Nemohu se toho zbavit, přestože jsem mazal proces v registrech. Popřípadě, pokud by v logu bylo skryto ještě něco dalšího, co tam být nemá.
Předem děkuji za pomoc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by WESTPC (administrator) on DESKTOP-HORE7Q3 (18-10-2018 15:26:32)
Running from E:\Plocha
Loaded Profiles: WESTPC (Available Profiles: defaultuser0 & WESTPC)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\NisSrv.exe
(Disc Soft Ltd) E:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Disc Soft Ltd) E:\Programy\DAEMON Tools Lite\DTShellHlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\Run: [Steam] => E:\Programy\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation)
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\Run: [Client] => C:\Users\WESTPC\AppData\Roaming\Client\nircmd.exe [44544 2016-05-23] (NirSoft)
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\Run: [DAEMON Tools Lite Automount] => E:\Programy\DAEMON Tools Lite\DTAgent.exe [5230784 2017-12-15] (Disc Soft Ltd)
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\Run: [Gaijin.Net Agent] => C:\Users\WESTPC\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-06-14] (Gaijin Entertainment)
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\Run: [WESTPC] => cmd.exe /c start http://www.dipladoks.org
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 172.16.0.1 185.71.40.3
Tcpip\..\Interfaces\{e164d230-d6ad-4039-985f-afd5c8c097d1}: [DhcpNameServer] 192.168.88.1 172.16.0.1 185.71.40.3
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-22] (Oracle Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-22] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default [2018-10-18]
CHR Extension: (Prezentace) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Dokumenty) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-22]
CHR Extension: (Tabulky) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (AdBlock) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-16]
CHR Extension: (AirMech) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn [2017-10-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Gmail) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\WESTPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-20]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; E:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3128000 2017-12-15] (Disc Soft Ltd)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-09-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-09-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-06] (Disc Soft Ltd)
R1 MpKsl569176de; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D4A80BCD-0204-4DB4-B639-6C8009273166}\MpKsl569176de.sys [58120 2018-10-18] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-09-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [352424 2018-09-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-09-26] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-17 17:42 - 2018-10-17 17:42 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-10-17 17:42 - 2018-10-17 17:42 - 000002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-10-17 17:42 - 2018-10-17 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-10-17 17:42 - 2018-10-17 17:42 - 000000000 ____D C:\Program Files\CCleaner
2018-10-17 17:02 - 2018-10-18 15:26 - 000000000 ____D C:\FRST
2018-10-16 19:57 - 2018-10-16 19:57 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2018-10-16 19:57 - 2018-10-16 19:57 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2018-10-16 19:34 - 2018-10-16 19:34 - 000000085 _____ C:\WINDOWS\wininit.ini
2018-10-16 18:58 - 2018-10-16 18:25 - 000000845 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20181016-185837.backup
2018-10-16 18:33 - 2018-10-16 19:35 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-10-16 18:33 - 2018-10-16 19:34 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-10-16 18:33 - 2018-10-16 18:33 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2018-10-16 18:25 - 2018-10-16 17:44 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.bak
2018-10-16 18:07 - 2015-03-09 12:26 - 000019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2018-10-16 18:07 - 2011-04-21 11:31 - 000017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2018-10-16 17:30 - 2018-10-16 17:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2018-10-16 17:30 - 2018-10-16 17:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2018-10-16 17:30 - 2018-10-16 17:30 - 000000000 ____D C:\Users\WESTPC\AppData\Local\Safer-Networking Ltd
2018-10-14 17:28 - 2018-10-14 17:28 - 000000000 ____D C:\WINDOWS\pss
2018-10-09 19:19 - 2018-09-20 06:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-09 19:19 - 2018-09-20 06:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-09 19:19 - 2018-09-20 05:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-09 19:19 - 2018-09-20 05:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-09 19:18 - 2018-09-21 11:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-09 19:18 - 2018-09-21 11:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-09 19:18 - 2018-09-21 10:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-09 19:18 - 2018-09-21 10:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-09 19:18 - 2018-09-21 06:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-09 19:18 - 2018-09-21 06:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-09 19:18 - 2018-09-21 06:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-09 19:18 - 2018-09-21 06:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-09 19:18 - 2018-09-21 06:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-09 19:18 - 2018-09-21 06:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-09 19:18 - 2018-09-21 06:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-09 19:18 - 2018-09-21 06:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-09 19:18 - 2018-09-21 06:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-09 19:18 - 2018-09-21 06:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-09 19:18 - 2018-09-21 06:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-09 19:18 - 2018-09-21 06:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-09 19:18 - 2018-09-21 06:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-09 19:18 - 2018-09-21 06:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-09 19:18 - 2018-09-21 06:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-09 19:18 - 2018-09-21 06:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-09 19:18 - 2018-09-21 06:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-09 19:18 - 2018-09-21 06:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-09 19:18 - 2018-09-21 06:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-09 19:18 - 2018-09-21 06:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-09 19:18 - 2018-09-21 05:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-09 19:18 - 2018-09-21 05:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-09 19:18 - 2018-09-21 05:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-09 19:18 - 2018-09-21 05:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-09 19:18 - 2018-09-21 05:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-09 19:18 - 2018-09-21 05:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-09 19:18 - 2018-09-21 05:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-09 19:18 - 2018-09-21 05:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-09 19:18 - 2018-09-21 05:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-09 19:18 - 2018-09-21 05:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-09 19:18 - 2018-09-21 05:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-09 19:18 - 2018-09-21 05:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-09 19:18 - 2018-09-21 05:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-09 19:18 - 2018-09-21 05:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-09 19:18 - 2018-09-21 05:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-09 19:18 - 2018-09-21 05:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-09 19:18 - 2018-09-21 05:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-09 19:18 - 2018-09-21 05:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-09 19:18 - 2018-09-21 05:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-09 19:18 - 2018-09-21 05:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-09 19:18 - 2018-09-21 05:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-09 19:18 - 2018-09-21 05:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-09 19:18 - 2018-09-21 05:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-09 19:18 - 2018-09-21 05:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-09 19:18 - 2018-09-21 05:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-09 19:18 - 2018-09-20 11:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-09 19:18 - 2018-09-20 11:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-09 19:18 - 2018-09-20 11:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-09 19:18 - 2018-09-20 11:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-09 19:18 - 2018-09-20 11:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-09 19:18 - 2018-09-20 11:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-09 19:18 - 2018-09-20 11:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-09 19:18 - 2018-09-20 11:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-09 19:18 - 2018-09-20 11:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-09 19:18 - 2018-09-20 11:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-09 19:18 - 2018-09-20 11:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-09 19:18 - 2018-09-20 10:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-09 19:18 - 2018-09-20 10:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-09 19:18 - 2018-09-20 10:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-09 19:18 - 2018-09-20 10:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-09 19:18 - 2018-09-20 10:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-09 19:18 - 2018-09-20 10:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-09 19:18 - 2018-09-20 10:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-09 19:18 - 2018-09-20 10:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-09 19:18 - 2018-09-20 08:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-09 19:18 - 2018-09-20 07:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-09 19:18 - 2018-09-20 06:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-09 19:18 - 2018-09-20 06:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-09 19:18 - 2018-09-20 06:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-09 19:18 - 2018-09-20 06:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-09 19:18 - 2018-09-20 06:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-09 19:18 - 2018-09-20 06:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-09 19:18 - 2018-09-20 06:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-09 19:18 - 2018-09-20 06:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-09 19:18 - 2018-09-20 06:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-09 19:18 - 2018-09-20 06:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-09 19:18 - 2018-09-20 06:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-09 19:18 - 2018-09-20 06:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-09 19:18 - 2018-09-20 06:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-09 19:18 - 2018-09-20 06:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-09 19:18 - 2018-09-20 06:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-09 19:18 - 2018-09-20 06:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-09 19:18 - 2018-09-20 06:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-09 19:18 - 2018-09-20 06:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-09 19:18 - 2018-09-20 06:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-09 19:18 - 2018-09-20 06:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-09 19:18 - 2018-09-20 06:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-09 19:18 - 2018-09-20 06:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-09 19:18 - 2018-09-20 06:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-09 19:18 - 2018-09-20 06:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-09 19:18 - 2018-09-20 06:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-09 19:18 - 2018-09-20 06:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-09 19:18 - 2018-09-20 06:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-09 19:18 - 2018-09-20 06:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-09 19:18 - 2018-09-20 06:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-09 19:18 - 2018-09-20 06:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-09 19:18 - 2018-09-20 06:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-09 19:18 - 2018-09-20 06:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-09 19:18 - 2018-09-20 06:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-09 19:18 - 2018-09-20 06:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-09 19:18 - 2018-09-20 06:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-09 19:18 - 2018-09-20 06:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-09 19:18 - 2018-09-20 06:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-09 19:18 - 2018-09-20 06:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-09 19:18 - 2018-09-20 06:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-09 19:18 - 2018-09-20 06:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-09 19:18 - 2018-09-20 05:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-09 19:18 - 2018-09-20 05:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-09 19:18 - 2018-09-20 05:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-09 19:18 - 2018-09-20 05:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-09 19:18 - 2018-09-20 05:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-09 19:18 - 2018-09-20 05:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-09 19:18 - 2018-09-20 05:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-09 19:18 - 2018-09-20 05:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-09 19:18 - 2018-09-20 05:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-09 19:18 - 2018-09-20 05:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-09 19:18 - 2018-09-20 05:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-09 19:18 - 2018-09-20 05:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-09 19:18 - 2018-09-20 05:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-09 19:18 - 2018-09-20 05:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-09 19:18 - 2018-09-20 05:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-09 19:18 - 2018-09-20 05:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-09 19:18 - 2018-09-20 05:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-09 19:18 - 2018-09-20 05:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-09 19:18 - 2018-09-20 05:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-09 19:18 - 2018-09-20 04:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-09 19:18 - 2018-09-20 03:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-09 19:18 - 2018-09-08 10:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-09 19:18 - 2018-09-08 10:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-09 19:18 - 2018-09-08 10:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-09 19:18 - 2018-09-08 10:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-09 19:18 - 2018-09-08 10:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-09 19:18 - 2018-09-08 10:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-09 19:18 - 2018-09-08 10:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-09 19:18 - 2018-09-08 10:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-09 19:18 - 2018-09-08 10:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-09 19:18 - 2018-09-08 10:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-09 19:18 - 2018-09-08 10:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-09 19:18 - 2018-09-08 09:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-09 19:18 - 2018-09-08 09:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-09 19:18 - 2018-09-08 09:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-09 19:18 - 2018-09-08 09:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-09 19:18 - 2018-09-08 09:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-09 19:18 - 2018-09-08 09:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-09 19:18 - 2018-09-08 09:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-09 19:18 - 2018-09-08 09:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-09 19:18 - 2018-09-08 09:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-09 19:18 - 2018-09-08 09:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-09 19:18 - 2018-09-08 09:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-09 19:18 - 2018-09-08 09:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-09 19:18 - 2018-09-08 09:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-09 19:18 - 2018-09-08 09:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-09 19:18 - 2018-09-08 09:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-09 19:18 - 2018-09-08 09:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-09 19:18 - 2018-09-08 09:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-09 19:18 - 2018-09-08 09:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-09 19:18 - 2018-09-08 09:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-09 19:18 - 2018-09-08 09:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-09 19:18 - 2018-09-08 09:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-09 19:18 - 2018-09-08 09:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-09 19:18 - 2018-09-08 09:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-09 19:18 - 2018-09-08 09:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-09 19:18 - 2018-09-08 09:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-09 19:18 - 2018-09-08 09:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-09 19:18 - 2018-09-08 09:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-09 19:18 - 2018-09-08 09:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-09 19:18 - 2018-09-08 09:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-09 19:18 - 2018-09-08 09:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-09 19:18 - 2018-09-08 09:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-09 19:18 - 2018-09-08 09:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-09 19:18 - 2018-09-08 09:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-09 19:18 - 2018-09-08 09:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-09 19:18 - 2018-09-08 09:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-09 19:18 - 2018-09-08 08:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-09 19:18 - 2018-09-08 08:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-09 19:18 - 2018-09-08 08:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-09 19:18 - 2018-09-08 08:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-09 19:18 - 2018-09-08 08:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-09 19:18 - 2018-09-08 08:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-09 19:18 - 2018-09-08 08:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-09 19:18 - 2018-09-08 08:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-09 19:18 - 2018-09-08 08:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-09 19:18 - 2018-09-08 08:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-09 19:18 - 2018-09-08 08:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-09 19:18 - 2018-09-08 08:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-09 19:18 - 2018-09-08 06:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-09 19:18 - 2018-09-08 05:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-09 19:18 - 2018-09-08 05:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-09 19:18 - 2018-09-08 05:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-09 19:18 - 2018-09-08 05:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-09 19:18 - 2018-09-08 05:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-09 19:18 - 2018-09-08 05:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-09 19:18 - 2018-09-08 05:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-09 19:18 - 2018-09-08 05:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-09 19:18 - 2018-09-08 05:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-09 19:18 - 2018-09-08 05:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-09 19:18 - 2018-09-08 05:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-09 19:18 - 2018-09-08 05:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-09 19:18 - 2018-09-08 05:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-09 19:18 - 2018-09-08 05:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-09 19:18 - 2018-09-08 05:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-09 19:18 - 2018-09-08 05:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-09 19:18 - 2018-09-08 05:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-09 19:18 - 2018-09-08 05:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-09 19:18 - 2018-09-08 05:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-09 19:18 - 2018-09-08 05:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-09 19:18 - 2018-09-08 05:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-09 19:18 - 2018-09-08 05:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-09 19:18 - 2018-09-08 05:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-09 19:18 - 2018-09-08 05:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-09 19:18 - 2018-09-08 05:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-09 19:18 - 2018-09-08 05:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-09 19:18 - 2018-09-08 05:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-09 19:18 - 2018-09-08 05:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-09 19:18 - 2018-09-08 05:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-09 19:18 - 2018-09-08 05:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-09 19:18 - 2018-09-08 05:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-09 19:18 - 2018-09-08 05:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-09 19:18 - 2018-09-08 05:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-09 19:18 - 2018-09-08 05:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-09 19:18 - 2018-09-08 05:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-09 19:18 - 2018-09-08 05:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-09 19:18 - 2018-09-08 05:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-09 19:18 - 2018-09-08 05:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-09 19:18 - 2018-09-08 05:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-09 19:18 - 2018-09-08 05:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-09 19:18 - 2018-09-08 05:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-09 19:18 - 2018-09-08 05:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-09 19:18 - 2018-09-08 05:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-09 19:18 - 2018-09-08 05:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-09 19:18 - 2018-09-08 05:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-09 19:18 - 2018-09-08 05:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-09 19:18 - 2018-09-08 05:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-09 19:18 - 2018-09-08 05:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-09 19:18 - 2018-09-08 05:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-09 19:18 - 2018-09-08 05:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-09 19:18 - 2018-09-08 05:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-09 19:18 - 2018-09-08 05:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-09 19:18 - 2018-09-08 05:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-09 19:18 - 2018-09-08 05:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-09 19:18 - 2018-09-08 05:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-09 19:18 - 2018-09-08 05:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-09 19:18 - 2018-09-08 05:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-09 19:18 - 2018-09-08 05:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-09 19:18 - 2018-09-08 05:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-09 19:18 - 2018-09-08 05:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-09 19:18 - 2018-09-08 05:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-09 19:18 - 2018-09-08 05:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-09 19:18 - 2018-09-08 05:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-09 19:18 - 2018-09-08 05:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-09 19:18 - 2018-09-08 05:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-01 17:46 - 2018-10-01 17:46 - 000000000 ____D C:\Users\WESTPC\AppData\Roaming\Fallout 4
2018-10-01 17:46 - 2018-10-01 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2018-10-01 16:46 - 2018-10-01 16:46 - 000003570 _____ C:\WINDOWS\System32\Tasks\WESTPC
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-18 15:24 - 2018-05-21 20:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-18 15:23 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-18 15:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-18 15:22 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-18 15:21 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-17 17:43 - 2018-05-21 17:29 - 000000000 ___DC C:\WINDOWS\Panther
2018-10-17 17:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-17 17:43 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-17 17:43 - 2018-01-06 19:29 - 000000000 ____D C:\Users\WESTPC\AppData\Roaming\DAEMON Tools Lite
2018-10-17 17:28 - 2018-05-21 20:25 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-17 17:28 - 2018-04-12 17:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2018-10-17 17:28 - 2018-04-12 17:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2018-10-17 17:21 - 2018-05-21 20:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-17 17:21 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-17 17:21 - 2017-12-24 20:29 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-10-16 18:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-10-16 17:20 - 2017-10-22 02:07 - 000559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-10-09 20:49 - 2018-07-02 18:52 - 000000000 ____D C:\ProgramData\Packages
2018-10-09 20:38 - 2018-05-21 20:18 - 000251248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-09 20:38 - 2017-12-02 14:02 - 000000000 ___RD C:\Users\WESTPC\3D Objects
2018-10-09 20:38 - 2017-10-22 01:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-09 20:37 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-09 20:37 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-09 20:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-09 20:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-09 20:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-09 20:37 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-09 19:21 - 2017-10-22 12:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-09 19:20 - 2017-10-22 12:18 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-02 22:13 - 2018-04-12 01:41 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 22:13 - 2018-04-12 01:41 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-01 21:45 - 2018-08-24 10:25 - 000000000 ____D C:\Users\WESTPC\AppData\Roaming\xcscan
2018-09-26 20:02 - 2018-02-20 23:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-09-23 21:01 - 2018-05-21 20:19 - 000000000 ____D C:\Users\WESTPC
2018-09-23 13:45 - 2018-05-21 20:22 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1143807043-1892781089-3887055881-1001
2018-09-23 13:45 - 2018-05-21 20:19 - 000002394 _____ C:\Users\WESTPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-20 07:44 - 2017-10-22 01:35 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2017-12-01 18:11 - 2017-12-01 18:11 - 000007602 _____ () C:\Users\WESTPC\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-21 20:18
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by WESTPC (18-10-2018 15:26:57)
Running from E:\Plocha
Windows 10 Home Version 1803 17134.345 (X64) (2018-05-21 18:22:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1143807043-1892781089-3887055881-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1143807043-1892781089-3887055881-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1143807043-1892781089-3887055881-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1143807043-1892781089-3887055881-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1143807043-1892781089-3887055881-504 - Limited - Disabled)
WESTPC (S-1-5-21-1143807043-1892781089-3887055881-1001 - Administrator - Enabled) => C:\Users\WESTPC
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0333 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Fallout 4 - Čeština (HKLM-x32\...\{F8BA6706-E36D-4140-B786-CE578630D70D}) (Version: 0.9.6 - prekladyher.eu)
Fallout 4 (HKLM-x32\...\Fallout 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
KB4023057 (HKLM\...\{0C050BEE-16BE-4998-8959-2A421433DB6E}) (Version: 2.5.0.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1022.0 - Passmark Software)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Roblox Player for WESTPC (HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
War Thunder Launcher 1.0.3.120 (HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Programy\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Programy\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => E:\Programy\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => E:\Programy\DAEMON Tools Lite\DTShl64.dll [2017-12-15] (Disc Soft Ltd)
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxDTCM.dll [2017-07-31] (Intel Corporation)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Programy\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Programy\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {031BFAE3-80C6-4280-9753-00720846D63E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-26] (Microsoft Corporation)
Task: {041EBA27-D552-4D55-B124-9A1F722AB025} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {318F33F1-0D44-4EED-A72A-9B5153F9979D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
Task: {3628935D-0B66-4BA7-936A-B0B35F6BB27B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-26] (Microsoft Corporation)
Task: {5CB38A6C-57B0-403F-8639-9EFA329690FF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {60A38FF3-3988-4002-BBAA-B4841CA4DAA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {753208B6-2AC1-4FF3-AC89-70AC5878FC08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-26] (Microsoft Corporation)
Task: {78A5B390-643E-46BD-91B9-04AF99109346} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-09-26] (Microsoft Corporation)
Task: {82D52CDD-E486-405C-ACB7-FA0302718BEC} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {950EDEAB-908A-49CF-BA2E-11056F634D80} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B6D1E72C-68A8-42B4-B2E2-48837855E228} - System32\Tasks\WESTPC => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v WESTPC /t REG_SZ /d "cmd.exe /c start http://www.dipladoks.org"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-09 19:18 - 2018-09-20 05:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-17 16:44 - 2018-07-17 16:44 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-17 16:44 - 2018-07-17 16:44 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-17 16:44 - 2018-07-17 16:44 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-17 16:44 - 2018-07-17 16:44 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-17 16:44 - 2018-07-17 16:44 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-09-20 07:44 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-20 07:44 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2018-09-26 15:22 - 2018-09-26 15:23 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-26 15:22 - 2018-09-26 15:23 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-25 22:32 - 2017-10-25 22:36 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-09-26 15:22 - 2018-09-26 15:23 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-04 12:07 - 2018-05-04 12:07 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-09-01 18:20 - 2018-09-01 18:20 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-08-21 21:00 - 2018-08-21 21:01 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-21 21:00 - 2018-08-21 21:01 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-09-01 18:20 - 2018-09-01 18:20 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-03-30 16:02 - 2018-03-30 16:02 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-09-26 15:22 - 2018-09-26 15:23 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-09-01 18:20 - 2018-09-01 18:20 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-09-26 15:22 - 2018-09-26 15:23 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-01 18:20 - 2018-09-01 18:20 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 19:05 - 2018-07-27 19:06 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-26 15:22 - 2018-09-26 15:23 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\SKU.dll
2018-09-26 15:22 - 2018-09-26 15:23 - 000094720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll
2018-09-26 15:22 - 2018-09-26 15:23 - 000048128 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImageDecoding.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> http://www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> http://www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> http://www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> http://www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> http://www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> http://www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> http://www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> http://www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> http://www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> http://www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> http://www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> http://www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> http://www.123simsen.com
There are 7940 more sites.
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\008k.com -> http://www.008k.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\00hq.com -> http://www.00hq.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\0scan.com -> http://www.0scan.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\1-2005-search.com -> http://www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\1-domains-registrations.com -> http://www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\1000gratisproben.com -> http://www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\1001namen.com -> http://www.1001namen.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\100sexlinks.com -> http://www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\10sek.com -> http://www.10sek.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\123fporn.info -> http://www.123fporn.info
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\123haustiereundmehr.com -> http://www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\123moviedownload.com -> http://www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\123simsen.com -> http://www.123simsen.com
There are 7940 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2018-10-16 18:58 - 000454677 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 http://www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 http://www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100888290cs.com
127.0.0.1 http://www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 http://www.10sek.com
127.0.0.1 http://www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 http://www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 http://www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 http://www.123moviedownload.com
There are 15605 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\Control Panel\Desktop\\Wallpaper -> e:\obrázky\6662496-wallpaper-1920x1080.jpg
DNS Servers: 192.168.88.1 - 172.16.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\StartupApproved\Run: => "Client"
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-1143807043-1892781089-3887055881-1001\...\StartupApproved\Run: => "xcscan"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{284DF67B-C399-44A0-B4AA-2507E4ECE1A7}E:\programy\qtorrent\utorrent.exe] => (Allow) E:\programy\qtorrent\utorrent.exe
FirewallRules: [TCP Query User{6289A595-EFFA-4CB2-9263-0E6F8FD33878}E:\programy\qtorrent\utorrent.exe] => (Allow) E:\programy\qtorrent\utorrent.exe
FirewallRules: [{537CC218-FC2D-4B2C-9969-9D3D0AE5980C}] => (Allow) E:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{F461EF26-5669-4004-9600-8333F1163298}] => (Allow) E:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{AD91F011-1A5B-457E-9E6D-5A7333554171}] => (Allow) E:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{A859B40A-505D-4F89-9FC0-E35467D983A2}] => (Allow) E:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [UDP Query User{67A3366A-A4A3-41E5-A9DD-71436A4FDDBD}E:\programy\steam\steamapps\common\cryptic studios\neverwinter\live\x86\gameclient.exe] => (Allow) E:\programy\steam\steamapps\common\cryptic studios\neverwinter\live\x86\gameclient.exe
FirewallRules: [TCP Query User{7C3F8EE3-DBC2-4276-B540-DA4CCFD4FDED}E:\programy\steam\steamapps\common\cryptic studios\neverwinter\live\x86\gameclient.exe] => (Allow) E:\programy\steam\steamapps\common\cryptic studios\neverwinter\live\x86\gameclient.exe
FirewallRules: [{ACB0B35E-74BD-4234-B9B7-687E7E825779}] => (Allow) E:\Programy\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{734B0D2E-E021-4661-8F4A-85B6D5663F5B}] => (Allow) E:\Programy\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{BE81EF76-6B5C-4668-A67A-B0E26384AABA}] => (Allow) E:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{46FE8965-E460-4AD1-B73A-DD2AD76C32CD}] => (Allow) E:\Programy\Steam\steamapps\common\Gems of War\GemsOfWar.exe
FirewallRules: [{C50BE23D-E1D5-464D-B17A-75B09080399C}] => (Allow) E:\Programy\Steam\steamapps\common\Gems of War\GemsOfWar.exe
FirewallRules: [{677E7289-F1FD-41B9-BC99-478D88E75576}] => (Allow) E:\Programy\Steam\Steam.exe
FirewallRules: [{185E208F-D03B-4F8C-94A9-F0F78CED8E6B}] => (Allow) E:\Programy\Steam\Steam.exe
FirewallRules: [UDP Query User{D1DC872C-A80E-4D7E-8A02-FB63338A72F5}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [TCP Query User{D0EDCCC7-B45A-4B65-B3D8-BEF50D8C0E3A}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [TCP Query User{7DE51714-55AD-4240-B81E-CED05AD98B0B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{06EE1966-0517-4761-A638-47D7FD679158}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{B6C219D0-5585-45F2-8647-ECA009B34596}] => (Allow) E:\Programy\Steam\steamapps\common\Forts\Forts.exe
FirewallRules: [{D0D462C6-75DA-4BA8-A507-03FF1964D944}] => (Allow) E:\Programy\Steam\steamapps\common\Forts\Forts.exe
FirewallRules: [TCP Query User{24966CF4-FCFD-49B2-AED6-A7604B124FA3}E:\games\warthunder\launcher.exe] => (Allow) E:\games\warthunder\launcher.exe
FirewallRules: [UDP Query User{6C6FCB92-1A09-4078-880B-194FCCB3DDEA}E:\games\warthunder\launcher.exe] => (Allow) E:\games\warthunder\launcher.exe
FirewallRules: [TCP Query User{FFB5BACF-3CA0-444F-80F7-70F0BDCE8823}E:\games\warthunder\win64\aces.exe] => (Allow) E:\games\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{DA10BF11-6594-4B19-8E7C-D89A8443FACE}E:\games\warthunder\win64\aces.exe] => (Allow) E:\games\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{19CFABC4-BD8E-4B5C-B53B-6298F1DC1524}E:\games\diablo iii\x64\diablo iii64.exe] => (Allow) E:\games\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{31892E8F-4EB9-4A33-AB8F-824E3978873B}E:\games\diablo iii\x64\diablo iii64.exe] => (Allow) E:\games\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{23862DDB-3774-4309-9DE7-F2E1023176ED}E:\games\fallout 4\fallout4.exe] => (Allow) E:\games\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{73745FD3-FDC1-415D-A6E4-4C8E5BA7FE5A}E:\games\fallout 4\fallout4.exe] => (Allow) E:\games\fallout 4\fallout4.exe
FirewallRules: [{F1FA7D86-609C-4E36-91DB-9FD114FEDAF9}] => (Allow) E:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{063524D6-2F16-438E-BE7A-D41B785681C5}] => (Allow) E:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{CE6B8270-4739-4915-B9D4-937F72E62F5B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{43B2701F-429D-472F-9DFC-903E7E7883DD}E:\games\fallout 4\fallout4.exe] => (Block) E:\games\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{1A1A9632-DF7A-4F90-BCCB-9B2A80469460}E:\games\fallout 4\fallout4.exe] => (Block) E:\games\fallout 4\fallout4.exe
FirewallRules: [TCP Query User{F5923940-8187-4E2E-AFB4-6FA40983FAD5}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{685AEE73-7C41-4A84-B0E9-7961174B15EE}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [{53DB341D-DACF-45DB-ACE1-EA55D95D7E32}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{E5AEB5E2-4A29-4692-9C0C-FDCFCEC2CD29}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
02-10-2018 20:20:21 Instalační služba modulů systému Windows
04-10-2018 08:19:37 Instalační služba modulů systému Windows
05-10-2018 18:48:12 Instalační služba modulů systému Windows
06-10-2018 20:22:18 Instalační služba modulů systému Windows
07-10-2018 22:28:43 Instalační služba modulů systému Windows
09-10-2018 16:19:36 Instalační služba modulů systému Windows
10-10-2018 16:57:45 Instalační služba modulů systému Windows
11-10-2018 18:41:28 Instalační služba modulů systému Windows
12-10-2018 20:38:34 Instalační služba modulů systému Windows
14-10-2018 10:39:21 Instalační služba modulů systému Windows
15-10-2018 17:29:34 Instalační služba modulů systému Windows
18-10-2018 15:22:00 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/18/2018 03:22:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service SpyEmrgHealth since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (10/10/2018 04:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IntelCpHDCPSvc.exe, verze: 22.20.16.4749, časové razítko: 0x5976a341
Název chybujícího modulu: IntelCpHDCPSvc.exe, verze: 22.20.16.4749, časové razítko: 0x5976a341
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000359f
ID chybujícího procesu: 0xb2c
Čas spuštění chybující aplikace: 0x01d45fff437bae2b
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
ID zprávy: 791f72b3-c486-4091-91d4-db0cbbc9b80d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/02/2018 08:53:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IntelCpHDCPSvc.exe, verze: 22.20.16.4749, časové razítko: 0x5976a341
Název chybujícího modulu: IntelCpHDCPSvc.exe, verze: 22.20.16.4749, časové razítko: 0x5976a341
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000359f
ID chybujícího procesu: 0xda8
Čas spuštění chybující aplikace: 0x01d45a5af13033c7
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
ID zprávy: 1d1ef3e5-460c-493a-b022-cefb3bc82bde
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/01/2018 09:45:31 PM) (Source: MsiInstaller) (EventID: 11309) (User: DESKTOP-HORE7Q3)
Description: Produkt: Fallout 4 - Čeština -- Chyba 1309. Při čtení souboru C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe došlo k chybě. Systémová chyba 225. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (10/01/2018 09:45:29 PM) (Source: MsiInstaller) (EventID: 11309) (User: DESKTOP-HORE7Q3)
Description: Produkt: Fallout 4 - Čeština -- Chyba 1309. Při čtení souboru C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe došlo k chybě. Systémová chyba 225. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.
Error: (09/29/2018 04:23:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IntelCpHDCPSvc.exe, verze: 22.20.16.4749, časové razítko: 0x5976a341
Název chybujícího modulu: IntelCpHDCPSvc.exe, verze: 22.20.16.4749, časové razítko: 0x5976a341
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000359f
ID chybujícího procesu: 0xf0c
Čas spuštění chybující aplikace: 0x01d457f39eb4b758
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
ID zprávy: 761851ff-1ddb-45bd-9be3-f2ef65c105a2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (09/23/2018 10:09:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IntelCpHDCPSvc.exe, verze: 22.20.16.4749, časové razítko: 0x5976a341
Název chybujícího modulu: IntelCpHDCPSvc.exe, verze: 22.20.16.4749, časové razítko: 0x5976a341
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000359f
ID chybujícího procesu: 0xa28
Čas spuštění chybující aplikace: 0x01d453697bdd7bf9
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
ID zprávy: 981d4b83-12fb-45d6-87b2-74ece5ed1d8d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (09/16/2018 03:31:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17134.285, časové razítko: 0x40f0d4bd
Kód výjimky: 0xc000041d
Posun chyby: 0x000063d7
ID chybujícího procesu: 0x2034
Čas spuštění chybující aplikace: 0x01d44dc1484b5b2e
Cesta k chybující aplikaci: E:\Programy\qTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 41186511-d387-4053-b6d8-e10f3af4b0bf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (10/18/2018 03:03:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HORE7Q3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-HORE7Q3\WESTPC (SID: S-1-5-21-1143807043-1892781089-3887055881-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/17/2018 07:01:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HORE7Q3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-HORE7Q3\WESTPC (SID: S-1-5-21-1143807043-1892781089-3887055881-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/17/2018 06:50:51 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HORE7Q3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-HORE7Q3\WESTPC (SID: S-1-5-21-1143807043-1892781089-3887055881-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/17/2018 05:45:04 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HORE7Q3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-HORE7Q3\WESTPC (SID: S-1-5-21-1143807043-1892781089-3887055881-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/17/2018 05:23:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/17/2018 05:23:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/17/2018 05:22:39 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HORE7Q3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-HORE7Q3\WESTPC (SID: S-1-5-21-1143807043-1892781089-3887055881-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/17/2018 05:21:47 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HORE7Q3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-HORE7Q3\WESTPC (SID: S-1-5-21-1143807043-1892781089-3887055881-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2018-10-01 21:45:18.236
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.B
ID: 2147729064
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe; file:_C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe->(ZipSfx)->(Zip); file:_C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe->(ZipSfx)->CB3.html
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-HORE7Q3\WESTPC
Název procesu: C:\Windows\System32\msiexec.exe
Verze podpisu: AV: 1.277.397.0, AS: 1.277.397.0, NIS: 1.277.397.0
Verze modulu: AM: 1.1.15300.6, NIS: 1.1.15300.6
Date: 2018-10-01 21:45:16.738
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.B
ID: 2147729064
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe->(ZipSfx)->(Zip)
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-HORE7Q3\WESTPC
Název procesu: C:\Windows\System32\msiexec.exe
Verze podpisu: AV: 1.277.397.0, AS: 1.277.397.0, NIS: 1.277.397.0
Verze modulu: AM: 1.1.15300.6, NIS: 1.1.15300.6
Date: 2018-10-01 21:45:13.191
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.B
ID: 2147729064
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe->(ZipSfx)->(Zip)
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-HORE7Q3\WESTPC
Název procesu: E:\Stažené soubory\Fallout 4 - Čeština.exe
Verze podpisu: AV: 1.277.397.0, AS: 1.277.397.0, NIS: 1.277.397.0
Verze modulu: AM: 1.1.15300.6, NIS: 1.1.15300.6
Date: 2018-09-28 16:32:27.740
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CC7DAAA6-F416-4413-8770-AC91A7A03CDE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-09-24 18:24:33.340
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {75AC75D4-0732-4989-87A1-B4A1FBEF5E0B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-10-01 21:45:36.009
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zaznamenalo kritickou chybu při provádění akce u malwaru nebo jiného potenciálně nežádoucího softwaru.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.B
ID: 2147729064
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe; file:_C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe->(ZipSfx)->(Zip); file:_C:\Users\WESTPC\AppData\Roaming\CZ Team\Fallout 4 - Čeština 1.5.0\install\5506A52\AppDataFolder\xcscan\xcscan.exe->(ZipSfx)->CB3.html
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\msiexec.exe
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: AV: 1.277.397.0, AS: 1.277.397.0, NIS: 1.277.397.0
Verze modulu: AM: 1.1.15300.6, NIS: 1.1.15300.6
Date: 2018-09-23 20:26:24.707
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.275.1709.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15200.1
Kód chyby: 0x8024402c
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. CodeIntegrity:
===================================
Date: 2018-10-16 18:16:15.124
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-16 18:16:15.111
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-16 18:16:15.072
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-16 18:16:15.056
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz
Percentage of memory in use: 35%
Total physical RAM: 8134.33 MB
Available physical RAM: 5230.68 MB
Total Virtual: 11718.33 MB
Available Virtual: 7212.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:208.22 GB) (Free:159.85 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:698.06 GB) (Free:204.59 GB) NTFS
\\?\Volume{2bb74da8-8565-4dc2-a095-74bbcda22d69}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{608b6c48-248a-442f-8de9-9c843f7907df}\ () (Fixed) (Total:0.82 GB) (Free:0.45 GB) NTFS
\\?\Volume{c2e54129-0000-0000-0000-808aae000000}\ () (Fixed) (Total:0.47 GB) (Free:0.07 GB) NTFS
\\?\Volume{ccabc4af-429a-40ad-aeab-77327d5d9f32}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 94E92673)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: C2E54129)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=483 MB) - (Type=27)
==================== End of Addition.txt ============================
Přispějete na provoz fóra?