VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivní kontrola

https://forum.viry.cz:443/viewtopic.php?t=152403

Stránka 1 z 3

Preventivní kontrola

Napsal: 26 čer 2017 13:18
od cunik.cz
Ahoj prosím jen o preventivku

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
Ran by toombar PC (administrator) on DESKTOP-ANQTDIM (26-06-2017 14:17:11)
Running from C:\Users\toombar PC\Desktop
Loaded Profiles: toombar PC (Available Profiles: defaultuser0 & toombar PC)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Sandboxie Holdings, LLC) D:\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Micro-Star Int'l Co., Ltd.) C:\Windows\SysWOW64\RAMDiskImage.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Disc Soft Ltd) D:\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Spotify Ltd) C:\Users\toombar PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Konami Digital Entertainment) D:\Metal Gear groung Zeroes\Metal Gear Solid V - Ground Zeroes\MgsGroundZeroes.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\toombar PC\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8842496 2016-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15371216 2017-03-07] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Deamon Tools Lite\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Spotify Web Helper] => C:\Users\toombar PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-08] (Spotify Ltd)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Spotify] => C:\Users\toombar PC\AppData\Roaming\Spotify\Spotify.exe [6949488 2017-06-08] (Spotify Ltd)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Internet Download Accelerator] => D:\DOWNLOAD MANAGER\IDA\ida.exe -autorun
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [SandboxieControl] => D:\Sandboxie\SbieCtrl.exe [799368 2017-06-05] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {0ea8bab2-4491-11e7-9678-4ccc6a87f3bc} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {ca7efcaf-d178-11e6-9647-4ccc6a87f3bc} - "J:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {fa6fe333-d295-11e6-9648-4ccc6a87f3bc} - "K:\Setup.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AIDA64 Extreme.lnk [2017-01-03]
ShortcutTarget: AIDA64 Extreme.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2017-01-02]
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoogleUpdate.lnk [2017-02-21]
ShortcutTarget: GoogleUpdate.lnk -> C:\Users\toombar PC\AppData\Local\Temp\Chrome Updates\SeachEngine.exe (No File)
Startup: C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk [2017-04-05]
Startup: C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamViewer 12.lnk [2017-01-25]
ShortcutTarget: TeamViewer 12.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{f98c4fc4-24af-480f-9360-39db72a23b05}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-22] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-22] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: xy92jgbi.default
FF ProfilePath: C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default [2017-05-26]
FF Extension: (Internet Download Accelerator) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ida@westbyte.com.xpi [2017-05-15]
FF Extension: (Internet Download Accelerator Toolbar) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\idabarff@westbyte.com.xpi [2017-02-10]
FF Extension: (Adblock Plus) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-02]
FF Extension: (TLS 1.3 Compatibility Testing 3) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default\features\{f33d134b-ae02-4e76-939e-c9deba970867}\tls13-compat-ff51@mozilla.org.xpi [2017-03-01]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-22] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-06-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.initialpage123.com/?z=f0c5b4d42c415 ... PX&type=hp"
CHR Profile: C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default [2017-06-26]
CHR Extension: (AdBlock) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-30]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-4143605839-527040269-2466945285-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4412616 2017-06-11] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; D:\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-27] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [75192 2017-04-05] (Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-03-06] (Micro-Star INT'L CO., LTD.)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [70608 2016-12-02] (Micro-Star Int'l Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2162064 2017-05-17] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3136920 2017-05-17] (Electronic Arts)
R2 RAMDrivService; C:\Windows\SysWoW64\RAMDiskImage.exe [343448 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R2 SbieSvc; D:\Sandboxie\SbieSvc.exe [198792 2017-06-05] (Sandboxie Holdings, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\Windows\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-01-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-01-04] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [541672 2015-11-24] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106768 2016-12-13] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15488 2016-12-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [49672 2016-12-13] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77616 2016-12-13] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [96856 2016-12-13] (ESET)
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-07-20] (Intel Corporation)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2017-04-13] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2008-11-28] (CACE Technologies)
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-03-08] (MSI)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)
R2 RAMDriv; C:\Windows\system32\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R3 SbieDrv; D:\Sandboxie\SbieDrv.sys [207496 2017-06-05] (Sandboxie Holdings, LLC)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-26 14:17 - 2017-06-26 14:17 - 00024892 _____ C:\Users\toombar PC\Desktop\FRST.txt
2017-06-26 14:16 - 2017-06-26 14:16 - 02441216 _____ (Farbar) C:\Users\toombar PC\Desktop\FRST64.exe
2017-06-26 14:16 - 2017-06-26 14:16 - 00015327 _____ C:\Users\toombar PC\Desktop\LM.bat
2017-06-26 14:14 - 2017-06-26 14:16 - 00029696 _____ C:\Users\toombar PC\AppData\Local\MSGBOX.EXE
2017-06-26 14:14 - 2017-06-26 14:14 - 00112640 _____ (forum.viry.cz) C:\Users\toombar PC\Desktop\FRSTLauncher.exe
2017-06-23 20:08 - 2017-06-23 20:08 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign874f466da20422b5
2017-06-23 20:08 - 2017-06-23 20:08 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign8392ef7b2a59e8ae
2017-06-23 20:08 - 2017-06-23 20:08 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign5c6ad63c57b95dca
2017-06-23 20:07 - 2017-06-23 20:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign4d146dbb9a39ceee
2017-06-23 20:07 - 2017-06-23 20:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign2187ab63b5386fc4
2017-06-23 20:07 - 2017-06-23 20:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign13a8f23920f36c62
2017-06-23 13:56 - 2017-06-23 13:56 - 00001121 _____ C:\Users\Public\Desktop\Metal Gear Solid V - Ground Zeroes.lnk
2017-06-22 14:56 - 2017-06-22 14:56 - 00478392 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\8D1587E1.sys
2017-06-22 14:56 - 2017-06-22 14:56 - 00085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\60335907.sys
2017-06-22 13:59 - 2017-06-22 13:59 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-06-21 14:50 - 2017-06-21 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2017-06-19 16:07 - 2017-06-19 16:07 - 00001316 _____ C:\Users\Public\Desktop\Far Cry Primal.lnk
2017-06-19 16:07 - 2017-06-19 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry Primal
2017-06-19 16:04 - 2017-06-19 16:07 - 00000000 ____D C:\Program Files (x86)\Far Cry Primal
2017-06-19 14:56 - 2017-06-19 14:56 - 00000000 ____D C:\Users\toombar PC\AppData\Local\MegaDownloader
2017-06-18 19:48 - 2017-06-18 19:50 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\uTorrent
2017-06-13 22:09 - 2017-06-13 22:09 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-06-13 20:49 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-13 20:49 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-06-13 20:49 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-13 20:49 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-13 20:49 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-13 20:49 - 2017-06-03 12:06 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-13 20:49 - 2017-06-03 12:01 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-06-13 20:49 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-13 20:49 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-13 20:49 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-13 20:49 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-13 20:49 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-06-13 20:49 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-13 20:49 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-06-13 20:49 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-06-13 20:49 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-13 20:49 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-13 20:49 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-13 20:49 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-13 20:49 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-13 20:49 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-06-13 20:49 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-06-13 20:49 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-13 20:49 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-13 20:49 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-13 20:49 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-13 20:49 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-13 20:49 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-13 20:49 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-13 20:49 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-06-13 20:49 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-13 20:49 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-13 20:49 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-13 20:49 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-13 20:49 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBrokerUI.dll
2017-06-13 20:49 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-13 20:49 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-06-13 20:49 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2017-06-13 20:49 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2017-06-13 20:49 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-13 20:49 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-13 20:49 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-13 20:49 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-06-13 20:49 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-13 20:49 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-13 20:49 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-13 20:49 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-13 20:49 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2017-06-13 20:49 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-13 20:49 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-13 20:49 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-06-13 20:49 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-13 20:49 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-06-13 20:49 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll
2017-06-13 20:49 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-13 20:49 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-13 20:49 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-13 20:49 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-13 20:49 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-13 20:49 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-13 20:49 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-13 20:49 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-13 20:49 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-06-13 20:49 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-13 20:49 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-13 20:49 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-06-13 20:49 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-13 20:49 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-13 20:49 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-13 20:49 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-13 20:49 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-13 20:49 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-13 20:49 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-13 20:49 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-13 20:49 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-06-13 20:49 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-13 20:49 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-06-13 20:49 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-06-13 20:49 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-13 20:49 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-06-13 20:49 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-06-13 20:49 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-06-13 20:48 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-13 20:48 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-13 20:48 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-13 20:48 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-13 20:48 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-13 20:48 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-06-13 20:48 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-06-13 20:48 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2017-06-13 20:48 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-13 20:48 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-13 20:48 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-06-13 20:48 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-13 20:48 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-13 20:48 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-13 20:48 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-13 20:48 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-13 20:48 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-13 20:48 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2017-06-13 20:48 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-13 20:48 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-13 20:48 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\AuthBrokerUI.dll
2017-06-13 20:48 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-06-13 20:48 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-13 20:48 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-13 20:48 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-13 20:48 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\HNetCfgClient.dll
2017-06-13 20:48 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-06-13 20:48 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-06-13 20:48 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-06-13 20:48 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-13 20:48 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-13 20:48 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-06-13 20:48 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-13 20:48 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-13 20:48 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-13 20:48 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-13 20:48 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2017-06-13 20:48 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-13 20:48 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-13 20:48 - 2017-06-03 08:08 - 00080078 _____ C:\Windows\system32\normidna.nls
2017-06-12 18:07 - 2017-06-12 18:07 - 00000000 ___RD C:\Sandbox
2017-06-12 18:03 - 2017-06-12 18:03 - 00000825 _____ C:\Users\Public\Desktop\VivPDF Editor.lnk
2017-06-12 18:03 - 2017-06-12 18:03 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Viv
2017-06-12 18:02 - 2017-06-12 18:02 - 00000072 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2017-06-12 17:57 - 2017-06-21 14:51 - 00001914 _____ C:\Windows\Sandboxie.ini
2017-06-12 17:57 - 2017-06-12 17:57 - 00000741 _____ C:\Users\toombar PC\Desktop\Sandbox webový prohlížeč.lnk
2017-06-08 18:59 - 2017-06-08 18:15 - 00223432 ____N (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2017-06-07 21:30 - 2017-06-08 14:21 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Internet Download Accelerator
2017-06-07 19:58 - 2017-06-07 19:58 - 00000000 ____D C:\Users\toombar PC\AppData\Local\UnrealEngine
2017-06-07 19:58 - 2017-06-07 19:58 - 00000000 ____D C:\Users\toombar PC\AppData\Local\mxgp3
2017-06-07 19:58 - 2017-06-07 19:58 - 00000000 ____D C:\Users\Public\Documents\Steam
2017-06-07 19:53 - 2017-06-07 19:53 - 00000841 _____ C:\Users\toombar PC\Desktop\MXGP3 The Official Motocross Videogame.lnk
2017-06-07 19:53 - 2017-06-07 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MXGP3 The Official Motocross Videogame
2017-06-05 20:53 - 2017-06-05 20:53 - 00004648 _____ C:\Users\toombar PC\Documents\Plachenatka keřová.odt
2017-06-05 18:18 - 2017-06-05 18:18 - 00000000 ____D C:\Users\toombar PC\Documents\Electronic Arts
2017-06-05 18:16 - 2017-06-05 18:16 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2017-06-05 18:16 - 2008-09-05 02:22 - 00447752 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2017-05-29 18:13 - 2017-06-22 14:43 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-29 18:13 - 2017-06-22 14:43 - 00002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-29 17:42 - 2017-06-08 19:29 - 00000000 ____D C:\KVRT_Data

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-26 14:17 - 2017-05-26 13:43 - 00000000 ____D C:\FRST
2017-06-26 13:48 - 2017-01-03 07:54 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Skype
2017-06-26 13:36 - 2017-01-02 09:37 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-06-26 13:34 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-26 13:34 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-06-26 13:32 - 2017-01-02 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-26 13:32 - 2017-01-02 11:01 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-26 13:30 - 2017-01-09 21:14 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-26 13:30 - 2017-01-02 10:29 - 00000000 ____D C:\Users\toombar PC\AppData\LocalLow\Mozilla
2017-06-26 13:29 - 2017-01-02 09:40 - 00000000 ____D C:\Users\toombar PC
2017-06-23 20:19 - 2017-02-13 17:55 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Kodi
2017-06-23 18:08 - 2017-01-10 20:26 - 00000703 _____ C:\Users\toombar PC\Desktop\Start Tor Browser.lnk
2017-06-22 21:21 - 2017-01-04 17:06 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\vlc
2017-06-22 20:14 - 2017-04-24 15:02 - 00000000 ____D C:\Program Files\trend micro
2017-06-22 20:11 - 2017-01-03 19:27 - 00000000 ____D C:\ProgramData\TEMP
2017-06-22 20:09 - 2017-05-17 16:36 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-06-22 16:25 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-06-22 14:52 - 2017-01-02 09:42 - 03168770 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-22 14:52 - 2016-07-17 00:25 - 01319718 _____ C:\Windows\system32\perfh005.dat
2017-06-22 14:52 - 2016-07-17 00:25 - 00353162 _____ C:\Windows\system32\perfc005.dat
2017-06-22 14:49 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-06-22 14:43 - 2017-02-26 17:35 - 33555456 _____ C:\Windows\SysWOW64\RAMDiskImage.data
2017-06-22 14:43 - 2017-01-02 09:37 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-22 14:42 - 2016-07-16 08:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-06-22 14:38 - 2017-01-03 15:59 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-06-22 14:38 - 2017-01-03 15:59 - 00000000 ____D C:\Program Files (x86)\Logitech
2017-06-22 13:59 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-22 13:59 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-22 13:58 - 2017-01-03 19:23 - 00000000 ____D C:\Program Files\Microsoft Office
2017-06-22 13:40 - 2017-01-03 07:55 - 00003300 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-22 13:40 - 2017-01-02 09:41 - 00002402 _____ C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-22 13:40 - 2017-01-02 09:41 - 00000000 ___RD C:\Users\toombar PC\OneDrive
2017-06-21 15:14 - 2017-01-02 09:36 - 00000000 ____D C:\Windows\Panther
2017-06-21 15:12 - 2017-03-20 07:14 - 00000000 ___HD C:\$WINDOWS.~BT
2017-06-19 21:42 - 2017-04-26 18:49 - 00000000 ____D C:\AdwCleaner
2017-06-19 17:03 - 2017-04-26 18:51 - 00423229 ____N C:\Windows\Minidump\061917-7937-01.dmp
2017-06-19 17:03 - 2017-03-22 20:36 - 00000000 ____D C:\Windows\Minidump
2017-06-19 17:03 - 2017-01-02 10:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-19 16:16 - 2017-02-22 19:39 - 00000000 ____D C:\Users\toombar PC\Documents\My Games
2017-06-18 18:13 - 2017-01-02 09:40 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-18 18:12 - 2017-01-02 09:37 - 00345448 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-13 22:09 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-13 22:09 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-13 22:09 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-13 20:55 - 2017-01-02 21:02 - 00000000 ____D C:\Windows\system32\MRT
2017-06-13 20:53 - 2017-01-02 21:02 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-13 20:53 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-06-12 18:07 - 2017-01-17 22:21 - 00000000 ____D C:\Users\toombar PC\Desktop\Projekty vegas
2017-06-12 17:59 - 2017-01-06 20:33 - 00000000 ____D C:\ProgramData\Adobe
2017-06-09 20:15 - 2017-01-25 12:10 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-06-09 20:15 - 2017-01-25 12:10 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-06-09 20:15 - 2017-01-25 12:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-09 20:01 - 2017-05-01 17:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Spotify
2017-06-09 20:00 - 2017-05-01 17:06 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Spotify
2017-06-09 18:52 - 2017-01-15 13:12 - 00000412 __RSH C:\ProgramData\ntuser.pol
2017-06-09 18:48 - 2016-07-16 13:47 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-06-09 18:48 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-06-09 18:31 - 2017-01-02 09:57 - 00000000 ____D C:\Users\toombar PC\AppData\Local\NVIDIA Corporation
2017-06-07 21:59 - 2017-01-15 21:48 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Ubisoft Game Launcher
2017-06-07 18:37 - 2017-04-10 17:26 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-05 18:14 - 2017-01-02 10:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-05 14:33 - 2017-03-06 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-05 14:33 - 2017-01-04 15:59 - 00000000 ____D C:\ProgramData\Skype
2017-06-04 15:54 - 2017-01-10 18:27 - 00000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-30 21:18 - 2017-03-04 12:48 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Google
2017-05-29 13:19 - 2017-04-24 15:03 - 00000000 ____D C:\Users\toombar PC\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2017-06-26 14:14 - 2017-06-26 14:16 - 0029696 _____ () C:\Users\toombar PC\AppData\Local\MSGBOX.EXE
2017-04-13 15:53 - 2017-04-21 18:43 - 0000700 ___SH () C:\Users\toombar PC\AppData\Local\systemFL7.dat
2017-03-27 21:27 - 2017-04-17 20:58 - 0000182 _____ () C:\Users\toombar PC\AppData\Local\uts.ini
2017-01-11 16:53 - 2017-01-11 16:53 - 0000037 _____ () C:\Users\toombar PC\AppData\Local\X-Plane Installer.prf
2017-01-11 16:57 - 2017-05-14 19:46 - 0000015 _____ () C:\Users\toombar PC\AppData\Local\X-Plane_drm_11.prf
2017-01-11 16:27 - 2017-01-11 16:27 - 0000024 _____ () C:\Users\toombar PC\AppData\Local\x-plane_install_11.txt
2017-01-03 17:49 - 2017-01-06 21:58 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-03 17:49 - 2017-01-06 21:10 - 0009275 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-06-23 21:15 - 2017-06-23 21:15 - 0040448 ____N () C:\Users\toombar PC\AppData\Local\Temp\proxy_vole1368662962140896399.dll
2017-06-23 21:15 - 2017-06-23 21:15 - 0040448 ____N () C:\Users\toombar PC\AppData\Local\Temp\proxy_vole7744003593978723799.dll
2017-06-12 19:11 - 2017-06-12 19:11 - 0009216 _____ (Pasi Ruokola) C:\Users\toombar PC\AppData\Local\Temp\UnSigner.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-18 22:07

==================== End of FRST.txt ============================

Re: Preventivní kontrola

Napsal: 26 čer 2017 13:18
od cunik.cz
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
Ran by toombar PC (26-06-2017 14:17:36)
Running from C:\Users\toombar PC\Desktop
Windows 10 Pro Version 1607 (X64) (2017-01-02 07:39:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4143605839-527040269-2466945285-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4143605839-527040269-2466945285-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4143605839-527040269-2466945285-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-4143605839-527040269-2466945285-501 - Limited - Disabled)
toombar PC (S-1-5-21-4143605839-527040269-2466945285-1001 - Administrator - Enabled) => C:\Users\toombar PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM-x32\...\{4bf26510-8c4e-447c-b819-2967aeca2839}) (Version: 2.2.3509.0 - Futuremark)
3DMark (Version: 2.2.3509.0 - Futuremark) Hidden
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 25.0.0.0 (Version: 25.0.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 382.33 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 2017 (HKLM-x32\...\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1) (Version: 18.0.0 - Ashampoo GmbH & Co. KG)
Auslogics Disk Defrag Professional (HKLM-x32\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.8.0.0 - Auslogics Labs Pty Ltd)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
devolo dLAN Configuration Wizard (HKLM-x32\...\dlanconf) (Version: 17.0.0.0 - devolo AG)
devolo Informer (HKLM-x32\...\dslmon) (Version: 26.0.0.0 - devolo AG)
ESET Smart Security (HKLM\...\{E483B847-824D-4659-A760-0AC8FE24055E}) (Version: 10.0.386.1 - ESET, spol. s r.o.)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{6583B359-134F-480D-9B31-9B94EFFAFE40}) (Version: 5.0.609.0 - Futuremark)
Genie Timeline (HKLM-x32\...\Genie Timeline) (Version: 7.0 - Genie9)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel)
Intel(R) Online Connect Software Asset Manager (x32 Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Kodi) (Version: - XBMC-Foundation)
Mafia III Update v1.01 Hotfix (HKLM\...\bWFmaWFpaWk_is1) (Version: 1 - )
Metal Gear Solid V - Ground Zeroes verze 1.0.0.5 (HKLM-x32\...\{593C967C-1233-4A0E-9179-F0790AC8C031}_is1) (Version: 1.0.0.5 - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.8229.2045 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.8229.2045 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\OneDriveSetup.exe) (Version: 17.3.6941.0614 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.8229.2045 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.8229.2045 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.8229.2045 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.8229.2045 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.1.1.6338 - Mozilla)
Mozilla Thunderbird 52.1.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.1.1 (x86 cs)) (Version: 52.1.1 - Mozilla)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.10 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.10 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.22 - MSI)
MXGP3 The Official Motocross Videogame (HKLM-x32\...\MXGP3 The Official Motocross Videogame_is1) (Version: - )
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.8229.2041 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.10.46586 - Electronic Arts, Inc.)
Outlast 2 (HKLM-x32\...\1453301453_is1) (Version: gog-1 - GOG.com)
Ovládací panel NVIDIA 382.33 (Version: 382.33 - NVIDIA Corporation) Hidden
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7855 - Realtek Semiconductor Corp.)
Registry Cleaner (HKLM-x32\...\Registry Cleaner_is1) (Version: 2.0 - Abelssoft)
Sandboxie 5.20 (64-bit) (HKLM\...\Sandboxie) (Version: 5.20 - Sandboxie Holdings, LLC)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
Uplay (HKLM-x32\...\Uplay) (Version: 30.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VivPDF Editor (HKLM-x32\...\VivPDFEditor_is1) (Version: 3.0.1.1013 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
Základní software zařízení HP Deskjet 3510 series (HKLM\...\{1719C693-20CF-4BC3-831F-B65E79268114}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0216168F-2A7D-456C-90A3-022599851CCF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {1689C970-B79D-4AFB-B115-F9C7DE6F5A85} - System32\Tasks\Core Temp Autostart toombar PC => D:\Core Temp\Core Temp\Core Temp.exe
Task: {184CEC46-F547-4525-93C9-A9FE4A033518} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-22] ()
Task: {1D0D979D-2D2D-49F9-8B39-7937A7ED3742} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {27BB0615-4D3D-477E-9368-77250B8DE3EA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-11] (Microsoft Corporation)
Task: {28A33F57-D248-4C82-AF06-1BA5B9E5AD36} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {29F72EF3-124D-41E8-A281-5560DBF19469} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [2017-01-19] (Micro-Star INT'L CO., LTD.)
Task: {2C91CC2A-E08A-4EB2-814A-391F8791F104} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {2DF9629A-CBE3-4963-BBC2-EF1B8C950AE3} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_toombar_20PC => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2017-01-10] (H.D.S. Hungary)
Task: {593A4FB7-0297-4168-BE3B-06AF3187A53A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {7AA67E60-37AC-432A-8A40-CD04ACD04D72} - System32\Tasks\MSISW_Host => C:\Windows\SysWoW64\muachost.exe [2015-08-18] (MSI)
Task: {86C161AB-41ED-44D2-887F-D48AD555C211} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-11] (Microsoft Corporation)
Task: {8ECACBE2-9BC5-4C56-9F47-7A405C4ABB27} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {95D94BBA-0038-4EA3-AD07-11DCAC3B5B19} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {9ED3B29F-C3DF-4D5C-8D55-BFC3C076AE36} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {B6964C93-4A1A-4557-8042-B90B3AE98279} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {B7A641CD-4665-41CF-89CE-53D5F3087993} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {B8C07CBD-159F-4910-841C-134ECC6C4E6D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {C5028D8A-4938-4022-B9D5-5F58FCEC9499} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {C57730FD-BE73-4FEE-8776-9F7F6EF4F592} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-06-22] (Microsoft Corporation)
Task: {C8AB04C1-DD88-4029-A9A1-66A8FA811D51} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-22] ()
Task: {D533A087-2DA4-404C-BD93-CA6359A242A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-06-22] (Microsoft Corporation)
Task: {DA72F29E-EEBD-443A-AC0D-FFA80D3FE39F} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {DAB0F615-7938-4147-BC9D-06E933C06ABA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {E6C3D4DC-B3A2-4C77-BD1A-DB7250601E4C} - System32\Tasks\ABRC_RegularCheck => C:\Program Files (x86)\RegistryCleaner\RegistryCleaner.exe [2016-09-26] (Ascora GmbH)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-10-05 13:15 - 2016-10-05 13:15 - 00107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 00412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-01-03 17:49 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-04 18:09 - 2016-10-04 18:09 - 00253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-06-13 20:49 - 2017-06-03 12:01 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-04-13 15:31 - 2016-06-14 16:35 - 00187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2017-01-02 21:01 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 21:40 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 21:41 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 21:41 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 21:41 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-06-13 20:48 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-06-13 20:48 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-06-21 14:40 - 2017-06-21 14:40 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 14:40 - 2017-06-21 14:40 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 14:40 - 2017-06-21 14:40 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 14:40 - 2017-06-21 14:40 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-29 18:13 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-29 18:13 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-06-21 14:39 - 2017-06-21 14:40 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-06-21 14:39 - 2017-06-21 14:40 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-06-18 18:16 - 2017-06-18 18:17 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-06-18 18:16 - 2017-06-18 18:17 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-06-08 14:40 - 2017-06-08 14:40 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-18 18:16 - 2017-06-18 18:17 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-01-02 10:51 - 2017-01-02 10:51 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-06-18 18:16 - 2017-06-18 18:17 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 14:35 - 2017-05-09 14:36 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-17 00:34 - 2016-07-17 00:34 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-06-08 14:40 - 2017-06-08 14:40 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-22 13:40 - 2017-06-22 13:40 - 10628608 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-06-22 13:40 - 2017-06-22 13:40 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-06-23 13:52 - 2014-11-24 08:35 - 00471040 _____ () D:\Metal Gear groung Zeroes\Metal Gear Solid V - Ground Zeroes\steam_api64.dll
2017-04-13 15:34 - 2016-04-20 14:12 - 00772608 _____ () C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\Lib\USB_DLL.dll
2017-05-17 16:02 - 2017-05-17 16:02 - 02493440 _____ () D:\Origin\libGLESv2.dll
2016-10-20 02:28 - 2016-10-20 02:28 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-03 17:49 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-13 15:31 - 2016-06-14 16:35 - 00163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2017-01-09 21:15 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-01-09 21:15 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-01-09 21:15 - 2017-06-08 07:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-01-09 21:15 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-01-09 21:15 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-01-09 21:15 - 2017-06-08 07:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-01-09 21:15 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-03 17:49 - 2017-05-03 22:20 - 65709176 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-01-09 21:16 - 2017-05-08 21:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 13:42 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-01-09 21:15 - 2017-06-08 07:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-05-01 17:07 - 2017-06-08 15:43 - 00120944 _____ () C:\Users\toombar PC\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-04-26 15:19 - 2017-04-26 15:19 - 02005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-05-01 21:13 - 2017-05-01 21:13 - 00000000 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4143605839-527040269-2466945285-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\StartupFolder: => "GoogleUpdate.lnk"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\StartupFolder: => "TeamViewer 12.lnk"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "Internet Download Accelerator"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "IDMan"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1BB87FC1-7ADE-489F-9D4F-B8040F43995A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8AE420C2-70CD-468E-9F8B-7AA15C03AB77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0C56CAC2-8D27-48FD-96F6-5F2B6F2A0E25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BB6D2ECE-87A2-4869-BBAE-215A940DC7DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{054994F0-3D6C-44D8-9F0A-3088ECF85AB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A06208B1-51B1-4216-B5E5-6B32C4B87F15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{542FB5E4-7E04-4B8E-9FB4-D77E35E4C281}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe
FirewallRules: [{6E020CC2-F01E-4CF6-BA70-1E8207543871}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{2006F230-F773-476E-8808-981D327D18FF}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3BB9D368-A439-424F-92B1-5547CB5BDA91}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6F832742-179A-442B-86B9-2D18CDCF4D3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3F7D1996-7891-4DD0-B028-1D23520EC21E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{03E3F36C-22B4-44EE-B088-2B3BADA62CAF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FF94A641-F0D8-4488-BF30-E035A7DE78DB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{970C9A08-A9EC-4C2D-925B-2BA0EF5AAAF1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{0DEBFC3B-0F33-4155-B211-BDFF49F2892A}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{A1EBA1A0-6DC3-4EA3-9DE7-9647B425DF96}] => (Allow) LPort=26789
FirewallRules: [{5415E77C-7A3D-4CAD-A77F-E997A9AB6821}] => (Allow) D:\Hry\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{C84A1A03-F355-41A7-839A-DB5A4152FBCE}] => (Allow) D:\Hry\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{C710728D-5345-44B8-BC74-2720F2DD7F33}] => (Allow) D:\Hry\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{6E5BC75F-825C-45D5-B9F1-535C85DF9E55}] => (Allow) D:\Hry\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{BAA12E25-C3B1-4EEC-AFE7-95FEA37D797F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6EBB338B-2487-47E2-9E23-CA9746D1DFDA}] => (Allow) C:\Program Files (x86)\devolo\informer\devinf.exe
FirewallRules: [{8A401C9F-A52D-4E5F-AC23-B4035AA7D18F}] => (Allow) C:\Program Files (x86)\devolo\informer\devinf.exe
FirewallRules: [{8446E624-A84A-4A01-BE84-34E7E66C5947}] => (Allow) C:\Program Files (x86)\devolo\easyshare\easyshare.exe
FirewallRules: [{613463AE-D325-4A84-B964-EFCEF048F66F}] => (Allow) C:\Program Files (x86)\devolo\easyshare\easyshare.exe
FirewallRules: [{82F29543-8160-4D14-A6AC-84BDE9B42E5E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8F0C27FD-FC3F-440E-990E-06D271BBF254}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4E686FA2-97B6-4E87-8AE2-9843F1920BA9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B1BB7B94-B859-4BE2-9C39-48DC7864D4E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B360DB71-416D-4F9B-B89A-9A3340747C1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

19-06-2017 21:43:04 JRT Pre-Junkware Removal
21-06-2017 14:50:08 Before uninstalling Sandboxie 5.20 (64-bit)
22-06-2017 14:37:45 Before uninstalling Logitech Webcam Software
22-06-2017 20:06:10 Before uninstalling AIDA64 Extreme v5.00
22-06-2017 20:07:26 Before uninstalling Core Temp 1.7
22-06-2017 20:09:19 Before uninstalling Medal of Honor: Pacific Assault™
22-06-2017 20:11:36 RegistryCleaner 22.06.2017 20:11:36

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2017 01:29:48 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (06/23/2017 05:59:47 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (06/23/2017 05:59:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LiveUpdate_Service.exe, verze: 1.0.0.40, časové razítko: 0x58bcfad9
Název chybujícího modulu: NDA.dll_unloaded, verze: 1.0.0.15, časové razítko: 0x581aa4cc
Kód výjimky: 0xc0000005
Posun chyby: 0x000f650e
ID chybujícího procesu: 0xa3c
Čas spuštění chybující aplikace: 0x01d2eb552297462d
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
Cesta k chybujícímu modulu: NDA.dll
ID zprávy: 7aa54309-c45a-4ff9-8471-79516bc94680
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/23/2017 06:57:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ANQTDIM)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (06/23/2017 06:57:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ANQTDIM)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (06/22/2017 09:22:23 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.

Error: (06/22/2017 09:22:23 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.

Error: (06/22/2017 09:22:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ANQTDIM)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (06/22/2017 08:11:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/22/2017 08:11:36 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {f7b6007c-b67d-45b4-bc5d-8ced128f4838}


System errors:
=============
Error: (06/23/2017 09:15:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/23/2017 09:15:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/23/2017 09:15:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/23/2017 05:59:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/23/2017 02:15:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/23/2017 06:57:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/23/2017 06:57:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/23/2017 06:57:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/23/2017 06:57:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/23/2017 06:57:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================
Date: 2017-06-22 21:19:26.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-22 14:40:22.800
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-19 21:42:54.469
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-18 18:39:52.791
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-18 18:39:51.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-13 22:05:28.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-12 18:04:32.491
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-11 21:19:04.795
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-04 20:03:04.362
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-05-29 15:10:29.688
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 41%
Total physical RAM: 16344 MB
Available physical RAM: 9495.9 MB
Total Virtual: 32728 MB
Available Virtual: 25255.48 MB

==================== Drives ================================

Drive b: (RAMDisk) (Fixed) (Total:3 GB) (Free:2.98 GB) NTFS
Drive c: () (Fixed) (Total:223.57 GB) (Free:55.54 GB) NTFS
Drive d: () (Fixed) (Total:930.97 GB) (Free:672.45 GB) NTFS
Drive k: () (CDROM) (Total:4.82 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 72232B3D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 9CC853E6)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Preventivní kontrola

Napsal: 26 čer 2017 19:25
od cunik.cz
Jediné čeho bych si nevšímal je Adware který tam mám a vím o něm.

Re: Preventivní kontrola

Napsal: 28 čer 2017 21:28
od sorcer
Dobrý den,

1) Zde je ke stahnutí AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
2) Utilitu uložte na plochu
3) Mate-li spuštěné, ukončete všechny otevřené programy
4) Následně klikněte nejprve na Skenování a poté Čistění
5) Po dokončení skenováni se objeví log, který sem vložte

Re: Preventivní kontrola

Napsal: 29 čer 2017 19:32
od cunik.cz
# AdwCleaner v6.047 - Log vytvořen 29/06/2017 v 20:31:04
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-29.3 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : toombar PC - DESKTOP-ANQTDIM
# Spuštěno z : C:\Users\toombar PC\Desktop\adwcleaner_6.047 (1).exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****

[-] [C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazáno: hxxp://www.initialpage123.com/?z=f0c5b4d42c415 ... PX&type=hp


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1031 Bajty] - [26/04/2017 18:51:05]
C:\AdwCleaner\AdwCleaner[C2].txt - [2434 Bajty] - [10/05/2017 13:48:15]
C:\AdwCleaner\AdwCleaner[C3].txt - [2920 Bajty] - [29/05/2017 19:05:16]
C:\AdwCleaner\AdwCleaner[C4].txt - [3204 Bajty] - [30/05/2017 15:57:10]
C:\AdwCleaner\AdwCleaner[C5].txt - [2378 Bajty] - [30/05/2017 16:13:15]
C:\AdwCleaner\AdwCleaner[C6].txt - [2308 Bajty] - [30/05/2017 21:50:19]
C:\AdwCleaner\AdwCleaner[C7].txt - [1488 Bajty] - [29/06/2017 20:31:04]
C:\AdwCleaner\AdwCleaner[S0].txt - [1379 Bajty] - [26/04/2017 18:50:54]
C:\AdwCleaner\AdwCleaner[S10].txt - [3503 Bajty] - [30/05/2017 15:56:08]
C:\AdwCleaner\AdwCleaner[S11].txt - [2873 Bajty] - [30/05/2017 16:10:54]
C:\AdwCleaner\AdwCleaner[S12].txt - [2605 Bajty] - [30/05/2017 21:20:13]
C:\AdwCleaner\AdwCleaner[S13].txt - [2773 Bajty] - [30/05/2017 21:57:32]
C:\AdwCleaner\AdwCleaner[S14].txt - [2847 Bajty] - [01/06/2017 17:33:17]
C:\AdwCleaner\AdwCleaner[S15].txt - [2923 Bajty] - [01/06/2017 18:51:45]
C:\AdwCleaner\AdwCleaner[S16].txt - [2997 Bajty] - [01/06/2017 19:00:02]
C:\AdwCleaner\AdwCleaner[S17].txt - [3069 Bajty] - [02/06/2017 14:03:57]
C:\AdwCleaner\AdwCleaner[S18].txt - [3145 Bajty] - [02/06/2017 21:13:53]
C:\AdwCleaner\AdwCleaner[S19].txt - [3219 Bajty] - [02/06/2017 21:58:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [1525 Bajty] - [30/04/2017 22:04:44]
C:\AdwCleaner\AdwCleaner[S20].txt - [3668 Bajty] - [03/06/2017 10:09:42]
C:\AdwCleaner\AdwCleaner[S21].txt - [3744 Bajty] - [04/06/2017 13:24:21]
C:\AdwCleaner\AdwCleaner[S22].txt - [4196 Bajty] - [05/06/2017 21:46:17]
C:\AdwCleaner\AdwCleaner[S23].txt - [3892 Bajty] - [06/06/2017 14:36:58]
C:\AdwCleaner\AdwCleaner[S24].txt - [3966 Bajty] - [06/06/2017 16:45:10]
C:\AdwCleaner\AdwCleaner[S25].txt - [4038 Bajty] - [07/06/2017 19:04:04]
C:\AdwCleaner\AdwCleaner[S26].txt - [4112 Bajty] - [08/06/2017 20:29:37]
C:\AdwCleaner\AdwCleaner[S27].txt - [4186 Bajty] - [12/06/2017 19:19:32]
C:\AdwCleaner\AdwCleaner[S28].txt - [4260 Bajty] - [19/06/2017 21:42:51]
C:\AdwCleaner\AdwCleaner[S29].txt - [4351 Bajty] - [29/06/2017 20:20:56]
C:\AdwCleaner\AdwCleaner[S2].txt - [2582 Bajty] - [10/05/2017 13:47:58]
C:\AdwCleaner\AdwCleaner[S3].txt - [2522 Bajty] - [10/05/2017 17:36:45]
C:\AdwCleaner\AdwCleaner[S4].txt - [1819 Bajty] - [26/05/2017 18:32:13]
C:\AdwCleaner\AdwCleaner[S5].txt - [1892 Bajty] - [29/05/2017 17:40:58]
C:\AdwCleaner\AdwCleaner[S6].txt - [2359 Bajty] - [29/05/2017 18:16:41]
C:\AdwCleaner\AdwCleaner[S7].txt - [3209 Bajty] - [29/05/2017 19:04:42]
C:\AdwCleaner\AdwCleaner[S8].txt - [3355 Bajty] - [29/05/2017 20:24:47]
C:\AdwCleaner\AdwCleaner[S9].txt - [3428 Bajty] - [30/05/2017 15:55:14]

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [3771 Bajty] ##########

Re: Preventivní kontrola

Napsal: 30 čer 2017 21:32
od sorcer
Proveďte prosím sken FRST. http://forum.viry.cz/viewtopic.php?f=24&t=132509

Log z FRST i Addition vložte sem, do Vašeho topicu.

Při varování u stahování FRSTLauncheru, vyberte v pravém dolním rohu Ignorovat

Lépe vypnouti antivir, některé detekují utilitu jako závadnou, ač není!

Nepůjde-li Vám Launcher stáhnout, vytvořte logy, použitím samotného FRST (bez Launcheru)

Re: Preventivní kontrola

Napsal: 03 črc 2017 18:32
od cunik.cz
sorcer píše:Proveďte prosím sken FRST. http://forum.viry.cz/viewtopic.php?f=24&t=132509

Log z FRST i Addition vložte sem, do Vašeho topicu.

Při varování u stahování FRSTLauncheru, vyberte v pravém dolním rohu Ignorovat

Lépe vypnouti antivir, některé detekují utilitu jako závadnou, ač není!

Nepůjde-li Vám Launcher stáhnout, vytvořte logy, použitím samotného FRST (bez Launcheru)

A to nestačí ten první?

Re: Preventivní kontrola

Napsal: 03 črc 2017 20:48
od cunik.cz
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2017 01
Ran by toombar PC (administrator) on DESKTOP-ANQTDIM (03-07-2017 21:47:21)
Running from C:\Users\toombar PC\Desktop
Loaded Profiles: toombar PC (Available Profiles: defaultuser0 & toombar PC)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Sandboxie Holdings, LLC) D:\Sandboxie\SbieSvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Micro-Star Int'l Co., Ltd.) C:\Windows\SysWOW64\RAMDiskImage.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\toombar PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Sandboxie Holdings, LLC) D:\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) D:\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(AppWork GmbH) D:\JDownloader v2.0\JDownloader2.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\toombar PC\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8842496 2016-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15371216 2017-03-07] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Deamon Tools Lite\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Spotify Web Helper] => C:\Users\toombar PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-08] (Spotify Ltd)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Spotify] => C:\Users\toombar PC\AppData\Roaming\Spotify\Spotify.exe [6949488 2017-06-08] (Spotify Ltd)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Internet Download Accelerator] => D:\DOWNLOAD MANAGER\IDA\ida.exe -autorun
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [SandboxieControl] => D:\Sandboxie\SbieCtrl.exe [799368 2017-06-05] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {0ea8bab2-4491-11e7-9678-4ccc6a87f3bc} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {ca7efcaf-d178-11e6-9647-4ccc6a87f3bc} - "J:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {fa6fe333-d295-11e6-9648-4ccc6a87f3bc} - "K:\Setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AIDA64 Extreme.lnk [2017-01-03]
ShortcutTarget: AIDA64 Extreme.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2017-01-02]
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoogleUpdate.lnk [2017-02-21]
ShortcutTarget: GoogleUpdate.lnk -> C:\Users\toombar PC\AppData\Local\Temp\Chrome Updates\SeachEngine.exe (No File)
Startup: C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk [2017-04-05]
Startup: C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamViewer 12.lnk [2017-01-25]
ShortcutTarget: TeamViewer 12.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4891d0ff-1a20-42ba-a7d6-8abe48e48a6a}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f98c4fc4-24af-480f-9360-39db72a23b05}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-22] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-22] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: xy92jgbi.default
FF ProfilePath: C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default [2017-05-26]
FF Extension: (Internet Download Accelerator) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ida@westbyte.com.xpi [2017-05-15]
FF Extension: (Internet Download Accelerator Toolbar) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\idabarff@westbyte.com.xpi [2017-02-10]
FF Extension: (Adblock Plus) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-02]
FF Extension: (TLS 1.3 Compatibility Testing 3) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default\features\{f33d134b-ae02-4e76-939e-c9deba970867}\tls13-compat-ff51@mozilla.org.xpi [2017-03-01]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-22] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-06-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.initialpage123.com/?z=f0c5b4d42c415 ... PX&type=hp"
CHR Profile: C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default [2017-07-03]
CHR Extension: (AdBlock) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-4143605839-527040269-2466945285-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; D:\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-27] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [75192 2017-04-05] (Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-03-06] (Micro-Star INT'L CO., LTD.)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [70608 2016-12-02] (Micro-Star Int'l Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2162064 2017-05-17] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3136920 2017-05-17] (Electronic Arts)
R2 RAMDrivService; C:\Windows\SysWoW64\RAMDiskImage.exe [343448 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R2 SbieSvc; D:\Sandboxie\SbieSvc.exe [198792 2017-06-05] (Sandboxie Holdings, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\Windows\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-01-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-01-04] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [541672 2015-11-24] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106768 2016-12-13] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15488 2016-12-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [49672 2016-12-13] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77616 2016-12-13] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [96856 2016-12-13] (ESET)
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-07-20] (Intel Corporation)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2017-04-13] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2008-11-28] (CACE Technologies)
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-03-08] (MSI)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
R2 RAMDriv; C:\Windows\system32\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R3 SbieDrv; D:\Sandboxie\SbieDrv.sys [207496 2017-06-05] (Sandboxie Holdings, LLC)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-03 21:47 - 2017-07-03 21:47 - 00025088 _____ C:\Users\toombar PC\Desktop\FRST.txt
2017-07-03 21:45 - 2017-07-03 21:46 - 00029696 _____ C:\Users\toombar PC\AppData\Local\MSGBOX.EXE
2017-07-03 21:45 - 2017-07-03 21:46 - 00015327 _____ C:\Users\toombar PC\Desktop\LM.bat
2017-07-03 21:44 - 2017-07-03 21:44 - 02436096 _____ (Farbar) C:\Users\toombar PC\Desktop\FRST64.exe
2017-07-03 21:44 - 2017-07-03 21:44 - 00112640 _____ (forum.viry.cz) C:\Users\toombar PC\Desktop\FRSTLauncher.exe
2017-07-03 20:43 - 2017-07-03 20:43 - 00478392 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\8D1587E1.sys
2017-07-03 20:43 - 2017-07-03 20:43 - 00085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\35073608.sys
2017-07-03 20:41 - 2017-07-03 20:41 - 00000000 ____D C:\Windows\LastGood
2017-07-03 20:41 - 2017-06-21 09:07 - 00179320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-07-03 20:41 - 2017-06-21 09:07 - 00146552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-06-29 13:55 - 2017-06-29 13:55 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-06-28 21:17 - 2017-06-28 21:18 - 00278606 _____ C:\TDSSKiller.3.1.0.15_28.06.2017_21.17.46_log.txt
2017-06-28 17:46 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-06-28 17:46 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-06-28 17:46 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-06-28 17:46 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-06-28 17:46 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-06-28 17:46 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-06-28 17:46 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-06-28 17:46 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-06-23 20:08 - 2017-06-23 20:08 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign874f466da20422b5
2017-06-23 20:08 - 2017-06-23 20:08 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign8392ef7b2a59e8ae
2017-06-23 20:08 - 2017-06-23 20:08 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign5c6ad63c57b95dca
2017-06-23 20:07 - 2017-06-23 20:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign4d146dbb9a39ceee
2017-06-23 20:07 - 2017-06-23 20:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign2187ab63b5386fc4
2017-06-23 20:07 - 2017-06-23 20:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign13a8f23920f36c62
2017-06-21 14:50 - 2017-06-21 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2017-06-19 16:07 - 2017-06-19 16:07 - 00001316 _____ C:\Users\Public\Desktop\Far Cry Primal.lnk
2017-06-19 16:07 - 2017-06-19 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry Primal
2017-06-19 16:04 - 2017-06-19 16:07 - 00000000 ____D C:\Program Files (x86)\Far Cry Primal
2017-06-19 14:56 - 2017-06-19 14:56 - 00000000 ____D C:\Users\toombar PC\AppData\Local\MegaDownloader
2017-06-18 19:48 - 2017-06-18 19:50 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\uTorrent
2017-06-13 22:09 - 2017-06-13 22:09 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-06-13 20:49 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-13 20:49 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-06-13 20:49 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-13 20:49 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-13 20:49 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-13 20:49 - 2017-06-03 12:06 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-13 20:49 - 2017-06-03 12:01 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-06-13 20:49 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-13 20:49 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-13 20:49 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-13 20:49 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-13 20:49 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-06-13 20:49 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-13 20:49 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-06-13 20:49 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-06-13 20:49 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-13 20:49 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-13 20:49 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-13 20:49 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-13 20:49 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-13 20:49 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-06-13 20:49 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-06-13 20:49 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-13 20:49 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-13 20:49 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-13 20:49 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-13 20:49 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-13 20:49 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-13 20:49 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-13 20:49 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-06-13 20:49 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-13 20:49 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-13 20:49 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-13 20:49 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-13 20:49 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBrokerUI.dll
2017-06-13 20:49 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-13 20:49 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-06-13 20:49 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2017-06-13 20:49 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2017-06-13 20:49 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-13 20:49 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-13 20:49 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-13 20:49 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-06-13 20:49 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-13 20:49 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-13 20:49 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-13 20:49 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-13 20:49 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2017-06-13 20:49 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-13 20:49 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-13 20:49 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-06-13 20:49 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-13 20:49 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-06-13 20:49 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll
2017-06-13 20:49 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-13 20:49 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-13 20:49 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-13 20:49 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-13 20:49 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-13 20:49 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-13 20:49 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-13 20:49 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-13 20:49 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-06-13 20:49 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-13 20:49 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-13 20:49 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-06-13 20:49 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-13 20:49 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-13 20:49 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-13 20:49 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-13 20:49 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-13 20:49 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-13 20:49 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-13 20:49 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-13 20:49 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-06-13 20:49 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-13 20:49 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-06-13 20:49 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-06-13 20:49 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-13 20:49 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-06-13 20:49 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-06-13 20:49 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-06-13 20:48 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-13 20:48 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-13 20:48 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-13 20:48 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-13 20:48 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-13 20:48 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-06-13 20:48 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-06-13 20:48 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2017-06-13 20:48 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-13 20:48 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-13 20:48 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-06-13 20:48 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-13 20:48 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-13 20:48 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-13 20:48 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-13 20:48 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-13 20:48 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-13 20:48 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2017-06-13 20:48 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-13 20:48 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-13 20:48 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\AuthBrokerUI.dll
2017-06-13 20:48 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-06-13 20:48 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-13 20:48 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-13 20:48 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-13 20:48 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\HNetCfgClient.dll
2017-06-13 20:48 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-06-13 20:48 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-06-13 20:48 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-06-13 20:48 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-13 20:48 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-13 20:48 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-06-13 20:48 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-13 20:48 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-13 20:48 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-13 20:48 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-13 20:48 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2017-06-13 20:48 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-13 20:48 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-13 20:48 - 2017-06-03 08:08 - 00080078 _____ C:\Windows\system32\normidna.nls
2017-06-12 18:07 - 2017-06-12 18:07 - 00000000 ___RD C:\Sandbox
2017-06-12 18:03 - 2017-06-12 18:03 - 00000825 _____ C:\Users\Public\Desktop\VivPDF Editor.lnk
2017-06-12 18:03 - 2017-06-12 18:03 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Viv
2017-06-12 18:02 - 2017-06-12 18:02 - 00000072 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2017-06-12 17:57 - 2017-06-28 14:51 - 00002790 _____ C:\Windows\Sandboxie.ini
2017-06-12 17:57 - 2017-06-12 17:57 - 00000741 _____ C:\Users\toombar PC\Desktop\Sandbox webový prohlížeč.lnk
2017-06-08 18:59 - 2017-06-08 18:15 - 00223432 ____N (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2017-06-07 21:30 - 2017-06-08 14:21 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Internet Download Accelerator
2017-06-07 19:58 - 2017-06-07 19:58 - 00000000 ____D C:\Users\toombar PC\AppData\Local\UnrealEngine
2017-06-07 19:58 - 2017-06-07 19:58 - 00000000 ____D C:\Users\toombar PC\AppData\Local\mxgp3
2017-06-07 19:58 - 2017-06-07 19:58 - 00000000 ____D C:\Users\Public\Documents\Steam
2017-06-07 19:53 - 2017-06-07 19:53 - 00000841 _____ C:\Users\toombar PC\Desktop\MXGP3 The Official Motocross Videogame.lnk
2017-06-07 19:53 - 2017-06-07 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MXGP3 The Official Motocross Videogame
2017-06-05 20:53 - 2017-06-05 20:53 - 00004648 _____ C:\Users\toombar PC\Documents\Plachenatka keřová.odt
2017-06-05 18:18 - 2017-06-05 18:18 - 00000000 ____D C:\Users\toombar PC\Documents\Electronic Arts
2017-06-05 18:16 - 2017-06-05 18:16 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2017-06-05 18:16 - 2008-09-05 02:22 - 00447752 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-03 21:47 - 2017-05-26 13:43 - 00000000 ____D C:\FRST
2017-07-03 21:46 - 2017-01-03 07:54 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Skype
2017-07-03 21:43 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-03 21:43 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-07-03 21:42 - 2017-01-02 09:40 - 00000000 ____D C:\Users\toombar PC
2017-07-03 21:36 - 2017-01-02 09:37 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-03 20:59 - 2017-01-10 20:26 - 00000703 _____ C:\Users\toombar PC\Desktop\Start Tor Browser.lnk
2017-07-03 20:45 - 2017-01-02 09:42 - 03302320 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-03 20:45 - 2016-07-17 00:25 - 01387438 _____ C:\Windows\system32\perfh005.dat
2017-07-03 20:45 - 2016-07-17 00:25 - 00374072 _____ C:\Windows\system32\perfc005.dat
2017-07-03 20:43 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-07-03 20:42 - 2017-05-23 18:29 - 00004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-02 11:01 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-03 20:42 - 2017-01-02 09:56 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-07-03 20:42 - 2017-01-02 09:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-03 20:42 - 2017-01-02 09:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-03 20:42 - 2017-01-02 09:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-03 20:38 - 2017-01-09 21:14 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-03 20:38 - 2017-01-02 10:29 - 00000000 ____D C:\Users\toombar PC\AppData\LocalLow\Mozilla
2017-07-03 19:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\NDF
2017-07-03 18:18 - 2017-04-24 15:03 - 00000000 ____D C:\Users\toombar PC\AppData\Local\ElevatedDiagnostics
2017-06-29 22:08 - 2017-01-04 17:06 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\vlc
2017-06-29 20:48 - 2017-01-03 19:23 - 00000000 ____D C:\Program Files\Microsoft Office
2017-06-29 20:39 - 2017-05-01 17:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Spotify
2017-06-29 20:38 - 2017-01-03 19:27 - 00000000 ____D C:\ProgramData\TEMP
2017-06-29 20:35 - 2017-01-16 17:05 - 00001254 _____ C:\Users\toombar PC\Desktop\Adobe Photoshop CC 2017.lnk
2017-06-29 20:32 - 2017-05-01 17:06 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Spotify
2017-06-29 20:31 - 2017-05-29 18:13 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 20:31 - 2017-05-29 18:13 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-29 20:31 - 2017-04-26 18:49 - 00000000 ____D C:\AdwCleaner
2017-06-29 20:31 - 2017-02-26 17:35 - 33555456 _____ C:\Windows\SysWOW64\RAMDiskImage.data
2017-06-29 20:31 - 2017-01-02 09:37 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-29 20:31 - 2016-07-16 08:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-06-29 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-29 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-28 21:21 - 2017-01-02 09:40 - 00000000 ____D C:\Users\toombar PC\AppData\Local\VirtualStore
2017-06-28 17:50 - 2017-05-12 14:15 - 00000000 ____D C:\Windows\system32\UNP
2017-06-28 17:50 - 2017-05-12 14:15 - 00000000 ____D C:\Program Files\UNP
2017-06-28 17:47 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-06-28 17:44 - 2017-02-13 17:55 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Kodi
2017-06-28 16:42 - 2017-01-15 13:12 - 00000412 __RSH C:\ProgramData\ntuser.pol
2017-06-27 21:52 - 2017-01-02 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-27 21:52 - 2017-01-02 10:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-22 20:14 - 2017-04-24 15:02 - 00000000 ____D C:\Program Files\trend micro
2017-06-22 20:09 - 2017-05-17 16:36 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-06-22 16:25 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-06-22 14:38 - 2017-01-03 15:59 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-06-22 14:38 - 2017-01-03 15:59 - 00000000 ____D C:\Program Files (x86)\Logitech
2017-06-22 13:40 - 2017-01-03 07:55 - 00003300 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-22 13:40 - 2017-01-02 09:41 - 00002402 _____ C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-22 13:40 - 2017-01-02 09:41 - 00000000 ___RD C:\Users\toombar PC\OneDrive
2017-06-21 15:14 - 2017-01-02 09:36 - 00000000 ____D C:\Windows\Panther
2017-06-21 15:12 - 2017-03-20 07:14 - 00000000 ___HD C:\$WINDOWS.~BT
2017-06-21 09:07 - 2017-01-06 21:57 - 00057976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-06-21 09:07 - 2017-01-03 17:49 - 00048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-06-21 09:07 - 2017-01-02 09:56 - 01903224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-06-21 09:07 - 2017-01-02 09:56 - 01755256 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-06-21 09:07 - 2017-01-02 09:56 - 01489528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-06-21 09:07 - 2017-01-02 09:56 - 01317496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-06-21 09:07 - 2017-01-02 09:56 - 00121464 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-06-20 22:58 - 2017-01-03 17:49 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-06-19 17:03 - 2017-04-26 18:51 - 00423229 ____N C:\Windows\Minidump\061917-7937-01.dmp
2017-06-19 17:03 - 2017-03-22 20:36 - 00000000 ____D C:\Windows\Minidump
2017-06-19 16:16 - 2017-02-22 19:39 - 00000000 ____D C:\Users\toombar PC\Documents\My Games
2017-06-18 18:13 - 2017-01-02 09:40 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-18 18:12 - 2017-01-02 09:37 - 00345448 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-13 22:09 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-13 22:09 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-13 22:09 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-13 20:55 - 2017-01-02 21:02 - 00000000 ____D C:\Windows\system32\MRT
2017-06-13 20:53 - 2017-01-02 21:02 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-12 17:59 - 2017-01-06 20:33 - 00000000 ____D C:\ProgramData\Adobe
2017-06-09 20:15 - 2017-01-25 12:10 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-06-09 20:15 - 2017-01-25 12:10 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-06-09 20:15 - 2017-01-25 12:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-09 18:48 - 2016-07-16 13:47 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-06-09 18:48 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-06-09 18:31 - 2017-01-02 09:57 - 00000000 ____D C:\Users\toombar PC\AppData\Local\NVIDIA Corporation
2017-06-08 19:29 - 2017-05-29 17:42 - 00000000 ____D C:\KVRT_Data
2017-06-07 22:51 - 2017-01-02 11:01 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-06-07 21:59 - 2017-01-15 21:48 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Ubisoft Game Launcher
2017-06-07 18:37 - 2017-04-10 17:26 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-05 18:14 - 2017-01-02 10:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-05 14:33 - 2017-03-06 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-05 14:33 - 2017-01-04 15:59 - 00000000 ____D C:\ProgramData\Skype
2017-06-04 15:54 - 2017-01-10 18:27 - 00000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-07-03 21:45 - 2017-07-03 21:46 - 0029696 _____ () C:\Users\toombar PC\AppData\Local\MSGBOX.EXE
2017-04-13 15:53 - 2017-04-21 18:43 - 0000700 ___SH () C:\Users\toombar PC\AppData\Local\systemFL7.dat
2017-03-27 21:27 - 2017-04-17 20:58 - 0000182 _____ () C:\Users\toombar PC\AppData\Local\uts.ini
2017-01-11 16:53 - 2017-01-11 16:53 - 0000037 _____ () C:\Users\toombar PC\AppData\Local\X-Plane Installer.prf
2017-01-11 16:57 - 2017-05-14 19:46 - 0000015 _____ () C:\Users\toombar PC\AppData\Local\X-Plane_drm_11.prf
2017-01-11 16:27 - 2017-01-11 16:27 - 0000024 _____ () C:\Users\toombar PC\AppData\Local\x-plane_install_11.txt
2017-01-03 17:49 - 2017-01-06 21:58 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-03 17:49 - 2017-01-06 21:10 - 0009275 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-06-29 20:55 - 2017-06-29 20:55 - 0040448 _____ () C:\Users\toombar PC\AppData\Local\Temp\proxy_vole1356955931019838086.dll
2017-06-29 17:44 - 2017-06-29 17:44 - 0040448 ____N () C:\Users\toombar PC\AppData\Local\Temp\proxy_vole1790209987516037979.dll
2017-06-29 17:44 - 2017-06-29 17:44 - 0040448 ____N () C:\Users\toombar PC\AppData\Local\Temp\proxy_vole6745798657412663874.dll
2017-06-29 17:44 - 2017-06-29 17:44 - 0040448 ____N () C:\Users\toombar PC\AppData\Local\Temp\proxy_vole7296114619600354132.dll
2017-06-28 16:42 - 2017-06-28 16:42 - 0049152 _____ () C:\Users\toombar PC\AppData\Local\Temp\pyl5F6.tmp.exe
2017-06-12 19:11 - 2017-06-12 19:11 - 0009216 _____ (Pasi Ruokola) C:\Users\toombar PC\AppData\Local\Temp\UnSigner.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-26 17:13

==================== End of FRST.txt ============================

Re: Preventivní kontrola

Napsal: 03 črc 2017 20:48
od cunik.cz
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2017 01
Ran by toombar PC (03-07-2017 21:47:42)
Running from C:\Users\toombar PC\Desktop
Windows 10 Pro Version 1607 (X64) (2017-01-02 07:39:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4143605839-527040269-2466945285-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4143605839-527040269-2466945285-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4143605839-527040269-2466945285-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-4143605839-527040269-2466945285-501 - Limited - Disabled)
toombar PC (S-1-5-21-4143605839-527040269-2466945285-1001 - Administrator - Enabled) => C:\Users\toombar PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 10.0.390.0 (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.390.0 (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM\...\{F611E93B-8EC1-4662-BDFF-6909DB820862}) (Version: 2.2.3509.0 - Futuremark) Hidden
3DMark (HKLM-x32\...\{4bf26510-8c4e-447c-b819-2967aeca2839}) (Version: 2.2.3509.0 - Futuremark)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.33 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 2017 (HKLM-x32\...\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1) (Version: 18.0.0 - Ashampoo GmbH & Co. KG)
Auslogics Disk Defrag Professional (HKLM-x32\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.8.0.0 - Auslogics Labs Pty Ltd)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
devolo dLAN Configuration Wizard (HKLM-x32\...\dlanconf) (Version: 17.0.0.0 - devolo AG)
devolo Informer (HKLM-x32\...\dslmon) (Version: 26.0.0.0 - devolo AG)
ESET Smart Security (HKLM\...\{E483B847-824D-4659-A760-0AC8FE24055E}) (Version: 10.0.386.1 - ESET, spol. s r.o.)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{6583B359-134F-480D-9B31-9B94EFFAFE40}) (Version: 5.0.609.0 - Futuremark)
Genie Timeline (HKLM-x32\...\Genie Timeline) (Version: 7.0 - Genie9)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Kodi) (Version: - XBMC-Foundation)
Mafia III Update v1.01 Hotfix (HKLM\...\bWFmaWFpaWk_is1) (Version: 1 - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\OneDriveSetup.exe) (Version: 17.3.6941.0614 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.2.1.6382 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 cs)) (Version: 52.2.1 - Mozilla)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.10 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.10 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.22 - MSI)
MXGP3 The Official Motocross Videogame (HKLM-x32\...\MXGP3 The Official Motocross Videogame_is1) (Version: - )
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.8229.2041 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8229.2041 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.10.46586 - Electronic Arts, Inc.)
Outlast 2 (HKLM-x32\...\1453301453_is1) (Version: gog-1 - GOG.com)
Ovládací panel NVIDIA 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.33 - NVIDIA Corporation) Hidden
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7855 - Realtek Semiconductor Corp.)
Registry Cleaner (HKLM-x32\...\Registry Cleaner_is1) (Version: 2.0 - Abelssoft)
Sandboxie 5.20 (64-bit) (HKLM\...\Sandboxie) (Version: 5.20 - Sandboxie Holdings, LLC)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
Uplay (HKLM-x32\...\Uplay) (Version: 30.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VivPDF Editor (HKLM-x32\...\VivPDFEditor_is1) (Version: 3.0.1.1013 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
Základní software zařízení HP Deskjet 3510 series (HKLM\...\{1719C693-20CF-4BC3-831F-B65E79268114}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers02: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers03: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => -> No File
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-18] (NVIDIA Corporation)
ContextMenuHandlers06: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {005E4777-0B2D-4161-9221-A4410BCAA41B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {03C63931-7F4D-4264-87B7-F37BD175FFC1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-06-29] (Microsoft Corporation)
Task: {1689C970-B79D-4AFB-B115-F9C7DE6F5A85} - System32\Tasks\Core Temp Autostart toombar PC => D:\Core Temp\Core Temp\Core Temp.exe
Task: {27E02E48-8A2A-4AE9-B9D6-05031C5D6A1B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {29F72EF3-124D-41E8-A281-5560DBF19469} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [2017-01-19] (Micro-Star INT'L CO., LTD.)
Task: {2C91CC2A-E08A-4EB2-814A-391F8791F104} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {2DF9629A-CBE3-4963-BBC2-EF1B8C950AE3} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_toombar_20PC => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2017-01-10] (H.D.S. Hungary)
Task: {4BE5A328-E335-4AAC-85AE-15BD822ED63B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {593A4FB7-0297-4168-BE3B-06AF3187A53A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {7AA67E60-37AC-432A-8A40-CD04ACD04D72} - System32\Tasks\MSISW_Host => C:\Windows\SysWoW64\muachost.exe [2015-08-18] (MSI)
Task: {7F547DBA-407D-4E91-B319-E6EEF9EE8D63} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {8AE86DE8-6CB4-4B3A-89BE-17E1FFC718B2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {963167D3-B253-4207-86F4-655D27DF90CF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {989C0D16-5230-4F0C-8238-60828BC7302F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-22] ()
Task: {9ED3B29F-C3DF-4D5C-8D55-BFC3C076AE36} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {A3908112-A23A-4D7B-82A9-9E82535A44E5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {A54EE21B-A0B3-4E0C-9F32-90DF66728C18} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {B1248DB1-3D36-4D65-9A12-409008985F9E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {B6C73325-5F81-4E5F-877F-04BAA493C4B8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {B7A641CD-4665-41CF-89CE-53D5F3087993} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {B8C07CBD-159F-4910-841C-134ECC6C4E6D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {BA5A75D6-7938-4F44-A278-6ED4CF804E1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-06-29] (Microsoft Corporation)
Task: {DA72F29E-EEBD-443A-AC0D-FFA80D3FE39F} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {E6C3D4DC-B3A2-4C77-BD1A-DB7250601E4C} - System32\Tasks\ABRC_RegularCheck => C:\Program Files (x86)\RegistryCleaner\RegistryCleaner.exe [2016-09-26] (Ascora GmbH)
Task: {F4CFA098-7BD1-4866-ACEE-8FA7D0AB4318} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-22] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-10-05 13:15 - 2016-10-05 13:15 - 00107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 00412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2016-10-04 18:09 - 2016-10-04 18:09 - 00253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-06-13 20:49 - 2017-06-03 12:01 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-04-13 15:31 - 2016-06-14 16:35 - 00187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2017-01-02 21:01 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 21:40 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 21:41 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 21:41 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 21:41 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-06-13 20:48 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-06-13 20:48 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-06-21 14:40 - 2017-06-21 14:40 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 14:40 - 2017-06-21 14:40 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 14:40 - 2017-06-21 14:40 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 14:40 - 2017-06-21 14:40 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-03 20:42 - 2017-06-21 09:06 - 00019064 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll
2017-06-27 14:52 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-27 14:52 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-01-03 17:49 - 2017-06-21 09:07 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-03 20:42 - 2017-06-21 09:06 - 00920184 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2017-07-03 20:42 - 2017-06-21 09:06 - 00034424 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2017-06-21 14:39 - 2017-06-21 14:40 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-06-21 14:39 - 2017-06-21 14:40 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-06-18 18:16 - 2017-06-18 18:17 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-06-18 18:16 - 2017-06-18 18:17 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-06-08 14:40 - 2017-06-08 14:40 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-18 18:16 - 2017-06-18 18:17 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-01-02 10:51 - 2017-01-02 10:51 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-06-18 18:16 - 2017-06-18 18:17 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 14:35 - 2017-05-09 14:36 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-17 00:34 - 2016-07-17 00:34 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-06-08 14:40 - 2017-06-08 14:40 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-22 13:40 - 2017-06-22 13:40 - 10628608 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-06-22 13:40 - 2017-06-22 13:40 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-07-03 21:37 - 2017-07-03 21:37 - 00566439 _____ () D:\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2017-07-03 21:37 - 2017-07-03 21:37 - 04078962 _____ () D:\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2017-04-13 15:34 - 2016-04-20 14:12 - 00772608 _____ () C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\Lib\USB_DLL.dll
2017-03-18 10:43 - 2005-07-18 14:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2017-05-17 16:02 - 2017-05-17 16:02 - 02493440 _____ () D:\Origin\libGLESv2.dll
2016-10-20 02:28 - 2016-10-20 02:28 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-13 15:31 - 2016-06-14 16:35 - 00163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2017-01-09 21:15 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-01-09 21:15 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-01-09 21:15 - 2017-06-08 07:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2017-01-09 21:15 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-01-09 21:15 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-01-09 21:15 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-01-09 21:15 - 2017-06-08 07:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-07-03 20:42 - 2017-06-21 09:06 - 00019064 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll
2017-05-01 17:07 - 2017-06-08 15:43 - 00120944 _____ () C:\Users\toombar PC\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-04-26 15:19 - 2017-04-26 15:19 - 02005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-01-09 21:16 - 2017-05-08 21:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 13:42 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-01-09 21:15 - 2017-06-08 07:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-01-03 17:49 - 2017-06-21 09:07 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-03 17:49 - 2017-06-21 09:06 - 66837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-05-01 21:13 - 2017-05-01 21:13 - 00000000 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4143605839-527040269-2466945285-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\StartupFolder: => "GoogleUpdate.lnk"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\StartupFolder: => "TeamViewer 12.lnk"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "Internet Download Accelerator"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\StartupApproved\Run: => "IDMan"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1BB87FC1-7ADE-489F-9D4F-B8040F43995A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8AE420C2-70CD-468E-9F8B-7AA15C03AB77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0C56CAC2-8D27-48FD-96F6-5F2B6F2A0E25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BB6D2ECE-87A2-4869-BBAE-215A940DC7DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{054994F0-3D6C-44D8-9F0A-3088ECF85AB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A06208B1-51B1-4216-B5E5-6B32C4B87F15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{542FB5E4-7E04-4B8E-9FB4-D77E35E4C281}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe
FirewallRules: [{6E020CC2-F01E-4CF6-BA70-1E8207543871}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{2006F230-F773-476E-8808-981D327D18FF}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3BB9D368-A439-424F-92B1-5547CB5BDA91}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6F832742-179A-442B-86B9-2D18CDCF4D3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3F7D1996-7891-4DD0-B028-1D23520EC21E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{03E3F36C-22B4-44EE-B088-2B3BADA62CAF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FF94A641-F0D8-4488-BF30-E035A7DE78DB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{970C9A08-A9EC-4C2D-925B-2BA0EF5AAAF1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{0DEBFC3B-0F33-4155-B211-BDFF49F2892A}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{A1EBA1A0-6DC3-4EA3-9DE7-9647B425DF96}] => (Allow) LPort=26789
FirewallRules: [{5415E77C-7A3D-4CAD-A77F-E997A9AB6821}] => (Allow) D:\Hry\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{C84A1A03-F355-41A7-839A-DB5A4152FBCE}] => (Allow) D:\Hry\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{C710728D-5345-44B8-BC74-2720F2DD7F33}] => (Allow) D:\Hry\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{6E5BC75F-825C-45D5-B9F1-535C85DF9E55}] => (Allow) D:\Hry\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{BAA12E25-C3B1-4EEC-AFE7-95FEA37D797F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6EBB338B-2487-47E2-9E23-CA9746D1DFDA}] => (Allow) C:\Program Files (x86)\devolo\informer\devinf.exe
FirewallRules: [{8A401C9F-A52D-4E5F-AC23-B4035AA7D18F}] => (Allow) C:\Program Files (x86)\devolo\informer\devinf.exe
FirewallRules: [{8446E624-A84A-4A01-BE84-34E7E66C5947}] => (Allow) C:\Program Files (x86)\devolo\easyshare\easyshare.exe
FirewallRules: [{613463AE-D325-4A84-B964-EFCEF048F66F}] => (Allow) C:\Program Files (x86)\devolo\easyshare\easyshare.exe
FirewallRules: [{8F0C27FD-FC3F-440E-990E-06D271BBF254}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4E686FA2-97B6-4E87-8AE2-9843F1920BA9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B1BB7B94-B859-4BE2-9C39-48DC7864D4E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B360DB71-416D-4F9B-B89A-9A3340747C1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{02DD9530-32F3-4020-80CA-448B151EA13C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

22-06-2017 20:06:10 Before uninstalling AIDA64 Extreme v5.00
22-06-2017 20:07:26 Before uninstalling Core Temp 1.7
22-06-2017 20:09:19 Before uninstalling Medal of Honor: Pacific Assault™
22-06-2017 20:11:36 RegistryCleaner 22.06.2017 20:11:36
26-06-2017 16:22:12 Before uninstalling Metal Gear Solid V - Ground Zeroes verze 1.0.0.5
27-06-2017 17:10:43 Before uninstalling Metal Gear Solid V - Ground Zeroes verze 1.0.0.5

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2017 08:37:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/03/2017 06:06:16 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (06/29/2017 10:08:40 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.

Error: (06/29/2017 10:08:40 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.

Error: (06/29/2017 08:31:43 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (06/29/2017 01:36:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (06/28/2017 03:30:33 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (06/27/2017 10:25:19 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.

Error: (06/27/2017 10:25:19 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.

Error: (06/27/2017 09:52:55 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (07/03/2017 07:51:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/03/2017 07:51:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/29/2017 10:08:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/29/2017 10:08:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/29/2017 08:32:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Intel(R) Online Connect Helper bylo dosaženo časového limitu (60000 ms).

Error: (06/29/2017 08:31:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ANQTDIM)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/29/2017 08:31:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/29/2017 08:31:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/29/2017 08:31:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (06/29/2017 08:31:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2017-06-22 21:19:26.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-22 14:40:22.800
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-19 21:42:54.469
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-18 18:39:52.791
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-18 18:39:51.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-13 22:05:28.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-12 18:04:32.491
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-11 21:19:04.795
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-04 20:03:04.362
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-05-29 15:10:29.688
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 45%
Total physical RAM: 16344 MB
Available physical RAM: 8942.76 MB
Total Virtual: 32728 MB
Available Virtual: 24510.23 MB

==================== Drives ================================

Drive b: (RAMDisk) (Fixed) (Total:3 GB) (Free:2.98 GB) NTFS
Drive c: () (Fixed) (Total:223.57 GB) (Free:51.53 GB) NTFS
Drive d: () (Fixed) (Total:930.97 GB) (Free:682.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 72232B3D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 9CC853E6)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Preventivní kontrola

Napsal: 05 črc 2017 22:09
od sorcer
1) Obsah fixu níže, nakopírujte do Notepadu + uložte jej jako: fixlist.txt
2) Soubor uložte na stejné místo, kde máte aktuálně utilitu FRST

Kód: Vybrat vše

Start
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
Hosts:

HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {0ea8bab2-4491-11e7-9678-4ccc6a87f3bc} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {ca7efcaf-d178-11e6-9647-4ccc6a87f3bc} - "J:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {fa6fe333-d295-11e6-9648-4ccc6a87f3bc} - "K:\Setup.exe" 
ShortcutTarget: GoogleUpdate.lnk -> C:\Users\toombar PC\AppData\Local\Temp\Chrome Updates\SeachEngine.exe (No File)
GroupPolicy: Restriction <==== ATTENTION

CHR StartupUrls: Default -> "hxxp://www.initialpage123.com/?z=f0c5b4d42c4159b4010de67gdzetbz6o6m3geccb1g&from=dam&uid=HGSTXHTS545050A7E680_RBF50A1N1DA99P1DA99PX&type=hp"

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]
END
3) Spusťte FRST a kliněte na tlačítko FIX
4) Restartujte PC.
5) Sledujte PC, jak se chová
5) Obsah FIXLOGU postněte sem do Vašeho topicu

Re: Preventivní kontrola

Napsal: 06 črc 2017 06:33
od cunik.cz
OK, co se týře chování PC tak je to divný. Spouští se mi internetový prohlížeč hned po startu ač to nemám nastaveno a další věci. Vidíte tam něco? Mně to zatím přijde jako nějakej Trojan či takovej nějakej zmetek.


Fix result of Farbar Recovery Scan Tool (x64) Version: 05-07-2017
Ran by toombar PC (06-07-2017 07:25:58) Run:2
Running from C:\Users\toombar PC\Desktop
Loaded Profiles: toombar PC (Available Profiles: defaultuser0 & toombar PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
Hosts:

HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {0ea8bab2-4491-11e7-9678-4ccc6a87f3bc} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {ca7efcaf-d178-11e6-9647-4ccc6a87f3bc} - "J:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\MountPoints2: {fa6fe333-d295-11e6-9648-4ccc6a87f3bc} - "K:\Setup.exe"
ShortcutTarget: GoogleUpdate.lnk -> C:\Users\toombar PC\AppData\Local\Temp\Chrome Updates\SeachEngine.exe (No File)
GroupPolicy: Restriction <==== ATTENTION

CHR StartupUrls: Default -> "hxxp://www.initialpage123.com/?z=f0c5b4d42c415 ... PX&type=hp"

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]
END
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ea8bab2-4491-11e7-9678-4ccc6a87f3bc} => key not found.
HKLM\Software\Classes\CLSID\{0ea8bab2-4491-11e7-9678-4ccc6a87f3bc} => key not found.
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca7efcaf-d178-11e6-9647-4ccc6a87f3bc} => key not found.
HKLM\Software\Classes\CLSID\{ca7efcaf-d178-11e6-9647-4ccc6a87f3bc} => key not found.
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa6fe333-d295-11e6-9648-4ccc6a87f3bc} => key not found.
HKLM\Software\Classes\CLSID\{fa6fe333-d295-11e6-9648-4ccc6a87f3bc} => key not found.
C:\Users\toombar PC\AppData\Local\Temp\Chrome Updates\SeachEngine.exe => not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
Chrome StartupUrls => removed successfully
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63844214 B
Java, Flash, Steam htmlcache => 17450710 B
Windows/system/drivers => 612129 B
Edge => 62473700 B
Chrome => 397104941 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 2450 B
NetworkService => 0 B
defaultuser0 => 0 B
toombar PC => 273226114 B

RecycleBin => 110476 B
EmptyTemp: => 777.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 07:26:19 ====

Re: Preventivní kontrola

Napsal: 06 črc 2017 08:05
od sorcer
MBAM mate instalovan tak provedte sken.

Navod zde: http://forum.viry.cz/viewtopic.php?f=29&t=144868

Re: Preventivní kontrola

Napsal: 06 črc 2017 08:26
od cunik.cz
Tak MalwareBytes nic nenašel.

Re: Preventivní kontrola

Napsal: 06 črc 2017 20:57
od sorcer
Prosím opět o FRST a Addition.

Re: Preventivní kontrola

Napsal: 07 črc 2017 08:34
od cunik.cz
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-07-2017
Ran by toombar PC (administrator) on DESKTOP-ANQTDIM (07-07-2017 09:33:27)
Running from C:\Users\toombar PC\Desktop
Loaded Profiles: toombar PC (Available Profiles: defaultuser0 & toombar PC)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Sandboxie Holdings, LLC) D:\Sandboxie\SbieSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star Int'l Co., Ltd.) C:\Windows\SysWOW64\RAMDiskImage.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) D:\Malware bytes\Anti-Malware\mbamtray.exe
(Malwarebytes) D:\Malware bytes\Anti-Malware\MBAMService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Spotify Ltd) C:\Users\toombar PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\toombar PC\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\eeclnt.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8842496 2016-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => D:\MALWARE BYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15371216 2017-03-07] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5232928 2017-05-19] (IObit)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Deamon Tools Lite\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Spotify Web Helper] => C:\Users\toombar PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-07-04] (Spotify Ltd)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Spotify] => C:\Users\toombar PC\AppData\Roaming\Spotify\Spotify.exe [7047792 2017-07-04] (Spotify Ltd)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [Internet Download Accelerator] => D:\DOWNLOAD MANAGER\IDA\ida.exe -autorun
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\Run: [SandboxieControl] => D:\Sandboxie\SbieCtrl.exe [799368 2017-06-05] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\RunOnce: [Uninstall 17.3.6943.0625\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\toombar PC\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64"
HKU\S-1-5-21-4143605839-527040269-2466945285-1001\...\RunOnce: [Uninstall 17.3.6943.0625] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\toombar PC\AppData\Local\Microsoft\OneDrive\17.3.6943.0625"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AIDA64 Extreme.lnk [2017-01-03]
ShortcutTarget: AIDA64 Extreme.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2017-01-02]
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoogleUpdate.lnk [2017-02-21]
ShortcutTarget: GoogleUpdate.lnk -> C:\Users\toombar PC\AppData\Local\Temp\Chrome Updates\SeachEngine.exe (No File)
Startup: C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk [2017-04-05]
Startup: C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamViewer 12.lnk [2017-01-25]
ShortcutTarget: TeamViewer 12.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4891d0ff-1a20-42ba-a7d6-8abe48e48a6a}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f98c4fc4-24af-480f-9360-39db72a23b05}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-22] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-22] (Microsoft Corporation)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll [2016-12-22] (IObit)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-22] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: xy92jgbi.default
FF ProfilePath: C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default [2017-07-03]
FF Extension: (Internet Download Accelerator) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ida@westbyte.com.xpi [2017-05-15]
FF Extension: (Internet Download Accelerator Toolbar) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\idabarff@westbyte.com.xpi [2017-02-10]
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2016-10-25]
FF Extension: (Adblock Plus) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-02]
FF Extension: (TLS 1.3 Compatibility Testing 3) - C:\Users\toombar PC\AppData\Roaming\Mozilla\Firefox\Profiles\xy92jgbi.default\features\{f33d134b-ae02-4e76-939e-c9deba970867}\tls13-compat-ff51@mozilla.org.xpi [2017-03-01]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-22] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-06-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/
CHR Profile: C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default [2017-07-07]
CHR Extension: (AdBlock) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\toombar PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-4143605839-527040269-2466945285-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; D:\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-27] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1766176 2017-05-19] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 MBAMService; D:\Malware bytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [75192 2017-04-05] (Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-03-06] (Micro-Star INT'L CO., LTD.)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [70608 2016-12-02] (Micro-Star Int'l Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2162064 2017-05-17] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3136920 2017-05-17] (Electronic Arts)
R2 RAMDrivService; C:\Windows\SysWoW64\RAMDiskImage.exe [343448 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R2 SbieSvc; D:\Sandboxie\SbieSvc.exe [198792 2017-06-05] (Sandboxie Holdings, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\Windows\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-01-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-01-04] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [541672 2015-11-24] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106768 2016-12-13] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15488 2016-12-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [49672 2016-12-13] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77616 2016-12-13] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [96856 2016-12-13] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-07-20] (Intel Corporation)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [44096 2017-03-17] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39288 2017-03-06] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40440 2017-02-16] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [33600 2017-02-16] (IObit.com)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188352 2017-07-07] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [101784 2017-07-07] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-07-07] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-07] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93600 2017-07-07] (Malwarebytes)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2017-04-13] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2008-11-28] (CACE Technologies)
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-03-08] (MSI)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
R2 RAMDriv; C:\Windows\system32\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52792 2017-02-16] (IObit.com)
R3 SbieDrv; D:\Sandboxie\SbieDrv.sys [207496 2017-06-05] (Sandboxie Holdings, LLC)
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-12-05] (BitDefender S.R.L.)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-07 09:33 - 2017-07-07 09:33 - 00026379 _____ C:\Users\toombar PC\Desktop\FRST.txt
2017-07-07 09:33 - 2017-07-07 09:33 - 00015327 _____ C:\Users\toombar PC\Desktop\LM.bat
2017-07-07 09:33 - 2017-07-07 09:32 - 02436608 _____ (Farbar) C:\Users\toombar PC\Desktop\FRST64.exe
2017-07-07 09:31 - 2017-07-07 09:33 - 00029696 _____ C:\Users\toombar PC\AppData\Local\MSGBOX.EXE
2017-07-07 09:30 - 2017-07-07 09:30 - 00112640 _____ (forum.viry.cz) C:\Users\toombar PC\Desktop\FRSTLauncher.exe
2017-07-06 09:23 - 2017-07-07 09:04 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-06 09:23 - 2017-07-07 08:58 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-06 09:23 - 2017-07-07 08:58 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-06 09:23 - 2017-07-07 08:58 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-06 09:23 - 2017-07-07 08:58 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-06 09:22 - 2017-07-06 09:22 - 00000813 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-06 09:22 - 2017-07-06 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-06 09:22 - 2017-06-27 12:06 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-05 16:51 - 2017-07-05 16:56 - 00000000 ____D C:\ProgramData\Copernic
2017-07-05 16:50 - 2017-07-05 16:50 - 00345448 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-05 11:39 - 2017-07-05 11:39 - 00001058 _____ C:\Users\Public\Desktop\BioShock Infinite.lnk
2017-07-05 11:39 - 2017-07-05 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BioShock Infinite
2017-07-04 08:56 - 2017-07-04 09:13 - 00000000 ____D C:\Program Files\CyberGhost 6
2017-07-04 08:16 - 2017-07-07 08:59 - 00003386 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4143605839-527040269-2466945285-1001
2017-07-03 22:02 - 2017-07-03 22:02 - 00000000 ____D C:\ProgramData\BDLogging
2017-07-03 22:02 - 2016-12-05 15:32 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2017-07-03 21:58 - 2017-07-03 21:58 - 00000000 ____D C:\Users\toombar PC\Documents\Abelssoft
2017-07-03 21:57 - 2017-07-03 21:57 - 00001630 _____ C:\Users\Public\Desktop\WashAndGo.lnk
2017-07-03 21:57 - 2017-07-03 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WashAndGo
2017-07-03 21:53 - 2017-07-05 19:27 - 00000000 ____D C:\Users\toombar PC\AppData\LocalLow\IObit
2017-07-03 21:53 - 2017-07-03 22:14 - 00000000 ____D C:\ProgramData\ProductData
2017-07-03 21:53 - 2017-07-03 21:53 - 00001246 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2017-07-03 21:53 - 2017-07-03 21:53 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\IObit
2017-07-03 21:53 - 2017-07-03 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2017-07-03 21:53 - 2017-07-03 21:53 - 00000000 ____D C:\Program Files (x86)\IObit
2017-07-03 21:53 - 2017-03-17 00:57 - 00044096 _____ (IObit.com) C:\Windows\system32\Drivers\IMFCameraProtect.sys
2017-07-03 21:52 - 2017-07-03 21:53 - 00000000 ____D C:\ProgramData\IObit
2017-07-03 21:52 - 2017-07-03 21:52 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2017-07-03 20:43 - 2017-07-03 20:43 - 00478392 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\8D1587E1.sys
2017-07-03 20:43 - 2017-07-03 20:43 - 00085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\35073608.sys
2017-07-03 20:41 - 2017-07-03 20:41 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-07-03 20:41 - 2017-06-21 09:07 - 00179320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-07-03 20:41 - 2017-06-21 09:07 - 00146552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-06-29 13:55 - 2017-06-29 13:55 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-06-28 21:17 - 2017-06-28 21:18 - 00278606 _____ C:\TDSSKiller.3.1.0.15_28.06.2017_21.17.46_log.txt
2017-06-28 17:46 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-06-28 17:46 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-06-28 17:46 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-06-28 17:46 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-06-28 17:46 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-06-28 17:46 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-06-28 17:46 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-06-28 17:46 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-06-23 20:08 - 2017-06-23 20:08 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign874f466da20422b5
2017-06-23 20:08 - 2017-06-23 20:08 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign8392ef7b2a59e8ae
2017-06-23 20:08 - 2017-06-23 20:08 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign5c6ad63c57b95dca
2017-06-23 20:07 - 2017-06-23 20:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign4d146dbb9a39ceee
2017-06-23 20:07 - 2017-06-23 20:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign2187ab63b5386fc4
2017-06-23 20:07 - 2017-06-23 20:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Tempzxpsign13a8f23920f36c62
2017-06-21 14:50 - 2017-06-21 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2017-06-19 16:07 - 2017-06-19 16:07 - 00001316 _____ C:\Users\Public\Desktop\Far Cry Primal.lnk
2017-06-19 16:07 - 2017-06-19 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry Primal
2017-06-19 16:04 - 2017-06-19 16:07 - 00000000 ____D C:\Program Files (x86)\Far Cry Primal
2017-06-19 14:56 - 2017-06-19 14:56 - 00000000 ____D C:\Users\toombar PC\AppData\Local\MegaDownloader
2017-06-18 19:48 - 2017-06-18 19:50 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\uTorrent
2017-06-13 22:09 - 2017-06-13 22:09 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-06-13 20:49 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-13 20:49 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-06-13 20:49 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-13 20:49 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-13 20:49 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-13 20:49 - 2017-06-03 12:06 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-13 20:49 - 2017-06-03 12:01 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-06-13 20:49 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-13 20:49 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-13 20:49 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-13 20:49 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-13 20:49 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-06-13 20:49 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-13 20:49 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-06-13 20:49 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-06-13 20:49 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-13 20:49 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-13 20:49 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-13 20:49 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-13 20:49 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-13 20:49 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-06-13 20:49 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-06-13 20:49 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-13 20:49 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-13 20:49 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-13 20:49 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-13 20:49 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-13 20:49 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-13 20:49 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-13 20:49 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-06-13 20:49 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-13 20:49 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-13 20:49 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-13 20:49 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-13 20:49 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBrokerUI.dll
2017-06-13 20:49 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-13 20:49 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-06-13 20:49 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2017-06-13 20:49 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2017-06-13 20:49 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-13 20:49 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-13 20:49 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-13 20:49 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-06-13 20:49 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-13 20:49 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-13 20:49 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-13 20:49 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-13 20:49 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-13 20:49 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2017-06-13 20:49 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-06-13 20:49 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-13 20:49 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-13 20:49 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-06-13 20:49 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-13 20:49 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-06-13 20:49 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll
2017-06-13 20:49 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-13 20:49 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-13 20:49 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-13 20:49 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-13 20:49 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-13 20:49 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-13 20:49 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-13 20:49 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-13 20:49 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-06-13 20:49 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-13 20:49 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-13 20:49 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-06-13 20:49 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-13 20:49 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-13 20:49 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-13 20:49 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-13 20:49 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-13 20:49 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-13 20:49 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-13 20:49 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-13 20:49 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-06-13 20:49 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-13 20:49 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-06-13 20:49 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-06-13 20:49 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-13 20:49 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-06-13 20:49 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-06-13 20:49 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-06-13 20:48 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2017-06-13 20:48 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-13 20:48 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-13 20:48 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-13 20:48 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-13 20:48 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-13 20:48 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-06-13 20:48 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-06-13 20:48 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2017-06-13 20:48 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-13 20:48 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-13 20:48 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-06-13 20:48 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-13 20:48 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-13 20:48 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-13 20:48 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-13 20:48 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-13 20:48 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-13 20:48 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2017-06-13 20:48 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-13 20:48 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-13 20:48 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\AuthBrokerUI.dll
2017-06-13 20:48 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-06-13 20:48 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-13 20:48 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-13 20:48 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-13 20:48 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\HNetCfgClient.dll
2017-06-13 20:48 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-06-13 20:48 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-06-13 20:48 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-06-13 20:48 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-13 20:48 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-13 20:48 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-06-13 20:48 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-13 20:48 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-13 20:48 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-13 20:48 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-13 20:48 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2017-06-13 20:48 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-13 20:48 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-13 20:48 - 2017-06-03 08:08 - 00080078 _____ C:\Windows\system32\normidna.nls
2017-06-12 18:07 - 2017-06-12 18:07 - 00000000 ___RD C:\Sandbox
2017-06-12 18:03 - 2017-07-03 21:49 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Viv
2017-06-12 18:03 - 2017-06-12 18:03 - 00000825 _____ C:\Users\Public\Desktop\VivPDF Editor.lnk
2017-06-12 17:57 - 2017-06-28 14:51 - 00002790 _____ C:\Windows\Sandboxie.ini
2017-06-12 17:57 - 2017-06-12 17:57 - 00000741 _____ C:\Users\toombar PC\Desktop\Sandbox webový prohlížeč.lnk
2017-06-08 18:59 - 2017-06-08 18:15 - 00223432 ____N (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2017-06-07 21:30 - 2017-07-03 22:07 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Internet Download Accelerator
2017-06-07 19:58 - 2017-06-07 19:58 - 00000000 ____D C:\Users\toombar PC\AppData\Local\UnrealEngine
2017-06-07 19:58 - 2017-06-07 19:58 - 00000000 ____D C:\Users\toombar PC\AppData\Local\mxgp3
2017-06-07 19:58 - 2017-06-07 19:58 - 00000000 ____D C:\Users\Public\Documents\Steam
2017-06-07 19:53 - 2017-06-07 19:53 - 00000841 _____ C:\Users\toombar PC\Desktop\MXGP3 The Official Motocross Videogame.lnk
2017-06-07 19:53 - 2017-06-07 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MXGP3 The Official Motocross Videogame

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-07 09:33 - 2017-05-26 13:43 - 00000000 ____D C:\FRST
2017-07-07 09:23 - 2017-01-03 07:54 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Skype
2017-07-07 08:59 - 2017-01-02 09:41 - 00002402 _____ C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-07 08:59 - 2017-01-02 09:41 - 00000000 ___RD C:\Users\toombar PC\OneDrive
2017-07-07 08:59 - 2017-01-02 09:40 - 00000000 ____D C:\Users\toombar PC
2017-07-07 08:58 - 2017-01-09 21:14 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-07 08:58 - 2017-01-02 11:01 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-07 08:58 - 2017-01-02 10:29 - 00000000 ____D C:\Users\toombar PC\AppData\LocalLow\Mozilla
2017-07-06 22:19 - 2017-01-02 09:37 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-06 17:26 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-06 17:26 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-07-06 09:45 - 2017-02-13 17:55 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Kodi
2017-07-06 09:45 - 2017-01-03 19:27 - 00000000 ____D C:\ProgramData\TEMP
2017-07-06 09:22 - 2017-01-04 18:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-06 08:20 - 2017-01-02 09:42 - 03435870 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-06 08:20 - 2016-07-17 00:25 - 01455158 _____ C:\Windows\system32\perfh005.dat
2017-07-06 08:20 - 2016-07-17 00:25 - 00394982 _____ C:\Windows\system32\perfc005.dat
2017-07-06 08:14 - 2017-05-29 18:13 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-06 08:14 - 2017-05-29 18:13 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-06 08:14 - 2017-02-26 17:35 - 33555456 _____ C:\Windows\SysWOW64\RAMDiskImage.data
2017-07-06 08:14 - 2017-01-02 09:37 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-06 07:27 - 2017-01-15 13:12 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-07-06 07:26 - 2016-07-16 13:47 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-07-06 07:26 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-07-06 07:26 - 2016-07-16 08:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-07-05 17:10 - 2017-04-26 18:49 - 00000000 ____D C:\AdwCleaner
2017-07-05 17:00 - 2017-01-04 17:06 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\vlc
2017-07-05 12:05 - 2017-02-22 19:39 - 00000000 ____D C:\Users\toombar PC\Documents\My Games
2017-07-05 12:05 - 2017-01-14 10:34 - 00000000 ____D C:\ProgramData\Steam
2017-07-05 11:07 - 2017-01-04 18:47 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\DAEMON Tools Lite
2017-07-04 22:06 - 2017-05-01 17:07 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Spotify
2017-07-04 21:57 - 2017-05-01 17:06 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Spotify
2017-07-04 09:03 - 2017-01-10 20:26 - 00000703 _____ C:\Users\toombar PC\Desktop\Start Tor Browser.lnk
2017-07-04 08:57 - 2017-01-02 09:40 - 00000000 ____D C:\Users\toombar PC\AppData\Local\VirtualStore
2017-07-04 08:57 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-07-03 22:08 - 2017-03-20 07:14 - 00000000 ___HD C:\$WINDOWS.~BT
2017-07-03 22:08 - 2017-01-02 09:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-03 22:07 - 2017-03-22 20:36 - 00000000 ____D C:\Windows\Minidump
2017-07-03 22:07 - 2017-01-25 12:10 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\TeamViewer
2017-07-03 22:07 - 2017-01-15 18:15 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Sony
2017-07-03 22:07 - 2017-01-03 22:01 - 00000000 ____D C:\Users\toombar PC\AppData\Local\CrashDumps
2017-07-03 22:07 - 2017-01-02 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-07-03 22:07 - 2017-01-02 10:23 - 00000000 ____D C:\ProgramData\TP-LINK
2017-07-03 22:07 - 2017-01-02 09:36 - 00000000 ____D C:\Windows\Panther
2017-07-03 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-07-03 21:58 - 2017-01-12 19:24 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Abelssoft
2017-07-03 21:57 - 2017-01-12 19:23 - 00000000 ____D C:\ProgramData\Abelssoft
2017-07-03 20:42 - 2017-05-23 18:29 - 00004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-03 17:49 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-03 20:42 - 2017-01-02 09:56 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-07-03 20:42 - 2017-01-02 09:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-03 20:42 - 2017-01-02 09:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-03 19:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\NDF
2017-07-03 18:18 - 2017-04-24 15:03 - 00000000 ____D C:\Users\toombar PC\AppData\Local\ElevatedDiagnostics
2017-06-29 20:48 - 2017-01-03 19:23 - 00000000 ____D C:\Program Files\Microsoft Office
2017-06-29 20:35 - 2017-01-16 17:05 - 00001254 _____ C:\Users\toombar PC\Desktop\Adobe Photoshop CC 2017.lnk
2017-06-29 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-29 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-28 17:50 - 2017-05-12 14:15 - 00000000 ____D C:\Windows\system32\UNP
2017-06-28 17:50 - 2017-05-12 14:15 - 00000000 ____D C:\Program Files\UNP
2017-06-28 17:47 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-06-27 21:52 - 2017-01-02 10:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-22 20:14 - 2017-04-24 15:02 - 00000000 ____D C:\Program Files\trend micro
2017-06-22 20:09 - 2017-05-17 16:36 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-06-22 16:25 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-06-22 14:38 - 2017-01-03 15:59 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-06-22 14:38 - 2017-01-03 15:59 - 00000000 ____D C:\Program Files (x86)\Logitech
2017-06-21 09:07 - 2017-01-06 21:57 - 00057976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-06-21 09:07 - 2017-01-03 17:49 - 00048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-06-21 09:07 - 2017-01-02 09:56 - 01903224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-06-21 09:07 - 2017-01-02 09:56 - 01755256 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-06-21 09:07 - 2017-01-02 09:56 - 01489528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-06-21 09:07 - 2017-01-02 09:56 - 01317496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-06-21 09:07 - 2017-01-02 09:56 - 00121464 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-06-20 22:58 - 2017-01-03 17:49 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-06-18 18:13 - 2017-01-02 09:40 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-13 22:09 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-13 22:09 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-13 22:09 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-13 20:55 - 2017-01-02 21:02 - 00000000 ____D C:\Windows\system32\MRT
2017-06-13 20:53 - 2017-01-02 21:02 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-12 17:59 - 2017-01-06 20:33 - 00000000 ____D C:\ProgramData\Adobe
2017-06-09 20:15 - 2017-01-25 12:10 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-06-09 20:15 - 2017-01-25 12:10 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-06-09 20:15 - 2017-01-25 12:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-09 18:31 - 2017-01-02 09:57 - 00000000 ____D C:\Users\toombar PC\AppData\Local\NVIDIA Corporation
2017-06-08 19:29 - 2017-05-29 17:42 - 00000000 ____D C:\KVRT_Data
2017-06-07 22:51 - 2017-01-02 11:01 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-06-07 21:59 - 2017-01-15 21:48 - 00000000 ____D C:\Users\toombar PC\AppData\Local\Ubisoft Game Launcher
2017-06-07 18:37 - 2017-04-10 17:26 - 00000000 ____D C:\Users\toombar PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== Files in the root of some directories =======

2017-07-07 09:31 - 2017-07-07 09:33 - 0029696 _____ () C:\Users\toombar PC\AppData\Local\MSGBOX.EXE
2017-04-13 15:53 - 2017-04-21 18:43 - 0000700 ___SH () C:\Users\toombar PC\AppData\Local\systemFL7.dat
2017-03-27 21:27 - 2017-04-17 20:58 - 0000182 _____ () C:\Users\toombar PC\AppData\Local\uts.ini
2017-01-11 16:53 - 2017-01-11 16:53 - 0000037 _____ () C:\Users\toombar PC\AppData\Local\X-Plane Installer.prf
2017-01-11 16:57 - 2017-05-14 19:46 - 0000015 _____ () C:\Users\toombar PC\AppData\Local\X-Plane_drm_11.prf
2017-01-11 16:27 - 2017-01-11 16:27 - 0000024 _____ () C:\Users\toombar PC\AppData\Local\x-plane_install_11.txt
2017-01-03 17:49 - 2017-01-06 21:58 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-03 17:49 - 2017-01-06 21:10 - 0009275 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-07-07 09:30 - 2017-07-07 09:30 - 0040448 ____N () C:\Users\toombar PC\AppData\Local\Temp\proxy_vole5128437324866919806.dll
2017-07-07 09:30 - 2017-07-07 09:30 - 0040448 ____N () C:\Users\toombar PC\AppData\Local\Temp\proxy_vole7897990234647448070.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-05 11:57

==================== End of FRST.txt ============================
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz