 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-15 08:49 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-15 08:49 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-15 08:49 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-15 08:49 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-15 08:49 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-15 08:49 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-15 08:49 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-15 08:49 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-15 08:49 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-15 08:49 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-15 08:49 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-15 08:49 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-15 08:49 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-15 08:49 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-15 08:49 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-15 08:49 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-15 08:49 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-15 08:49 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-15 08:49 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-15 08:49 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-15 08:49 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-15 08:49 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-15 08:49 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-15 08:49 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-15 08:49 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-15 08:49 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-15 08:49 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-15 08:49 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-15 08:49 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-15 08:49 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-15 08:49 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-15 08:49 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-15 08:49 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-15 08:49 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-15 08:49 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-15 08:49 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-15 08:49 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-15 08:49 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-15 08:49 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-15 08:49 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-15 08:49 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-15 08:49 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-15 08:49 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-15 08:49 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-15 08:49 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-15 08:49 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-15 08:49 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-15 08:49 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-15 08:49 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-15 08:49 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-15 08:49 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-15 08:49 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-15 08:49 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-04-24 21:08 - 2019-04-24 21:08 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-19 11:50 - 2018-08-02 17:56 - 000000000 ____D C:\Users\Naruby\AppData\Local\CrashDumps
2019-05-19 11:50 - 2018-07-05 20:47 - 000000000 ____D C:\Users\Naruby\AppData\Roaming\XnView
2019-05-19 11:50 - 2018-06-07 19:26 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-19 11:50 - 2018-06-04 18:14 - 000000000 ____D C:\Users\Naruby\AppData\Roaming\MPC-HC
2019-05-19 11:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-19 11:50 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-19 11:49 - 2018-12-06 22:46 - 000000000 ___RD C:\Users\Naruby\Disk Google
2019-05-19 11:49 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-19 11:41 - 2018-07-19 09:32 - 000000000 ____D C:\Users\Naruby\AppData\Local\AVAST Software
2019-05-19 11:39 - 2018-06-11 18:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-19 07:54 - 2018-06-11 19:03 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-19 07:54 - 2018-04-12 17:50 - 000716072 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-19 07:54 - 2018-04-12 17:50 - 000144864 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-19 07:51 - 2018-02-15 21:07 - 000000000 ____D C:\Users\Naruby\AppData\Local\Adobe
2019-05-19 07:47 - 2018-06-11 19:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-19 07:47 - 2017-12-27 09:25 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-19 00:01 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-18 22:21 - 2018-12-29 15:58 - 000002822 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-USMK7MO-Naruby
2019-05-18 22:21 - 2018-12-29 15:58 - 000002776 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-USMK7MO-Naruby
2019-05-18 22:21 - 2018-09-23 10:21 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-05-18 22:21 - 2018-09-07 07:48 - 000003830 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-18 22:21 - 2018-09-07 07:48 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-05-18 22:21 - 2018-06-11 19:03 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-05-18 22:21 - 2018-06-11 19:03 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-18 22:21 - 2018-06-11 19:03 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-18 22:21 - 2018-06-11 19:03 - 000003120 _____ C:\WINDOWS\System32\Tasks\klcp_update
2019-05-18 22:21 - 2018-06-11 19:03 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-05-18 22:21 - 2018-06-11 19:03 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4103189983-1655372252-3466856821-1002
2019-05-18 22:21 - 2018-06-11 19:03 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4103189983-1655372252-3466856821-500
2019-05-18 22:21 - 2018-06-11 19:03 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-05-17 20:05 - 2018-06-11 19:03 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-05-17 09:32 - 2018-02-15 21:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-17 09:30 - 2018-01-13 16:33 - 000000000 ____D C:\Program Files\rempl
2019-05-17 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-16 15:29 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-15 15:07 - 2018-06-11 18:59 - 000457616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-15 12:15 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-15 12:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-15 12:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-15 12:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-15 09:02 - 2017-12-27 08:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-15 09:02 - 2017-12-27 08:58 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-15 08:50 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-15 08:48 - 2018-01-13 16:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 08:47 - 2018-01-13 16:32 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 19:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-14 19:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-12 12:42 - 2018-06-11 19:00 - 000002368 _____ C:\Users\Naruby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-12 12:42 - 2018-01-06 18:27 - 000000000 ___RD C:\Users\Naruby\OneDrive
2019-05-12 10:22 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-05-12 08:43 - 2018-05-23 19:03 - 000002131 _____ C:\Users\Public\Desktop\Money S3.lnk
2019-05-04 01:53 - 2018-04-12 01:41 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2018-04-12 01:41 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-03 07:31 - 2018-02-12 04:48 - 000000000 ____D C:\Users\Naruby\AppData\Local\Packages
2019-04-24 21:08 - 2019-04-12 20:23 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-24 21:08 - 2019-02-21 12:38 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-24 21:08 - 2019-01-17 17:30 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-24 21:08 - 2019-01-17 08:22 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-24 21:08 - 2019-01-17 08:22 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-24 21:08 - 2019-01-17 08:22 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-24 21:08 - 2019-01-17 08:22 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-24 21:08 - 2018-10-23 18:59 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-24 21:08 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-24 21:08 - 2018-02-11 23:15 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-24 06:22 - 2018-09-16 21:31 - 000093144 _____ C:\Users\Naruby\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-23 10:58 - 2018-09-01 17:57 - 000000000 ____D C:\Users\Naruby\AppData\Local\D3DSCache
2019-04-19 16:58 - 2018-08-14 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google

==================== Files in the root of some directories =======

2018-12-05 23:21 - 2018-12-05 23:21 - 000003584 _____ () C:\Users\Naruby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-29 14:22 - 2018-12-29 14:22 - 000000410 _____ () C:\Users\Naruby\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Naruby (19-05-2019 11:53:41)
Running from C:\Users\Naruby\Desktop
Windows 10 Home Version 1803 17134.765 (X64) (2018-06-11 17:04:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4103189983-1655372252-3466856821-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4103189983-1655372252-3466856821-503 - Limited - Disabled)
Guest (S-1-5-21-4103189983-1655372252-3466856821-501 - Limited - Disabled)
Naruby (S-1-5-21-4103189983-1655372252-3466856821-1002 - Administrator - Enabled) => C:\Users\Naruby
WDAGUtilityAccount (S-1-5-21-4103189983-1655372252-3466856821-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Photoshop Elements 2019 (HKLM-x32\...\PSE_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 2019 (HKLM-x32\...\PRE_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 19.400 (20190425_11) - Solitea Česká republika, a.s.)
FormApps Signing Extension (HKLM-x32\...\{35C42D1D-32DC-404F-8978-A30B0D64DD26}) (Version: 2.24.0.43 - Software602 a.s.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Dropbox Plugin (HKLM-x32\...\{9FF252C8-B146-47A2-9336-3A1A83056F51}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BBF796CE-5068-47C7-8A6D-4120C0CE47E5}) (Version: 36.0.39.57346 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1037 - Intel Corporation)
Intel(R) Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.8.1.1007 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
K-Lite Mega Codec Pack 14.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8210 - Realtek Semiconductor Corp.)
Stellarium 0.10.0 (HKLM-x32\...\Stellarium_is1) (Version: - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Tux Paint 0.9.23 (HKLM-x32\...\Tux Paint_is1) (Version: - New Breed Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
XMind ZEN 9.0.6 (HKLM\...\fbd30ee5-8150-549e-9aed-fd9d444364fb) (Version: 9.0.6 - XMind Ltd.)
XnView 2.45 (HKLM-x32\...\XnView_is1) (Version: 2.45 - Gougelet Pierre-e)
Základní software zařízení HP DeskJet 5820 series (HKLM\...\{322E6CCD-0436-478E-A61B-EB11869234C3}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.0.0_x64__tf1gferkr813w [2019-05-10] (Autodesk Inc.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.12831.0_x64__8wekyb3d8bbwe [2018-10-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4103189983-1655372252-3466856821-1002_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-4103189983-1655372252-3466856821-1002_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3] => C:\Users\Public\Documents\Solitea\Money S3\PRINT\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-4103189983-1655372252-3466856821-1002_Classes\CLSID\{9E8DC68F-6AA2-4718-8CE7-DC2F44B71B4F} -> [MEGA] => D:\MEGA [2018-09-23 10:45]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-10 22:51 - 2017-09-10 22:51 - 000798208 _____ () [File not signed] C:\ProgramData\MEGAsync\libsodium.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 000113664 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\_ctypes.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000173568 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\_elementtree.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 001792512 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\_hashlib.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000032256 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\_multiprocessing.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000046080 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\_psutil_windows.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000047616 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\_socket.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 002224640 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\_ssl.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000026112 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\_yappi.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000080896 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\bz2.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 005752320 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\cello.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000014848 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\common.time34.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000007680 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\hashobjs_ext.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000301568 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\PIL._imaging.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000169472 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\pyexpat.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 001084416 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\pysqlite2._sqlite.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000548864 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\pythoncom27.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 000137728 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\pywintypes27.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 000010752 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\select.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000020992 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\thumbnails_ext.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000689664 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\unicodedata.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000118784 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\usb_ext.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000128512 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32api.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000438784 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32com.shell.shell.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000011776 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32crypt.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000023040 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32event.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000149504 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32file.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000223232 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32gui.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000048128 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32inet.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000029696 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32pdh.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000027648 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32pipe.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000044032 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32process.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000020480 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32profile.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000136192 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32security.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000026624 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\win32ts.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000034304 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\windows.conditional.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000038400 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\windows.connectivity.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000073216 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\windows.device_monitor.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000110080 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\windows.volumes.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000020480 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\windows.winwrap.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 001325056 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wx._controls_.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 001489408 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wx._core_.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 001007104 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wx._gdi_.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000103424 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wx._html2.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 000916992 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wx._misc_.pyd
2019-05-19 07:47 - 2019-05-19 07:47 - 001039872 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wx._windows_.pyd
2019-05-19 11:52 - 2019-05-19 11:52 - 000474112 _____ (ESET) [File not signed] c:\users\naruby\appdata\local\google\chrome\user data\swreporter\41.203.200\edls_64.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 023927296 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\avcodec-57.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 006306816 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\avformat-57.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 000599552 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\avutil-55.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 000287232 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\swresample-2.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 000513024 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\swscale-4.dll
2017-04-24 15:30 - 2017-04-24 15:30 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\python27.dll
2017-09-10 21:08 - 2017-09-10 21:08 - 000061952 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\ProgramData\MEGAsync\cares.dll
2018-04-02 19:21 - 2018-04-02 19:21 - 000275456 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\ProgramData\MEGAsync\libcurl.dll
2018-04-02 19:38 - 2019-01-22 10:33 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\LIBEAY32.dll
2018-04-02 19:38 - 2019-01-22 10:33 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\SSLEAY32.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qgif.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qicns.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qico.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qjpeg.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qsvg.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtga.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtiff.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwbmp.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwebp.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\platforms\qwindows.dll
2017-09-25 16:30 - 2017-09-25 16:30 - 004641792 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Core.dll
2017-09-14 08:32 - 2017-09-14 08:32 - 005016576 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Gui.dll
2017-09-14 08:30 - 2017-09-14 08:30 - 000851968 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Network.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000255488 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Svg.dll
2017-09-14 08:35 - 2017-09-14 08:35 - 004433920 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Widgets.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wxbase30u_net_vc90_x64.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wxbase30u_vc90_x64.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wxmsw30u_adv_vc90_x64.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wxmsw30u_core_vc90_x64.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wxmsw30u_html_vc90_x64.dll
2019-05-19 07:47 - 2019-05-19 07:47 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI111562\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2019-01-06 15:20 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Naruby\Desktop\IMG_20190324_130644.jpg
DNS Servers: 192.168.9.1 - 213.168.176.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D4BC0FAF-1E17-4B9C-8F3D-D4A434B905CA}] => (Allow) LPort=1900
FirewallRules: [{A1F08A5A-D69E-42D9-AEEC-7B70CB613FBE}] => (Allow) LPort=2869
FirewallRules: [{FF63B201-6849-4C24-B014-E6730BB2B4CD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF2198C9-CF3E-43BA-BCB0-28F7A66431EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99B28C89-7A96-4F9C-B06A-94F2AFD3CB0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E78D1F9-FC89-4FB2-A838-12312BD6DBF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{09036FFA-16A5-4BDA-8C6B-7E94BEA74474}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{053818B6-2824-46ED-AAB1-5DAAF4F195CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0602E56C-62AF-481B-AF28-8492D2085879}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{3E7EB491-6AA3-448B-AEED-AE42B9E61FBA}] => (Allow) LPort=5357
FirewallRules: [{4FEB5B30-E490-447D-8AA4-97E2B1BE259F}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{255DB4ED-F112-47BC-A63A-FADB7C112E18}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{527379D9-469C-4127-B1EC-56720EF4A6ED}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{32B4DA77-C9EE-430D-83BD-ACA532735249}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

25-04-2019 15:02:27 Naplánovaný kontrolní bod
03-05-2019 10:46:24 Naplánovaný kontrolní bod
10-05-2019 16:14:55 Naplánovaný kontrolní bod
15-05-2019 08:47:37 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2019 05:55:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MonS3.exe verze 19.10.1.301 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 28e4

Čas spuštění: 01d4ff68a37381f3

Čas ukončení: 26

Cesta k aplikaci: C:\Program Files (x86)\Solitea\Money S3\MonS3.exe

ID hlášení: e9d0a245-276f-429f-ac61-174d250889e9

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/22/2019 08:46:20 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-USMK7MO)
Description: httphttp-2147467263

Error: (04/05/2019 07:13:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sedsvc.exe, verze: 10.0.17134.10024, časové razítko: 0x2d29399d
Název chybujícího modulu: sedsvc.exe, verze: 10.0.17134.10024, časové razítko: 0x2d29399d
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000010451
ID chybujícího procesu: 0xb44
Čas spuštění chybující aplikace: 0x01d4eb6df2e28f6c
Cesta k chybující aplikaci: C:\Program Files\rempl\sedsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\rempl\sedsvc.exe
ID zprávy: 2496bbb7-1b75-48ba-8c5a-db059e011762
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 09:22:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x1930
Čas spuštění chybující aplikace: 0x01d4e97cec0674e7
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 2dace905-4fde-411b-a2e8-6ec011ff4882
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 07:53:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x1d04
Čas spuštění chybující aplikace: 0x01d4e971e2baf728
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: fc427300-d2cd-47b3-8d33-b7c9ef13b296
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 05:47:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x498
Čas spuštění chybující aplikace: 0x01d4e9682545feac
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 7ce0ae53-4ff2-4611-a39d-03e2f997e567
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 05:24:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x1420
Čas spuštění chybující aplikace: 0x01d4e964e4e1fcba
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: c688721f-27d2-430f-a6a9-33840aec7fb7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 05:00:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x2c3c
Čas spuštění chybující aplikace: 0x01d4e92e8dbe853d
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 0cae3e38-632d-4027-9f3e-0c9e62379c89
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/19/2019 11:51:50 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-USMK7MO)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-USMK7MO\Naruby (SID: S-1-5-21-4103189983-1655372252-3466856821-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 11:50:04 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-USMK7MO)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-USMK7MO\Naruby (SID: S-1-5-21-4103189983-1655372252-3466856821-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 07:47:27 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-USMK7MO)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-USMK7MO\Naruby (SID: S-1-5-21-4103189983-1655372252-3466856821-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 12:01:01 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-USMK7MO)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/18/2019 08:21:42 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-USMK7MO)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-USMK7MO\Naruby (SID: S-1-5-21-4103189983-1655372252-3466856821-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/17/2019 10:35:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-USMK7MO)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/17/2019 10:35:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-USMK7MO)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/17/2019 10:35:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-USMK7MO)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2019-04-14 13:26:10.496
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.474
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.471
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.468
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.463
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\ProgramData\MEGAsync\ShellExtX64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.459
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\ProgramData\MEGAsync\ShellExtX64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.456
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\ProgramData\MEGAsync\ShellExtX64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-12 18:42:49.741
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F4 09/22/2017
Motherboard: Gigabyte Technology Co., Ltd. Z370 HD3P-CF
Processor: Intel(R) Core(TM) i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 45%
Total physical RAM: 8138.05 MB
Available physical RAM: 4473.37 MB
Total Virtual: 9418.05 MB
Available Virtual: 4622.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.33 GB) (Free:158.36 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:370.1 GB) NTFS

\\?\Volume{fcaf58e4-2e0f-4414-9df3-6915ecd7171c}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{31024ee6-4129-467b-a622-000ff1aef1f2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 19 kvě 2019 11:37 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109617
Bydliště: Plzeň
Zdravím!
Spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 19 kvě 2019 11:47 
Offline
Návštěvník
Návštěvník

Registrován: 22 bře 2006 16:05
Příspěvky: 36
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-19-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Naruby\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1870 octets] - [19/05/2019 12:44:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 19 kvě 2019 14:45 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109617
Bydliště: Plzeň
OK. Dejte nové logy FRST+Addition.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 19 kvě 2019 20:06 
Offline
Návštěvník
Návštěvník

Registrován: 22 bře 2006 16:05
Příspěvky: 36
Problém zatím stále trvá.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by Naruby (administrator) on DESKTOP-USMK7MO (Gigabyte Technology Co., Ltd. Z370 HD3P) (19-05-2019 21:02:49)
Running from C:\Users\Naruby\Desktop
Loaded Profiles: Naruby (Available Profiles: Naruby)
Platform: Windows 10 Home Version 1803 17134.765 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(CÍGLER SOFTWARE, a.s. -> Solitea Česká republika, a.s.) C:\Program Files (x86)\Solitea\Money S3\MS3Auto.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(Intel(R) INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230816 2017-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-25] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobePSE17AutoAnalyzer] => C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\Solitea\Money S3\MS3Auto.exe [16953744 2019-03-19] (CÍGLER SOFTWARE, a.s. -> Solitea Česká republika, a.s.)
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\Run: [GoogleChromeAutoLaunch_23D47B7875A2AFA632B87F4CC0C1D800] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1723888 2019-05-14] (Google LLC -> Google Inc.)
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-15] (Google LLC -> Google Inc.)
Startup: C:\Users\Naruby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-09-23]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\Naruby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP DeskJet 5820 series.lnk [2019-05-19]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP DeskJet 5820 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP DeskJet 5820 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN75L5G1P006BN;CONNECTION=USB;MONITOR=1;
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E308E43-1B89-46DE-A23F-AE1FF2CE0E7D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655480 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27E8FCE0-BFB3-4D75-A6CD-88AE22E1FA0B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436344 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44ED17BB-BBAC-48A0-8C96-7DC2F480DF13} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B02BFE2-1F07-4D19-AD65-B676408F7962} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4103189983-1655372252-3466856821-1002 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-02-19] (Mega Limited -> Mega Limited)
Task: {669325E8-7E82-4A2D-85A8-7679A1E1456B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79A45494-27C5-44A6-B4CB-BC86C837D451} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {8001FE7C-C2E2-4F13-8DF4-F2EC2BBEFC05} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655480 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87FC824B-D4E7-4CE3-B912-D4F887D61311} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-27] (Google Inc -> Google Inc.)
Task: {8F71AE87-6882-45CC-8496-BC57E67AD8BB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {9F3F4369-6870-4D46-B075-F8B70BA144F1} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2018-04-11] () [File not signed]
Task: {A136DAC6-ED73-4FA3-AA89-AC6FBB720461} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B90E8E8F-E62C-4C9D-A930-28EFCB0317D4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {BBD3737F-B679-421A-B624-5C6439FDFBEF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960632 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C00A1548-96E0-4DAA-826A-4F9B72C22A48} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-USMK7MO-Naruby => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D775AA8C-EEB7-4078-B901-78C354C20815} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D9DA01E0-4516-4834-81F0-EA713BCD4D50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-27] (Google Inc -> Google Inc.)
Task: {E1AE0A49-AF9D-4A56-AFB1-CC000400FFFB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EA6F70C6-D341-4015-81A7-CBBD89685D41} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {EC20F66B-8F76-4FBD-BA2D-B6DFBF488722} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EC7EE4EB-AE4B-4CCD-BAEE-D33A689A1651} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-USMK7MO-Naruby => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F0790C3C-8AFF-4794-A773-9AA21BD5EE06} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F53957E7-417D-4F64-BC8F-1A498A3B6D80} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {FF04A8A4-CC2A-431D-A6AC-03E636349DBD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.9.1 213.168.176.3
Tcpip\..\Interfaces\{e72f4fe8-8f7c-4f9e-8e88-8343f87a2c9f}: [DhcpNameServer] 192.168.9.1 213.168.176.3

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4103189983-1655372252-3466856821-1002 -> {E3BA871E-7749-4E43-A9F9-E4C9367C5098} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default [2019-05-19]
CHR Extension: (Prezentace) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-06]
CHR Extension: (Rozšíření pro webové stránky - WP Screenshot) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\akgpcdalpfphjmfifkmfbpdmgdmeeaeo [2019-03-03]
CHR Extension: (Dokumenty) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-06]
CHR Extension: (Disk Google) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-06]
CHR Extension: (YouTube) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-06]
CHR Extension: (Flash Player) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2018-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-12]
CHR Extension: (Avast Passwords) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-05-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-06]
CHR Extension: (Tabulky) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-06]
CHR Extension: (Pomocník GIVT.cz) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop [2019-03-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (AdBlock) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-16]
CHR Extension: (Avast Online Security) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (feedly) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2018-09-05]
CHR Extension: (FormApps Extension) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-08-27]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2018-11-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Naruby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-12]
CHR HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-08-25] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-07-12] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
S3 gdrv; C:\Windows\gdrv.sys [26192 2017-12-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f936d37e592b25aa\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-19 12:44 - 2019-05-19 12:45 - 000000000 ____D C:\AdwCleaner
2019-05-19 12:43 - 2019-05-19 12:43 - 007025360 _____ (Malwarebytes) C:\Users\Naruby\Desktop\adwcleaner_7.3.exe
2019-05-19 11:52 - 2019-05-19 21:03 - 000028408 _____ C:\Users\Naruby\Desktop\FRST.txt
2019-05-19 11:52 - 2019-05-19 21:02 - 000000000 ____D C:\FRST
2019-05-19 11:50 - 2019-05-19 11:50 - 000125682 _____ C:\Users\Naruby\Documents\cc_20190519_115042.reg
2019-05-19 11:49 - 2019-05-19 11:49 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-19 11:49 - 2019-05-19 11:49 - 000002890 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-19 11:49 - 2019-05-19 11:49 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-19 11:49 - 2019-05-19 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-19 11:49 - 2019-05-19 11:49 - 000000000 ____D C:\Program Files\CCleaner
2019-05-19 11:48 - 2019-05-19 11:49 - 021315608 _____ (Piriform Software Ltd) C:\Users\Naruby\Downloads\ccsetup557.exe
2019-05-19 11:48 - 2019-05-19 11:48 - 002435072 _____ (Farbar) C:\Users\Naruby\Desktop\FRST64.exe
2019-05-19 11:42 - 2019-05-19 11:43 - 000000000 ____D C:\Users\Naruby\Desktop\plošné
2019-05-15 08:49 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-15 08:49 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-15 08:49 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-15 08:49 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-15 08:49 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-15 08:49 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-15 08:49 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-15 08:49 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-15 08:49 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-15 08:49 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-15 08:49 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-15 08:49 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-15 08:49 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-15 08:49 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-15 08:49 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-15 08:49 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-15 08:49 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-15 08:49 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-15 08:49 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-15 08:49 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-15 08:49 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-15 08:49 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-15 08:49 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-15 08:49 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-15 08:49 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-15 08:49 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-15 08:49 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-15 08:49 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-15 08:49 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-15 08:49 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-15 08:49 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-15 08:49 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-15 08:49 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-15 08:49 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-15 08:49 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-15 08:49 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-15 08:49 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-15 08:49 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-15 08:49 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-15 08:49 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-15 08:49 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-15 08:49 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-15 08:49 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-15 08:49 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-15 08:49 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-15 08:49 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-15 08:49 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-15 08:49 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-15 08:49 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-15 08:49 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-15 08:49 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-15 08:49 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-15 08:49 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-15 08:49 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-15 08:49 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-15 08:49 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-15 08:49 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-15 08:49 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-15 08:49 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-15 08:49 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-15 08:49 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-15 08:49 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-15 08:49 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-15 08:49 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-15 08:49 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-15 08:49 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-15 08:49 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-15 08:49 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-15 08:49 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 08:49 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-15 08:49 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-15 08:49 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-15 08:49 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-15 08:49 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-15 08:49 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-15 08:49 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-15 08:49 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-15 08:49 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-15 08:49 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-15 08:49 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-15 08:49 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-15 08:49 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-15 08:49 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-15 08:49 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-15 08:49 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-15 08:49 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-15 08:49 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-15 08:49 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-15 08:49 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-15 08:49 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-15 08:49 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-15 08:49 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-15 08:49 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-15 08:49 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-15 08:49 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-15 08:49 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-15 08:49 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-15 08:49 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-15 08:49 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-15 08:49 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-15 08:49 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-15 08:49 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-15 08:49 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-15 08:49 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-15 08:49 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-15 08:49 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-15 08:49 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-15 08:49 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-15 08:49 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-15 08:49 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-15 08:49 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-15 08:49 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-15 08:49 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-15 08:49 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-15 08:49 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-15 08:49 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-15 08:49 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-15 08:49 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-15 08:49 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-15 08:49 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-15 08:49 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-15 08:49 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-15 08:49 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-15 08:49 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-15 08:49 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-15 08:49 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-15 08:49 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-15 08:49 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-15 08:49 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-15 08:49 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-15 08:49 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-15 08:49 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-15 08:49 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-15 08:49 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-15 08:49 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-15 08:49 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-15 08:49 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-04-24 21:08 - 2019-04-24 21:08 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-19 21:02 - 2018-12-06 22:46 - 000000000 ___RD C:\Users\Naruby\Disk Google
2019-05-19 21:02 - 2018-07-19 09:32 - 000000000 ____D C:\Users\Naruby\AppData\Local\AVAST Software
2019-05-19 21:02 - 2017-12-27 09:25 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-19 21:01 - 2018-06-11 19:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-19 21:01 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-19 14:32 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-19 12:52 - 2018-06-11 19:03 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-19 12:52 - 2018-04-12 17:50 - 000716072 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-19 12:52 - 2018-04-12 17:50 - 000144864 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-19 12:52 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-19 11:50 - 2018-08-02 17:56 - 000000000 ____D C:\Users\Naruby\AppData\Local\CrashDumps
2019-05-19 11:50 - 2018-07-05 20:47 - 000000000 ____D C:\Users\Naruby\AppData\Roaming\XnView
2019-05-19 11:50 - 2018-06-07 19:26 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-19 11:50 - 2018-06-04 18:14 - 000000000 ____D C:\Users\Naruby\AppData\Roaming\MPC-HC
2019-05-19 11:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-19 11:39 - 2018-06-11 18:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-19 07:51 - 2018-02-15 21:07 - 000000000 ____D C:\Users\Naruby\AppData\Local\Adobe
2019-05-18 22:21 - 2018-12-29 15:58 - 000002822 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-USMK7MO-Naruby
2019-05-18 22:21 - 2018-12-29 15:58 - 000002776 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-USMK7MO-Naruby
2019-05-18 22:21 - 2018-09-23 10:21 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-05-18 22:21 - 2018-09-07 07:48 - 000003830 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-18 22:21 - 2018-09-07 07:48 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-05-18 22:21 - 2018-06-11 19:03 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-05-18 22:21 - 2018-06-11 19:03 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-18 22:21 - 2018-06-11 19:03 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-18 22:21 - 2018-06-11 19:03 - 000003120 _____ C:\WINDOWS\System32\Tasks\klcp_update
2019-05-18 22:21 - 2018-06-11 19:03 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-05-18 22:21 - 2018-06-11 19:03 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4103189983-1655372252-3466856821-1002
2019-05-18 22:21 - 2018-06-11 19:03 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4103189983-1655372252-3466856821-500
2019-05-18 22:21 - 2018-06-11 19:03 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-18 22:21 - 2018-06-11 19:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-05-17 20:05 - 2018-06-11 19:03 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-05-17 09:32 - 2018-02-15 21:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-17 09:30 - 2018-01-13 16:33 - 000000000 ____D C:\Program Files\rempl
2019-05-17 09:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-16 15:29 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-15 15:07 - 2018-06-11 18:59 - 000457616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-15 12:15 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-15 12:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-15 12:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-15 12:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-15 09:02 - 2017-12-27 08:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-15 09:02 - 2017-12-27 08:58 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-15 08:50 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-15 08:48 - 2018-01-13 16:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 08:47 - 2018-01-13 16:32 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 19:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-14 19:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-12 12:42 - 2018-06-11 19:00 - 000002368 _____ C:\Users\Naruby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-12 12:42 - 2018-01-06 18:27 - 000000000 ___RD C:\Users\Naruby\OneDrive
2019-05-12 10:22 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-05-12 08:43 - 2018-05-23 19:03 - 000002131 _____ C:\Users\Public\Desktop\Money S3.lnk
2019-05-04 01:53 - 2018-04-12 01:41 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2018-04-12 01:41 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-03 07:31 - 2018-02-12 04:48 - 000000000 ____D C:\Users\Naruby\AppData\Local\Packages
2019-04-24 21:08 - 2019-04-12 20:23 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-24 21:08 - 2019-02-21 12:38 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-24 21:08 - 2019-01-17 17:30 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-24 21:08 - 2019-01-17 08:22 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-24 21:08 - 2019-01-17 08:22 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-24 21:08 - 2019-01-17 08:22 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-24 21:08 - 2019-01-17 08:22 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-24 21:08 - 2018-10-23 18:59 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-24 21:08 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-24 21:08 - 2018-02-11 23:15 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-24 21:08 - 2018-02-11 23:15 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-24 06:22 - 2018-09-16 21:31 - 000093144 _____ C:\Users\Naruby\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-23 10:58 - 2018-09-01 17:57 - 000000000 ____D C:\Users\Naruby\AppData\Local\D3DSCache
2019-04-19 16:58 - 2018-08-14 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google

==================== Files in the root of some directories =======

2018-12-05 23:21 - 2018-12-05 23:21 - 000003584 _____ () C:\Users\Naruby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-29 14:22 - 2018-12-29 14:22 - 000000410 _____ () C:\Users\Naruby\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Naruby (19-05-2019 21:03:33)
Running from C:\Users\Naruby\Desktop
Windows 10 Home Version 1803 17134.765 (X64) (2018-06-11 17:04:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4103189983-1655372252-3466856821-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4103189983-1655372252-3466856821-503 - Limited - Disabled)
Guest (S-1-5-21-4103189983-1655372252-3466856821-501 - Limited - Disabled)
Naruby (S-1-5-21-4103189983-1655372252-3466856821-1002 - Administrator - Enabled) => C:\Users\Naruby
WDAGUtilityAccount (S-1-5-21-4103189983-1655372252-3466856821-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Photoshop Elements 2019 (HKLM-x32\...\PSE_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 2019 (HKLM-x32\...\PRE_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 19.400 (20190425_11) - Solitea Česká republika, a.s.)
FormApps Signing Extension (HKLM-x32\...\{35C42D1D-32DC-404F-8978-A30B0D64DD26}) (Version: 2.24.0.43 - Software602 a.s.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Dropbox Plugin (HKLM-x32\...\{9FF252C8-B146-47A2-9336-3A1A83056F51}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BBF796CE-5068-47C7-8A6D-4120C0CE47E5}) (Version: 36.0.39.57346 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1037 - Intel Corporation)
Intel(R) Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.8.1.1007 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
K-Lite Mega Codec Pack 14.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8210 - Realtek Semiconductor Corp.)
Stellarium 0.10.0 (HKLM-x32\...\Stellarium_is1) (Version: - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Tux Paint 0.9.23 (HKLM-x32\...\Tux Paint_is1) (Version: - New Breed Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
XMind ZEN 9.0.6 (HKLM\...\fbd30ee5-8150-549e-9aed-fd9d444364fb) (Version: 9.0.6 - XMind Ltd.)
XnView 2.45 (HKLM-x32\...\XnView_is1) (Version: 2.45 - Gougelet Pierre-e)
Základní software zařízení HP DeskJet 5820 series (HKLM\...\{322E6CCD-0436-478E-A61B-EB11869234C3}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.0.0_x64__tf1gferkr813w [2019-05-10] (Autodesk Inc.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.12831.0_x64__8wekyb3d8bbwe [2018-10-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4103189983-1655372252-3466856821-1002_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-4103189983-1655372252-3466856821-1002_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3] => C:\Users\Public\Documents\Solitea\Money S3\PRINT\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-4103189983-1655372252-3466856821-1002_Classes\CLSID\{9E8DC68F-6AA2-4718-8CE7-DC2F44B71B4F} -> [MEGA] => D:\MEGA [2018-09-23 10:45]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-10 22:51 - 2017-09-10 22:51 - 000798208 _____ () [File not signed] C:\ProgramData\MEGAsync\libsodium.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 000113664 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\_ctypes.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000173568 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\_elementtree.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 001792512 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\_hashlib.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000032256 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\_multiprocessing.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000046080 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\_psutil_windows.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000047616 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\_socket.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 002224640 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\_ssl.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000026112 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\_yappi.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000080896 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\bz2.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 005752320 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\cello.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000014848 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\common.time34.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000007680 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\hashobjs_ext.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000301568 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\PIL._imaging.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000169472 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\pyexpat.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 001084416 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\pysqlite2._sqlite.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000548864 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\pythoncom27.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 000137728 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\pywintypes27.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 000010752 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\select.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000020992 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\thumbnails_ext.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000689664 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\unicodedata.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000118784 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\usb_ext.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000128512 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32api.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000438784 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32com.shell.shell.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000011776 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32crypt.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000023040 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32event.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000149504 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32file.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000223232 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32gui.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000048128 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32inet.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000029696 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32pdh.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000027648 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32pipe.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000044032 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32process.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000020480 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32profile.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000136192 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32security.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000026624 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\win32ts.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000034304 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\windows.conditional.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000038400 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\windows.connectivity.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000073216 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\windows.device_monitor.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000110080 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\windows.volumes.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000020480 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\windows.winwrap.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 001325056 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wx._controls_.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 001489408 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wx._core_.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 001007104 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wx._gdi_.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000103424 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wx._html2.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 000916992 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wx._misc_.pyd
2019-05-19 21:02 - 2019-05-19 21:02 - 001039872 _____ () [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wx._windows_.pyd
2018-08-30 16:48 - 2018-08-30 16:48 - 002534400 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Adobe\Elements 2019 Organizer\xerces-c_3_1.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 023927296 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\avcodec-57.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 006306816 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\avformat-57.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 000599552 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\avutil-55.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 000287232 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\swresample-2.dll
2016-02-18 05:16 - 2016-02-18 05:16 - 000513024 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\swscale-4.dll
2017-08-25 19:16 - 2017-08-25 19:16 - 000079360 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
2017-04-24 15:30 - 2017-04-24 15:30 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\python27.dll
2017-09-10 21:08 - 2017-09-10 21:08 - 000061952 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\ProgramData\MEGAsync\cares.dll
2018-04-02 19:21 - 2018-04-02 19:21 - 000275456 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\ProgramData\MEGAsync\libcurl.dll
2018-04-02 19:38 - 2019-01-22 10:33 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\LIBEAY32.dll
2018-04-02 19:38 - 2019-01-22 10:33 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\SSLEAY32.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qgif.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qicns.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qico.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qjpeg.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qsvg.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtga.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtiff.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwbmp.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwebp.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\platforms\qwindows.dll
2017-09-25 16:30 - 2017-09-25 16:30 - 004641792 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Core.dll
2017-09-14 08:32 - 2017-09-14 08:32 - 005016576 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Gui.dll
2017-09-14 08:30 - 2017-09-14 08:30 - 000851968 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Network.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000255488 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Svg.dll
2017-09-14 08:35 - 2017-09-14 08:35 - 004433920 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Widgets.dll
2018-08-30 16:48 - 2018-08-30 16:48 - 001412096 _____ (WinSoft S.A.) [File not signed] C:\Program Files\Adobe\Elements 2019 Organizer\WRServices.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wxbase30u_net_vc90_x64.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wxbase30u_vc90_x64.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wxmsw30u_adv_vc90_x64.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wxmsw30u_core_vc90_x64.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wxmsw30u_html_vc90_x64.dll
2019-05-19 21:02 - 2019-05-19 21:02 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Naruby\AppData\Local\Temp\_MEI113482\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2019-01-06 15:20 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4103189983-1655372252-3466856821-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Naruby\Desktop\IMG_20190324_130644.jpg
DNS Servers: 192.168.9.1 - 213.168.176.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D4BC0FAF-1E17-4B9C-8F3D-D4A434B905CA}] => (Allow) LPort=1900
FirewallRules: [{A1F08A5A-D69E-42D9-AEEC-7B70CB613FBE}] => (Allow) LPort=2869
FirewallRules: [{FF63B201-6849-4C24-B014-E6730BB2B4CD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF2198C9-CF3E-43BA-BCB0-28F7A66431EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99B28C89-7A96-4F9C-B06A-94F2AFD3CB0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E78D1F9-FC89-4FB2-A838-12312BD6DBF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{09036FFA-16A5-4BDA-8C6B-7E94BEA74474}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{053818B6-2824-46ED-AAB1-5DAAF4F195CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0602E56C-62AF-481B-AF28-8492D2085879}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{3E7EB491-6AA3-448B-AEED-AE42B9E61FBA}] => (Allow) LPort=5357
FirewallRules: [{4FEB5B30-E490-447D-8AA4-97E2B1BE259F}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{255DB4ED-F112-47BC-A63A-FADB7C112E18}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{527379D9-469C-4127-B1EC-56720EF4A6ED}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{32B4DA77-C9EE-430D-83BD-ACA532735249}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

25-04-2019 15:02:27 Naplánovaný kontrolní bod
03-05-2019 10:46:24 Naplánovaný kontrolní bod
10-05-2019 16:14:55 Naplánovaný kontrolní bod
15-05-2019 08:47:37 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2019 05:55:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MonS3.exe verze 19.10.1.301 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 28e4

Čas spuštění: 01d4ff68a37381f3

Čas ukončení: 26

Cesta k aplikaci: C:\Program Files (x86)\Solitea\Money S3\MonS3.exe

ID hlášení: e9d0a245-276f-429f-ac61-174d250889e9

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/22/2019 08:46:20 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-USMK7MO)
Description: httphttp-2147467263

Error: (04/05/2019 07:13:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sedsvc.exe, verze: 10.0.17134.10024, časové razítko: 0x2d29399d
Název chybujícího modulu: sedsvc.exe, verze: 10.0.17134.10024, časové razítko: 0x2d29399d
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000010451
ID chybujícího procesu: 0xb44
Čas spuštění chybující aplikace: 0x01d4eb6df2e28f6c
Cesta k chybující aplikaci: C:\Program Files\rempl\sedsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\rempl\sedsvc.exe
ID zprávy: 2496bbb7-1b75-48ba-8c5a-db059e011762
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 09:22:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x1930
Čas spuštění chybující aplikace: 0x01d4e97cec0674e7
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 2dace905-4fde-411b-a2e8-6ec011ff4882
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 07:53:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x1d04
Čas spuštění chybující aplikace: 0x01d4e971e2baf728
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: fc427300-d2cd-47b3-8d33-b7c9ef13b296
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 05:47:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x498
Čas spuštění chybující aplikace: 0x01d4e9682545feac
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 7ce0ae53-4ff2-4611-a39d-03e2f997e567
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 05:24:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x1420
Čas spuštění chybující aplikace: 0x01d4e964e4e1fcba
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: c688721f-27d2-430f-a6a9-33840aec7fb7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2019 05:00:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x2c3c
Čas spuštění chybující aplikace: 0x01d4e92e8dbe853d
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 0cae3e38-632d-4027-9f3e-0c9e62379c89
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/19/2019 09:01:54 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-USMK7MO)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-USMK7MO\Naruby (SID: S-1-5-21-4103189983-1655372252-3466856821-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 02:31:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-USMK7MO)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy!App.AppX9s1cz53zc86xn39kwrb02jyft9ecn62r.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/19/2019 12:46:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-USMK7MO)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-USMK7MO\Naruby (SID: S-1-5-21-4103189983-1655372252-3466856821-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/19/2019 12:45:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/19/2019 12:45:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (05/19/2019 12:45:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet Monitoring Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/19/2019 12:45:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/19/2019 12:45:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2019-04-14 13:26:10.496
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.474
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.471
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.468
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.463
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\ProgramData\MEGAsync\ShellExtX64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.459
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\ProgramData\MEGAsync\ShellExtX64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-14 13:26:10.456
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\ProgramData\MEGAsync\ShellExtX64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-12 18:42:49.741
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F4 09/22/2017
Motherboard: Gigabyte Technology Co., Ltd. Z370 HD3P-CF
Processor: Intel(R) Core(TM) i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 44%
Total physical RAM: 8138.05 MB
Available physical RAM: 4497.25 MB
Total Virtual: 9418.05 MB
Available Virtual: 4777.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.33 GB) (Free:158.38 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:370.11 GB) NTFS

\\?\Volume{fcaf58e4-2e0f-4414-9df3-6915ecd7171c}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{31024ee6-4129-467b-a622-000ff1aef1f2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 19 kvě 2019 20:59 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109617
Bydliště: Plzeň
Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {87FC824B-D4E7-4CE3-B912-D4F887D61311} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-27] (Google Inc -> Google Inc.)
Task: {D9DA01E0-4516-4834-81F0-EA713BCD4D50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-27] (Google Inc -> Google Inc.)
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Naruby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End


Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 19 kvě 2019 21:10 
Offline
Návštěvník
Návštěvník

Registrován: 22 bře 2006 16:05
Příspěvky: 36
Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Naruby (19-05-2019 22:07:14) Run:1
Running from C:\Users\Naruby\Desktop
Loaded Profiles: Naruby (Available Profiles: Naruby)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {87FC824B-D4E7-4CE3-B912-D4F887D61311} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-27] (Google Inc -> Google Inc.)
Task: {D9DA01E0-4516-4834-81F0-EA713BCD4D50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-12-27] (Google Inc -> Google Inc.)
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Naruby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{87FC824B-D4E7-4CE3-B912-D4F887D61311}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87FC824B-D4E7-4CE3-B912-D4F887D61311}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9DA01E0-4516-4834-81F0-EA713BCD4D50}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9DA01E0-4516-4834-81F0-EA713BCD4D50}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Naruby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 289088554 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3200837 B
Edge => 3597 B
Chrome => 388034126 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1806 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Naruby => 86286304 B

RecycleBin => 106637 B
EmptyTemp: => 741.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:08:07 ====


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 20 kvě 2019 09:16 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109617
Bydliště: Plzeň
Smazáno. Nastala nějaká změna?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 20 kvě 2019 19:17 
Offline
Návštěvník
Návštěvník

Registrován: 22 bře 2006 16:05
Příspěvky: 36
Díky. Bohužel stále je to stejné :(


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 20 kvě 2019 20:01 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109617
Bydliště: Plzeň
Malware to nezpůsobuje. Zkuste obnovu systému k datu, kdy korektně fungoval.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 21 kvě 2019 18:44 
Offline
Návštěvník
Návštěvník

Registrován: 22 bře 2006 16:05
Příspěvky: 36
Ona je to dlouhodobější záležitost, jen jsem se ji teď rozhodla řešit :) Ale díky za pročištění.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 21 kvě 2019 19:06 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109617
Bydliště: Plzeň
OK. Tedy:

1. Zkontrolujte nastavení v ovl. panelech>možnosti napájení a případně upravte.
2. Pokud to bude OK, Je možné systém opravit pomocí WindowsRepair: https://www.stahuj.cz/utility_a_ostatni ... ws-repair/ .

Za pročištění nemáte zač.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 21 kvě 2019 20:21 
Offline
Návštěvník
Návštěvník

Registrován: 22 bře 2006 16:05
Příspěvky: 36
Tak jsem systém opravila, ale nepomohlo.
Po zadání příkazu powercfg -lastwake mi to ukazuje, že probuzení způsobuje nějaký USB? (viz soubor).
Dá se to nějak pořešit?


Přílohy:
rezimspanku.png
rezimspanku.png [ 17.07 KiB | Zobrazeno 265 krát ]
Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Počítač nechce usnout
PříspěvekNapsal: 21 kvě 2019 20:56 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109617
Bydliště: Plzeň
To vidím poprvé. Pokud máte připojeno něco v USB slotu, zkuste postupně odpojovat a zkoušet funkci usnutí. když se to podaří odhalit, zkuste to připojit do jiného USB slotu. Další možnost je zkusit přeinstalovat ovladače zákl desky, potažmo USB. Neznám hardwarovou konfiguraci vašeho PC, nemáte v něm vloženou rozšiřující desku s USB sloty?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 14 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Google [Bot]


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?