VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 02
Ran by preda (administrator) on DESKTOP-N626K5C (22-01-2019 20:30:01)
Running from C:\Users\preda\Desktop
Loaded Profiles: preda (Available Profiles: preda)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [454792 2016-05-25] (Power Software Ltd)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\Run: [Steam] => D:\Hry\steam.exe [3133216 2019-01-05] (Valve Corporation)
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2550136 2018-12-19] (Wargaming.net)
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: F - "F:\setup.exe"
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: G - "G:\setup.exe"
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: {52ead3b1-1032-11e9-9e4d-309c2309f422} - "G:\HiSuiteDownLoader.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{89effe7f-5457-4791-8dad-95c82336e048}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1388702623-1948067699-396894549-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-08-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-08-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default [2019-01-22]
CHR Extension: (Prezentace) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-12]
CHR Extension: (Dokumenty) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-12]
CHR Extension: (Disk Google) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (YouTube) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-12]
CHR Extension: (Tabulky) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-12]
CHR Extension: (AdBlock) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-12]
CHR Extension: (Gmail) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-05-07] ()
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-26] (Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2269504 2018-10-25] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3130184 2018-10-25] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2018-06-18] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-22] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f5be1f8d25335236\nvlddmkm.sys [17212744 2018-08-22] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-01-17] (Realtek )
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Steam Games 2."
2019-01-22 20:09 - 2019-01-22 20:09 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-22 20:08 - 2019-01-22 20:08 - 007320272 _____ (Malwarebytes) C:\Users\preda\Downloads\adwcleaner_7.2.6.0.exe
2019-01-21 12:46 - 2019-01-21 12:46 - 000000200 _____ C:\Users\preda\Desktop\Far Cry 4.url
2019-01-20 15:35 - 2019-01-20 16:04 - 000000000 ____D C:\Users\preda\Desktop\Jeseníky
2019-01-20 12:40 - 2019-01-20 12:42 - 039584852 _____ C:\Users\preda\Downloads\GTA_V_CZ_v7.1_Social.rar
2019-01-20 12:10 - 2019-01-20 12:19 - 101172281 _____ C:\Users\preda\Downloads\GTA_V_CZ_v7.9_Social.rar
2019-01-20 11:28 - 2019-01-20 11:28 - 000000499 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2019-01-20 11:28 - 2019-01-20 11:28 - 000000499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2019-01-17 22:40 - 2019-01-17 22:40 - 000038391 _____ C:\Users\preda\Downloads\Vikings-5x18.zip
2019-01-17 22:40 - 2019-01-17 15:25 - 000028752 _____ C:\Users\preda\Desktop\Vikings.S05E18.iNTERNAL.720p.WEB.H264-AMRAP (+1080p-METCON+WEBRip-ION10+AMZN.WEB-DL-NTb).srt
2019-01-17 19:01 - 2019-01-17 21:43 - 1791508577 _____ C:\Users\preda\Downloads\Vikings.S05E18.1080p.WEB.H264-METCON.mkv
2019-01-12 10:40 - 2019-01-12 10:40 - 000000200 _____ C:\Users\preda\Desktop\RESIDENT EVIL 2 BIOHAZARD RE2 1-Shot Demo.url
2019-01-11 01:58 - 2019-01-10 15:19 - 000028575 _____ C:\Users\preda\Desktop\Vikings.S05E17.iNTERNAL.720p.WEB.H264-AMRAP (+1080p-METCON+WEBRip-ION10).srt
2019-01-10 16:07 - 2019-01-10 18:31 - 1599996975 _____ C:\Users\preda\Downloads\Vikings.S05E17.1080p.WEB.H264-METCON.mkv
2019-01-10 15:47 - 2019-01-10 15:48 - 000024640 _____ C:\Users\preda\Downloads\Vikings-5x17.zip
2019-01-09 15:55 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 15:55 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 15:55 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 15:55 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 15:55 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 15:55 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 15:55 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 15:55 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 15:55 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 15:55 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 15:55 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 15:55 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 15:55 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 15:55 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 15:55 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 15:55 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 15:55 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 15:55 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 15:55 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 15:55 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 15:55 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 15:55 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 15:55 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 15:55 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 15:55 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 15:55 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 15:55 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 15:55 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 15:55 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 15:55 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 15:55 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 15:55 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 15:55 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 15:55 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 15:55 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 15:55 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 15:55 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 15:55 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 15:55 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:55 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 15:55 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 15:55 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 15:55 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 15:55 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 15:55 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 15:55 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 15:55 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:55 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 15:55 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 15:55 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 15:55 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 15:55 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 15:55 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 15:55 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 15:55 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 15:55 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 15:55 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 15:55 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 15:55 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 15:55 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 15:55 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:55 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 15:55 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 15:55 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 15:55 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 15:55 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:55 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 15:55 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 15:55 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 15:55 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-05 20:28 - 2019-01-05 20:30 - 000000000 ____D C:\Users\preda\Desktop\Ondřejník
2019-01-04 23:40 - 2019-01-03 16:38 - 000030506 _____ C:\Users\preda\Desktop\Vikings.S05E16.The.Buddha.720p.AMZN.WEB-DL.DDP5.1.H.264-NTb (+WEBRip-ION10+iNTERNAL.720p-AMRAP).srt
2019-01-03 21:15 - 2019-01-03 21:15 - 000040978 _____ C:\Users\preda\Downloads\Vikings-5x16.zip
2019-01-03 12:03 - 2019-01-03 12:03 - 000000965 _____ C:\Users\Public\Desktop\Kingdom Come - Deliverance.lnk
2019-01-03 12:03 - 2019-01-03 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Come - Deliverance [GOG.com]
2019-01-03 12:02 - 2019-01-03 12:02 - 000000000 ____D C:\ProgramData\GOG.com
2018-12-28 15:45 - 2018-12-28 15:45 - 000046517 _____ C:\Users\preda\Downloads\JNI_Zavislost_na_Internetu_pracovni_list.odt
2018-12-28 11:06 - 2018-12-28 11:06 - 000023003 _____ C:\Users\preda\Downloads\Vikings-5x15 (1).zip
2018-12-27 22:39 - 2018-12-27 22:39 - 000029578 _____ C:\Users\preda\Downloads\Vikings-5x14.zip
2018-12-27 22:38 - 2018-12-27 22:38 - 000023003 _____ C:\Users\preda\Downloads\Vikings-5x15.zip
2018-12-27 13:22 - 2018-12-27 13:22 - 000000746 _____ C:\Users\Public\Desktop\Resident Evil 7 Biohazard.lnk
2018-12-27 13:22 - 2018-12-27 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 7 Biohazard

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-22 20:30 - 2018-08-16 21:10 - 000014552 _____ C:\Users\preda\Desktop\FRST.txt
2019-01-22 20:30 - 2018-02-08 15:31 - 000000000 ____D C:\FRST
2019-01-22 20:22 - 2018-08-16 21:11 - 000064041 _____ C:\Users\preda\Desktop\Addition.txt
2019-01-22 20:22 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-22 19:50 - 2018-05-20 14:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-22 17:54 - 2017-06-12 16:28 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-22 17:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-22 15:39 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-21 21:27 - 2018-05-20 14:27 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-21 21:27 - 2018-04-12 16:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-21 21:27 - 2018-04-12 16:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-21 21:27 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-21 21:20 - 2018-05-20 14:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-21 21:20 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-21 18:55 - 2017-11-14 14:59 - 000000000 ____D C:\Users\preda\AppData\Roaming\uTorrent
2019-01-21 12:46 - 2017-11-14 02:28 - 000000000 ____D C:\Users\preda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-20 22:08 - 2017-12-01 20:18 - 000000000 ____D C:\Users\preda\AppData\Roaming\vlc
2019-01-20 16:03 - 2018-03-07 19:17 - 000000000 ____D C:\Users\preda\AppData\Local\CrashDumps
2019-01-18 18:59 - 2018-11-16 22:30 - 000000000 ____D C:\Program Files\rempl
2019-01-12 01:58 - 2018-11-30 00:14 - 000001228 _____ C:\Users\preda\Desktop\Nový textový dokument.txt
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-01-09 20:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 20:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 15:58 - 2017-11-14 03:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 15:57 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-09 15:57 - 2017-11-14 03:43 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-05 10:24 - 2017-12-12 20:29 - 000000000 ____D C:\Users\preda\AppData\Local\ElevatedDiagnostics
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-25 13:58 - 2017-11-14 22:35 - 000000000 ____D C:\Users\preda\Documents\The Witcher 3
2018-12-23 18:57 - 2018-11-08 19:28 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-23 17:42 - 2018-01-10 21:13 - 000000000 ____D C:\AdwCleaner

==================== Files in the root of some directories =======

2018-01-22 00:29 - 2018-01-22 00:29 - 000007601 _____ () C:\Users\preda\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-20 14:18

==================== End of FRST.txt ============================

Ok,problém byl vyřešen přepnutí jazyka,které již šlo.. ale i přes to bych byl moc rád o preventivní kontrolu logu
Šlo o to že se mi z ničeho nic přepnul facebook do portugalštiny.

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-22-2019
# Duration: 00:00:06
# OS: Windows 10 Home
# Scanned: 32304
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1275 octets] - [16/04/2018 13:20:35]
AdwCleaner[S01].txt - [1275 octets] - [18/04/2018 21:33:01]
AdwCleaner[S02].txt - [1242 octets] - [10/05/2018 14:04:18]
AdwCleaner[S03].txt - [1433 octets] - [02/10/2018 12:30:24]
AdwCleaner[S04].txt - [1494 octets] - [10/12/2018 12:34:07]
AdwCleaner[S05].txt - [1555 octets] - [22/01/2019 20:09:14]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S06].txt ##########

Poprosim o obidva nove logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 02
Ran by preda (administrator) on DESKTOP-N626K5C (22-01-2019 23:44:06)
Running from C:\Users\preda\Desktop
Loaded Profiles: preda (Available Profiles: preda)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Hry\Steam.exe
(Valve Corporation) D:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) D:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) D:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [454792 2016-05-25] (Power Software Ltd)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\Run: [Steam] => D:\Hry\steam.exe [3133216 2019-01-05] (Valve Corporation)
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2550136 2018-12-19] (Wargaming.net)
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: F - "F:\setup.exe"
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: G - "G:\setup.exe"
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: {52ead3b1-1032-11e9-9e4d-309c2309f422} - "G:\HiSuiteDownLoader.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{89effe7f-5457-4791-8dad-95c82336e048}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1388702623-1948067699-396894549-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-08-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-08-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default [2019-01-22]
CHR Extension: (Prezentace) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-12]
CHR Extension: (Dokumenty) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-12]
CHR Extension: (Disk Google) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (YouTube) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-12]
CHR Extension: (Tabulky) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-12]
CHR Extension: (AdBlock) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-12]
CHR Extension: (Gmail) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\preda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-05-07] ()
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-26] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2269504 2018-10-25] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3130184 2018-10-25] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2018-06-18] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f5be1f8d25335236\nvlddmkm.sys [17212744 2018-08-22] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-01-17] (Realtek )
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Steam Games 2."
2019-01-22 22:05 - 2019-01-22 22:05 - 000000000 ____D C:\SpeedFan
2019-01-22 20:08 - 2019-01-22 20:08 - 007320272 _____ (Malwarebytes) C:\Users\preda\Desktop\adwcleaner_7.2.6.0.exe
2019-01-21 12:46 - 2019-01-21 12:46 - 000000200 _____ C:\Users\preda\Desktop\Far Cry 4.url
2019-01-20 15:35 - 2019-01-20 16:04 - 000000000 ____D C:\Users\preda\Desktop\Jeseníky
2019-01-20 12:40 - 2019-01-20 12:42 - 039584852 _____ C:\Users\preda\Downloads\GTA_V_CZ_v7.1_Social.rar
2019-01-20 12:10 - 2019-01-20 12:19 - 101172281 _____ C:\Users\preda\Downloads\GTA_V_CZ_v7.9_Social.rar
2019-01-20 11:28 - 2019-01-20 11:28 - 000000499 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2019-01-20 11:28 - 2019-01-20 11:28 - 000000499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2019-01-17 22:40 - 2019-01-17 15:25 - 000028752 _____ C:\Users\preda\Desktop\Vikings.S05E18.iNTERNAL.720p.WEB.H264-AMRAP (+1080p-METCON+WEBRip-ION10+AMZN.WEB-DL-NTb).srt
2019-01-12 10:40 - 2019-01-12 10:40 - 000000200 _____ C:\Users\preda\Desktop\RESIDENT EVIL 2 BIOHAZARD RE2 1-Shot Demo.url
2019-01-11 01:58 - 2019-01-10 15:19 - 000028575 _____ C:\Users\preda\Desktop\Vikings.S05E17.iNTERNAL.720p.WEB.H264-AMRAP (+1080p-METCON+WEBRip-ION10).srt
2019-01-09 15:55 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 15:55 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 15:55 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 15:55 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 15:55 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 15:55 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 15:55 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 15:55 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 15:55 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 15:55 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 15:55 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 15:55 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 15:55 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 15:55 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 15:55 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 15:55 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 15:55 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 15:55 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 15:55 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 15:55 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 15:55 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 15:55 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 15:55 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 15:55 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 15:55 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 15:55 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 15:55 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 15:55 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 15:55 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 15:55 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 15:55 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 15:55 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 15:55 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 15:55 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 15:55 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 15:55 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 15:55 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 15:55 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 15:55 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 15:55 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 15:55 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:55 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 15:55 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 15:55 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 15:55 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 15:55 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 15:55 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 15:55 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 15:55 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:55 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 15:55 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 15:55 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 15:55 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 15:55 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 15:55 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 15:55 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 15:55 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 15:55 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 15:55 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 15:55 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 15:55 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 15:55 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 15:55 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 15:55 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:55 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 15:55 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 15:55 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 15:55 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 15:55 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:55 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 15:55 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 15:55 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 15:55 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-05 20:28 - 2019-01-05 20:30 - 000000000 ____D C:\Users\preda\Desktop\Ondřejník
2019-01-04 23:40 - 2019-01-03 16:38 - 000030506 _____ C:\Users\preda\Desktop\Vikings.S05E16.The.Buddha.720p.AMZN.WEB-DL.DDP5.1.H.264-NTb (+WEBRip-ION10+iNTERNAL.720p-AMRAP).srt
2019-01-03 12:03 - 2019-01-03 12:03 - 000000965 _____ C:\Users\Public\Desktop\Kingdom Come - Deliverance.lnk
2019-01-03 12:03 - 2019-01-03 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Come - Deliverance [GOG.com]
2019-01-03 12:02 - 2019-01-03 12:02 - 000000000 ____D C:\ProgramData\GOG.com
2018-12-28 15:45 - 2018-12-28 15:45 - 000046517 _____ C:\Users\preda\Downloads\JNI_Zavislost_na_Internetu_pracovni_list.odt
2018-12-27 13:22 - 2018-12-27 13:22 - 000000746 _____ C:\Users\Public\Desktop\Resident Evil 7 Biohazard.lnk
2018-12-27 13:22 - 2018-12-27 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 7 Biohazard

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-22 23:44 - 2018-08-16 21:10 - 000013938 _____ C:\Users\preda\Desktop\FRST.txt
2019-01-22 23:44 - 2018-02-08 15:31 - 000000000 ____D C:\FRST
2019-01-22 23:37 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-22 22:00 - 2017-06-12 16:28 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-22 20:30 - 2018-08-16 21:11 - 000064041 _____ C:\Users\preda\Desktop\Addition.txt
2019-01-22 19:50 - 2018-05-20 14:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-22 17:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-22 15:39 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-21 21:27 - 2018-05-20 14:27 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-21 21:27 - 2018-04-12 16:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-21 21:27 - 2018-04-12 16:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-21 21:27 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-21 21:20 - 2018-05-20 14:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-21 21:20 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-21 18:55 - 2017-11-14 14:59 - 000000000 ____D C:\Users\preda\AppData\Roaming\uTorrent
2019-01-21 12:46 - 2017-11-14 02:28 - 000000000 ____D C:\Users\preda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-20 22:08 - 2017-12-01 20:18 - 000000000 ____D C:\Users\preda\AppData\Roaming\vlc
2019-01-20 16:03 - 2018-03-07 19:17 - 000000000 ____D C:\Users\preda\AppData\Local\CrashDumps
2019-01-18 18:59 - 2018-11-16 22:30 - 000000000 ____D C:\Program Files\rempl
2019-01-12 01:58 - 2018-11-30 00:14 - 000001228 _____ C:\Users\preda\Desktop\Nový textový dokument.txt
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-01-09 20:10 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-01-09 20:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 20:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 15:58 - 2017-11-14 03:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 15:57 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-09 15:57 - 2017-11-14 03:43 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-05 10:24 - 2017-12-12 20:29 - 000000000 ____D C:\Users\preda\AppData\Local\ElevatedDiagnostics
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-25 13:58 - 2017-11-14 22:35 - 000000000 ____D C:\Users\preda\Documents\The Witcher 3
2018-12-23 18:57 - 2018-11-08 19:28 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-23 17:42 - 2018-01-10 21:13 - 000000000 ____D C:\AdwCleaner

==================== Files in the root of some directories =======

2018-01-22 00:29 - 2018-01-22 00:29 - 000007601 _____ () C:\Users\preda\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2019-01-22 22:04 - 2019-01-22 22:05 - 000192512 _____ () C:\Users\preda\AppData\Local\Temp\sfamcc00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-20 14:18

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.08.2018 02
Ran by preda (22-01-2019 23:44:33)
Running from C:\Users\preda\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-05-20 13:23:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1388702623-1948067699-396894549-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1388702623-1948067699-396894549-503 - Limited - Disabled)
Guest (S-1-5-21-1388702623-1948067699-396894549-501 - Limited - Disabled)
preda (S-1-5-21-1388702623-1948067699-396894549-1001 - Administrator - Enabled) => C:\Users\preda
WDAGUtilityAccount (S-1-5-21-1388702623-1948067699-396894549-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.)
ACW 3.6.2 American Civil War: Brother vs Brother (HKLM-x32\...\ACW 3.6.2 American Civil War: Brother vs Brother) (Version: - )
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Aktualizace pro Microsoft Outlook Social Connector (KB2289116) (HKLM\...\{90140000-001A-0405-1000-0000000FF1CE}_Office14.SingleImage_{024CEC4C-4BD4-4A4C-AC32-10F5FA2EF3BA}) (Version: - Microsoft)
Aliens vs. Predator 2 (HKLM-x32\...\{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}) (Version: - )
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
Battle of Empires 1914-1918 Full (HKLM-x32\...\Battle of Empires 1914-1918 Full_is1) (Version: - )
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call to Arms (HKLM-x32\...\Call to Arms_is1) (Version: - )
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Diablo II (HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\Diablo II) (Version: - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.07 - NVIDIA Corporation) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Europa Universalis IV Rights of Man (HKLM-x32\...\Europa Universalis IV Rights of Man_is1) (Version: - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Kingdom Come: Deliverance - HD Sound Pack (HKLM-x32\...\1929089326_is1) (Version: 1.7.2.1010 - GOG.com)
Kingdom Come: Deliverance - HD Texture Pack (HKLM-x32\...\1597510471_is1) (Version: 1.7.2.1010 - GOG.com)
Kingdom Come: Deliverance - HD Voice Pack - English (HKLM-x32\...\2020258726_is1) (Version: 1.7.2.1010 - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.7.2.1010 - GOG.com)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 2010 pro studenty a domácnosti (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Outlook Social Connector (KB2289116) Şş§ó·s (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{97B083AF-B1CB-4F60-8DFF-93B76D58E570}) (Version: - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
MIRE version 1.0 (HKLM-x32\...\{4C42A72E-D90F-4963-A287-FBF4C5F8DA78}_is1) (Version: 1.0 - Hermann Hetzer)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.07 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.07 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.0.1 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.30.15625 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.07 - NVIDIA Corporation) Hidden
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version: - Capcom)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Division Normandy 44 Back to Hell (HKLM-x32\...\Steel Division Normandy 44 Back to Hell_is1) (Version: - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 45.1 - Ubisoft)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\Wargaming.net Game Center) (Version: 18.8.0.2745 - Wargaming.net)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World in Conflict (HKLM-x32\...\Uplay Install 90) (Version: - Ubisoft)
World of Tanks EU (HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {122F62FC-3616-4549-9991-E7AEE579122A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {19107647-0747-4513-B5F2-9A3C2E7AA5D3} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {1D9A8A0D-9039-4978-A6E7-08DAC1963B79} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {3B6DC468-1DA4-459F-B475-0C694986B99A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {432890DA-7E40-4BDC-91A6-3E4CEF0DD1E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-12] (Google Inc.)
Task: {52301528-37A3-436D-B71E-EE52ABA242CC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {66C739FE-2181-4727-82CB-28F76787A4DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {6A002C57-5906-46B9-8475-1C4343C7FF1E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {77F8D31B-A15A-469F-91CE-5F0310879994} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {85273F16-3220-4CBC-AB8B-972A97F60D11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {947BC106-39C4-4447-8AA1-39B4BF121693} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [2018-04-02] (Adobe Systems Incorporated)
Task: {973CDFDC-56C2-4DBF-A91B-9397F77D0E84} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {ABD154F3-412F-47BC-BB80-0DBB987E786B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {AC416D8D-A980-4BDB-865A-645A5447A5AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {B0175D75-B64F-4256-9BDA-CB4155D50722} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-12] (Google Inc.)
Task: {B78E4F57-22E8-4DF2-8517-7BB53C2F08A3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {CF73440C-9AC8-4111-BF0A-3046D3A7BB95} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {DDD96A22-B8C8-4443-A6A0-0AFEE05D8978} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {FF16843D-ADB4-442F-B598-CE6A9E0A118E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-09-04 18:22 - 2018-07-19 21:16 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-29 17:37 - 2018-06-18 14:45 - 000076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-13 08:54 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-09 15:55 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-23 15:44 - 2018-10-23 15:45 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-13 07:18 - 2018-12-13 07:18 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-13 07:18 - 2018-12-13 07:18 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-13 07:18 - 2018-12-13 07:18 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-13 07:18 - 2018-12-13 07:18 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-13 07:18 - 2018-12-13 07:18 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-13 07:18 - 2018-12-13 07:18 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-09-04 18:22 - 2018-07-19 21:15 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-09-04 18:22 - 2018-07-19 21:15 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-09-04 18:22 - 2018-07-19 21:15 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-12-18 15:36 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-18 15:36 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-09 09:48 - 2018-10-30 19:06 - 001057056 _____ () D:\Hry\bin\cef\cef.win7x64\SDL2.dll
2018-10-13 07:28 - 2018-09-23 01:00 - 102804768 _____ () D:\Hry\bin\cef\cef.win7x64\libcef.dll
2018-10-13 07:28 - 2018-09-23 01:00 - 004866336 _____ () D:\Hry\bin\cef\cef.win7x64\libglesv2.dll
2018-10-13 07:28 - 2018-09-23 01:00 - 000116000 _____ () D:\Hry\bin\cef\cef.win7x64\libegl.dll
2016-05-26 06:52 - 2016-05-26 06:52 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-09-04 18:22 - 2018-07-19 21:16 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-11-09 09:48 - 2018-10-30 19:06 - 000879904 _____ () D:\Hry\SDL2.dll
2018-07-26 13:30 - 2016-09-01 02:02 - 004969248 _____ () D:\Hry\v8.dll
2019-01-09 09:02 - 2019-01-05 00:33 - 002650400 _____ () D:\Hry\video.dll
2018-07-26 13:30 - 2017-12-20 02:43 - 005137696 _____ () D:\Hry\libavcodec-57.dll
2018-07-26 13:30 - 2017-12-20 02:43 - 000695584 _____ () D:\Hry\libavformat-57.dll
2018-07-26 13:30 - 2017-12-20 02:43 - 000847136 _____ () D:\Hry\libavutil-55.dll
2018-07-26 13:30 - 2017-12-20 02:43 - 000783648 _____ () D:\Hry\libswscale-4.dll
2018-07-26 13:30 - 2017-12-20 02:43 - 000351520 _____ () D:\Hry\libavresample-3.dll
2018-07-26 13:30 - 2016-09-01 02:02 - 001195296 _____ () D:\Hry\icuuc.dll
2018-07-26 13:30 - 2016-09-01 02:02 - 001563936 _____ () D:\Hry\icui18n.dll
2019-01-09 09:02 - 2019-01-05 00:33 - 001028384 _____ () D:\Hry\bin\chromehtml.DLL
2018-07-26 13:30 - 2016-07-04 23:17 - 000266560 _____ () D:\Hry\openvr_api.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2018-08-22 19:47 - 000000841 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1388702623-1948067699-396894549-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\system32\oem\lynx.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{544717BB-BA5C-420B-8C2E-C8C4BE044C71}D:\games\call to arms\call_to_arms.exe] => (Block) D:\games\call to arms\call_to_arms.exe
FirewallRules: [TCP Query User{E024FDAD-94FA-426F-AA4F-C9DAE2D84935}D:\games\call to arms\call_to_arms.exe] => (Block) D:\games\call to arms\call_to_arms.exe
FirewallRules: [{0DD06881-A4C6-47E0-9438-7A6E411EB555}] => (Allow) D:\Hry\steamapps\common\WW1GameSeries\WW1 Game Series.exe
FirewallRules: [{D5FAEAFF-2FE0-4C38-9679-7C98B09452C2}] => (Allow) D:\Hry\steamapps\common\WW1GameSeries\WW1 Game Series.exe
FirewallRules: [{9D10667E-16C3-4AC8-9BC8-E462A5134F43}] => (Allow) D:\Hry\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{067BF7CC-CC0B-42FD-A384-1E0C19356F37}] => (Allow) D:\Hry\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [UDP Query User{6A683D2C-C33C-428D-BBF3-6495F710BDFC}C:\program files (x86)\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) C:\program files (x86)\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [TCP Query User{7817D50F-A4E3-4038-B651-EB7BE142E9AC}C:\program files (x86)\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) C:\program files (x86)\call of duty modern warfare remastered\h1_sp64_ship.exe
FirewallRules: [UDP Query User{28ABC5B3-697E-4202-A7D8-C0A50876897E}D:\hry\steamapps\common\insurgency2\insurgency.exe] => (Allow) D:\hry\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [TCP Query User{0508B2D5-7F94-4391-9E00-D0D33F622AF8}D:\hry\steamapps\common\insurgency2\insurgency.exe] => (Allow) D:\hry\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{3E623DFB-36B0-4A4C-950B-78F76C6CDA2D}] => (Allow) D:\Hry\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{DF3E3972-D495-4054-8BBC-5A12ED24CC36}] => (Allow) D:\Hry\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [UDP Query User{835BF61D-7EAC-44BF-A0FF-CEE41B847704}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{A0312615-1AEF-4405-BD4B-D63594E951A1}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{7DBDE7F9-4BA8-4447-A735-055D2D8D059D}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [TCP Query User{46495490-B80A-4466-AB2D-8B7F1C3C5693}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [UDP Query User{EC96803F-745F-4173-944C-DE8F9CB269C6}C:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) C:\games\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [TCP Query User{DFF62D18-13DA-41AA-BFEB-7DE11BB577EE}C:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) C:\games\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [{14D6AC48-A314-4A2F-AADF-496A9374D17B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{91247E6D-1A49-4E22-9388-BDF8052B0EB5}] => (Allow) D:\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{FAFB8B6E-35B0-4A81-BE75-621525DBFDC8}] => (Allow) D:\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{CDF8088C-9D65-439D-8539-EF4AD66EB7FD}] => (Allow) D:\Hry\steamapps\common\WW1GameSeries\1914-1918 Series.exe
FirewallRules: [{B1C6A98E-E8D7-493B-BDD9-B19E04B8B8A8}] => (Allow) D:\Hry\steamapps\common\WW1GameSeries\1914-1918 Series.exe
FirewallRules: [{7440FD28-6575-4B2E-AA6B-1F091CD58975}] => (Allow) D:\Hry\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{F2066274-6E56-4BDF-94F6-2596B57F4E38}] => (Allow) D:\Hry\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{F0D482CD-1DEF-49C6-AE76-9A9185C24785}] => (Allow) D:\Hry\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{7AAF9882-2291-4520-BB39-30C89600CC9F}] => (Allow) D:\Hry\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C45E9936-4F46-4CB3-B911-347167D72014}] => (Allow) D:\Ubisoft Game Launcher\games\World in Conflict\wic_ds.exe
FirewallRules: [{35FEA61D-821D-4C54-8CD4-12411E56178F}] => (Allow) D:\Ubisoft Game Launcher\games\World in Conflict\wic_ds.exe
FirewallRules: [{0B37EAFC-D905-4512-9162-2CCA8AF600DD}] => (Allow) D:\Ubisoft Game Launcher\games\World in Conflict\wic_online.exe
FirewallRules: [{A9E9E09F-0ACD-4F4D-84C4-FABE599BE6F1}] => (Allow) D:\Ubisoft Game Launcher\games\World in Conflict\wic_online.exe
FirewallRules: [{6D6C1147-602D-4968-8DBE-275E5295792E}] => (Allow) D:\Ubisoft Game Launcher\games\World in Conflict\wic.exe
FirewallRules: [{BB67976E-EEDB-4EED-8329-D0B3E04961C9}] => (Allow) D:\Ubisoft Game Launcher\games\World in Conflict\wic.exe
FirewallRules: [{539A61C4-9014-4782-B87C-D575593B0B1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5000F400-4C90-4E1C-A44F-7DA8AD979B51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FC670F94-00EA-46C5-95FF-FC8E68843376}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{471AB376-29A1-4625-B727-50AB4EBEABDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DCF8F61F-D76A-4366-AEAE-076F3F7DDEBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{134EED86-AB38-43F5-8798-FE9EF6A35664}] => (Allow) D:\Hry\Steam.exe
FirewallRules: [{E616B407-EDA5-48AB-9714-B8E583ECECD9}] => (Allow) D:\Hry\Steam.exe
FirewallRules: [{BAEC9F00-8495-476B-B8F6-37DF95FF2C41}] => (Allow) D:\Hry\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C35A07BD-C34D-40EB-9B45-1C34F9B857E5}] => (Allow) D:\Hry\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C9614764-2FAB-48D3-AA4E-EFB665FC1B4E}] => (Allow) C:\Users\preda\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{77851B4E-673D-41E6-9D4B-08847608878E}] => (Allow) C:\Users\preda\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{58BD7567-0E39-4BB7-A620-972E753D2047}D:\hry\fifa18\fifa18.exe] => (Allow) D:\hry\fifa18\fifa18.exe
FirewallRules: [UDP Query User{2F14A05E-F57E-421B-9755-1B2449060647}D:\hry\fifa18\fifa18.exe] => (Allow) D:\hry\fifa18\fifa18.exe
FirewallRules: [TCP Query User{C19843D8-68D6-493B-8F7F-F88585CB525D}D:\total war - attila\attila.exe] => (Allow) D:\total war - attila\attila.exe
FirewallRules: [UDP Query User{D132C045-4CCA-43DD-9D70-4A1197BB2C4F}D:\total war - attila\attila.exe] => (Allow) D:\total war - attila\attila.exe
FirewallRules: [{EE6BD4AC-C964-4240-ACCF-FC7A67BA9B73}] => (Allow) D:\Hry\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [{934DC492-FDE8-429E-A5EB-FFCD9666BEFE}] => (Allow) D:\Hry\steamapps\common\Doki Doki Literature Club\DDLC.exe
FirewallRules: [TCP Query User{03E6619E-747A-499A-8447-19342EE4F703}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F0618792-C064-4AB8-913E-FCEC7AAB4AA7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4EB296A1-3DDE-49B2-88F9-4707FE02F47D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe
FirewallRules: [UDP Query User{818453D7-5D35-4DBE-ADA6-F3A53D0F63D6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4D075180-F8A4-4FAE-B2DC-98734156ADC9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [UDP Query User{72922757-8A03-4B6D-BD46-65FDBB133868}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8EDA5978-E14B-4FD4-904F-33FBE431B491}D:\hry\steamapps\common\insurgency2\insurgency_x64.exe] => (Allow) D:\hry\steamapps\common\insurgency2\insurgency_x64.exe
FirewallRules: [UDP Query User{586BFA55-055F-4F07-90DC-04C4269E606B}D:\hry\steamapps\common\insurgency2\insurgency_x64.exe] => (Allow) D:\hry\steamapps\common\insurgency2\insurgency_x64.exe
FirewallRules: [TCP Query User{E1E3AA17-35ED-4F0B-8D0C-BE0299C430BF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{1F2DC29D-47E4-4704-A704-20155B740A1F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [{A6499EA3-C543-4FEF-A9B4-83D3A1FB950A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{73A524D9-A918-4C5E-A6E7-649E8B95800E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{570AFB70-532F-4055-A0B5-90C3693E7B95}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F1838C8A-CE0B-400D-A840-168EAAACAF08}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B7890C3A-2F18-48F1-B232-70442CC671A9}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{026D4BAD-0FCB-479D-BBD8-AD926FF134B4}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{1AB6870D-0DBC-4C9D-AD48-5C471D54C5CC}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{89E7DCD2-95BE-456F-8B4A-FA72BC1E7D93}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{874B2884-AED0-4616-8BB3-B630B4E77AD8}D:\hry\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) D:\hry\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [UDP Query User{B3BFB1D2-2E2C-4642-BA34-FD0B43D21EB5}D:\hry\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) D:\hry\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [{C1B33F56-72D9-4D47-8875-8A361CD9C8AE}] => (Allow) D:\Hry\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{D17D9DAF-0F6F-416A-9DCA-4C1023BBC284}] => (Allow) D:\Hry\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [TCP Query User{B060FC23-1261-41B6-96F0-2D22F9AFA4AB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{EFD5101C-2DE5-47E6-93B2-981C8282ED0B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [{27533EA7-91A9-4A96-9701-C080AF7D23FF}] => (Allow) D:\Hry\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{5B23FA7E-8CA6-4060-AD3C-FAEFA99EDAAC}] => (Allow) D:\Hry\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [TCP Query User{1167DBCD-C8C7-430A-9A92-DE7EE26FF102}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [UDP Query User{46BDDBA1-759B-4FC2-9FCB-BEFD752F0FBD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [{9F9ED83A-7748-4C1A-BAB8-4E50E418A16A}] => (Allow) D:\Hry\steamapps\common\Ancestors Legacy\Launcher\DCConfig.exe
FirewallRules: [{0B7ABC83-E73A-4DE1-8CCD-FF3D03C86D9E}] => (Allow) D:\Hry\steamapps\common\Ancestors Legacy\Launcher\DCConfig.exe
FirewallRules: [{5AA63C23-7498-4FC2-A222-A23E527F843A}] => (Allow) D:\Hry\steamapps\common\Ancestors Legacy\Anc\Binaries\Win64\Anc-Win64-Shipping.exe
FirewallRules: [{059E950D-361D-486D-BA0F-179F0A18B44E}] => (Allow) D:\Hry\steamapps\common\Ancestors Legacy\Anc\Binaries\Win64\Anc-Win64-Shipping.exe
FirewallRules: [{8B3D65CB-34E3-4E8D-A8D7-EFDBBBD8CF05}] => (Allow) D:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{1881E78A-35BC-4062-A939-C35C149AC223}] => (Allow) D:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{6128F8C0-4CCC-4908-91FF-C580FB03BCA5}] => (Allow) D:\Hry\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{531D93C3-D7B5-4C18-B369-98D8079AD928}] => (Allow) D:\Hry\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{659A1A2E-044D-40AA-BCB3-C8A20C9D27C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8B38E3EF-A804-4D4B-A90D-11825E6A73E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{493D3EB3-48D9-428F-B517-458D97A5C227}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A18EFB91-C302-40DB-88FE-A9CC5E595399}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{21C50D6F-2F54-4D3B-B7D0-C63DA8D1C996}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4501B3BB-268C-446A-8D23-78218BA2F2B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9137C2A-BB59-450F-94ED-E05A1F49BA25}] => (Allow) D:\Hry\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{2F677C0B-24C2-4DC7-BC67-273C5EF8ECDC}] => (Allow) D:\Hry\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{009FA5ED-E0E4-4556-9DCF-5E7EDEA12362}] => (Allow) D:\Hry\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{5BAC2228-B281-466C-8DE3-B910CE053998}] => (Allow) D:\Hry\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{A6EDA6DA-C456-4F1E-ABC5-C8CC94AF4612}] => (Allow) D:\Hry\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{380DA9FF-8545-4A59-9233-C759D212A711}] => (Allow) D:\Hry\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [TCP Query User{DF2C82F5-2FA5-428F-BF5A-498CBF997F4B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [UDP Query User{C5090B10-B1EC-41EB-9672-FE2B86C6E3EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [TCP Query User{B6C909A2-446A-4301-B982-B080CF6F344A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
FirewallRules: [UDP Query User{AF54917B-7F13-407C-AAC9-4F232D370CE0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
FirewallRules: [{328E8D02-2EDE-423E-97EB-9A61B2318DAD}] => (Allow) D:\Hry\steamapps\common\Negligee\Negligee.exe
FirewallRules: [{5DEAF02D-89AA-4CE0-B581-B1ADE16891DB}] => (Allow) D:\Hry\steamapps\common\Negligee\Negligee.exe
FirewallRules: [TCP Query User{74FCA2B4-D11A-4C2B-9CE3-94929554D37C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe
FirewallRules: [UDP Query User{86A63265-C100-47CE-8921-C2B511323222}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe
FirewallRules: [{27377779-CBB2-4F5C-82C1-89EDAE1457BE}] => (Allow) D:\Hry\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{1C1E275B-1925-4A60-8078-1F307BCB497F}] => (Allow) D:\Hry\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [TCP Query User{4D5B6AA4-DFDA-4297-BCF6-8E1182C0B124}D:\hry\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\hry\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe
FirewallRules: [UDP Query User{7EEE713A-1DBE-40FC-ACB4-EC6EAA88CB10}D:\hry\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\hry\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe
FirewallRules: [{61040314-83B7-4592-9C50-C243B9DD4301}] => (Allow) D:\Hry\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{A3137B1B-A550-4B7D-AE65-5E47800362CF}] => (Allow) D:\Hry\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{5EF5CDFA-7DD7-4F4A-8151-FE04F6E48641}] => (Allow) D:\Hry\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{59B721FB-AD2E-438F-B76E-1D4317C3FFD4}] => (Allow) D:\Hry\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [TCP Query User{E97A9605-691F-443A-BC3D-ABE0C81053C3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe
FirewallRules: [UDP Query User{E61420ED-EAF6-42E0-B4B5-04FDC21FD222}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe
FirewallRules: [TCP Query User{78B5AFDE-2AE9-409C-BB1F-3407A7240099}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{2285890C-B72E-433A-9CB3-5D83F9ECB86F}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [TCP Query User{F2A99234-92F8-4DD7-901F-69BCFA92F275}D:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\worldoftanks.exe
FirewallRules: [UDP Query User{57CA7500-09DA-4720-8FD4-677C3EB99BA9}D:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\worldoftanks.exe
FirewallRules: [{EF5049A8-0B79-4762-9662-8F44A0CB5861}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E6ABB908-6201-4D10-9C06-D3628014E7E0}] => (Allow) D:\Hry\steamapps\common\Victoria 2\victoria2.exe
FirewallRules: [{6E561B7B-23DF-4B2B-847F-39658A9A9371}] => (Allow) D:\Hry\steamapps\common\Victoria 2\victoria2.exe
FirewallRules: [TCP Query User{ADA6BA72-EA8E-401F-A3B2-CBF48D7511D5}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [UDP Query User{ADBC8DCA-0DE1-44C1-A9BE-D4BA9DF49F84}D:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) D:\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [{6B23DAAC-8427-4FD4-97F0-01A6DCC95122}] => (Allow) D:\Hry\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2 1-Shot Demo\re2.exe
FirewallRules: [{D885F12D-58F0-435A-AA41-4C36173D47A3}] => (Allow) D:\Hry\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2 1-Shot Demo\re2.exe
FirewallRules: [{104FA6F4-7939-4437-A501-CC6CCDA8BAF9}] => (Allow) D:\Hry\steamapps\common\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{023CAC60-68D0-415A-AE67-F426825197C9}] => (Allow) D:\Hry\steamapps\common\Far Cry 4\bin\FarCry4.exe

==================== Restore Points =========================

03-01-2019 12:02:49 Nainstalováno rozhraní DirectX
09-01-2019 15:55:10 Windows Update
17-01-2019 20:14:53 Windows Update

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/20/2019 04:03:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.Photos.exe, verze: 2019.18112.20010.0, časové razítko: 0x5c35431e
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.17134.376, časové razítko: 0x35659a8d
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006a56b2
ID chybujícího procesu: 0x2a14
Čas spuštění chybující aplikace: 0x01d4b0b00050de0e
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta k chybujícímu modulu: C:\Windows\System32\Windows.UI.Xaml.dll
ID zprávy: 2f0d385c-d49e-4b89-8f28-c3caa19bd65c
Úplný název chybujícího balíčku: Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (01/17/2019 08:15:00 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Produkt: Update for Windows 10 for x64-based Systems (KB4023057) - A later version of Update for Windows 10 for x64-based Systems (KB4023057) is already installed. Setup will now exit.

Error: (12/23/2018 05:42:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_7.0.7.0 (1).exe, verze: 7.0.7.0, časové razítko: 0x5a613aa4
Název chybujícího modulu: adwcleaner_7.0.7.0 (1).exe, verze: 7.0.7.0, časové razítko: 0x5a613aa4
Kód výjimky: 0xc0000005
Posun chyby: 0x0004c7aa
ID chybujícího procesu: 0x2484
Čas spuštění chybující aplikace: 0x01d49ade84c8dad4
Cesta k chybující aplikaci: C:\Users\preda\Desktop\adwcleaner_7.0.7.0 (1).exe
Cesta k chybujícímu modulu: C:\Users\preda\Desktop\adwcleaner_7.0.7.0 (1).exe
ID zprávy: 997dc2b2-bb0a-4a02-b001-0ae2d0f233b5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/21/2018 08:01:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (12/16/2018 08:22:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000008f436
ID chybujícího procesu: 0x1114
Čas spuštění chybující aplikace: 0x01d4952261b5a7cb
Cesta k chybující aplikaci: c:\windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 0df0ee6a-3f86-42a3-a2db-a1729fda99e9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/07/2018 12:36:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: v2game.exe, verze: 0.0.0.0, časové razítko: 0x51658083
Název chybujícího modulu: v2game.exe, verze: 0.0.0.0, časové razítko: 0x51658083
Kód výjimky: 0xc0000005
Posun chyby: 0x00414675
ID chybujícího procesu: 0x5c4
Čas spuštění chybující aplikace: 0x01d48e20e696e382
Cesta k chybující aplikaci: C:\Program Files (x86)\Victoria 2 Heart of Darkness\v2game.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Victoria 2 Heart of Darkness\v2game.exe
ID zprávy: ae023bca-987d-46cb-8093-0f27775ef91e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/07/2018 12:21:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: v2game.exe, verze: 0.0.0.0, časové razítko: 0x51658083
Název chybujícího modulu: v2game.exe, verze: 0.0.0.0, časové razítko: 0x51658083
Kód výjimky: 0xc0000005
Posun chyby: 0x00414675
ID chybujícího procesu: 0x24d8
Čas spuštění chybující aplikace: 0x01d48e1ecd4eea50
Cesta k chybující aplikaci: D:\Games\Victoria 2 Heart of Darkness\v2game.exe
Cesta k chybujícímu modulu: D:\Games\Victoria 2 Heart of Darkness\v2game.exe
ID zprávy: 82d7dbb4-bdac-46f9-a345-e747029fb981
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/02/2018 09:53:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Steam.exe, verze: 4.83.53.91, časové razítko: 0x5bfc5505
Název chybujícího modulu: tier0_s.dll_unloaded, verze: 4.83.53.91, časové razítko: 0x5bfc548a
Kód výjimky: 0xc00001a5
Posun chyby: 0x00036ac0
ID chybujícího procesu: 0x51c
Čas spuštění chybující aplikace: 0x01d48a24b099695a
Cesta k chybující aplikaci: D:\Hry\Steam.exe
Cesta k chybujícímu modulu: tier0_s.dll
ID zprávy: 1d132ddf-764e-4e5c-8a9b-9910d09459ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/22/2019 10:07:09 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N626K5C)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-N626K5C\preda (SID: S-1-5-21-1388702623-1948067699-396894549-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/22/2019 10:00:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N626K5C)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-N626K5C\preda (SID: S-1-5-21-1388702623-1948067699-396894549-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/22/2019 09:59:09 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N626K5C)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-N626K5C\preda (SID: S-1-5-21-1388702623-1948067699-396894549-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/22/2019 09:58:55 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N626K5C)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-N626K5C\preda (SID: S-1-5-21-1388702623-1948067699-396894549-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/22/2019 08:56:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N626K5C)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-N626K5C\preda (SID: S-1-5-21-1388702623-1948067699-396894549-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/22/2019 08:06:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N626K5C)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-N626K5C\preda (SID: S-1-5-21-1388702623-1948067699-396894549-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/22/2019 07:51:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N626K5C)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-N626K5C\preda (SID: S-1-5-21-1388702623-1948067699-396894549-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/22/2019 06:40:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N626K5C)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-N626K5C\preda (SID: S-1-5-21-1388702623-1948067699-396894549-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2018-11-23 09:38:07.699
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-23 09:38:07.696
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-22 11:07:59.599
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-22 11:07:59.597
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-21 09:10:16.661
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-21 09:10:16.658
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-20 11:22:41.347
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-20 11:22:41.343
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 40%
Total physical RAM: 8156.13 MB
Available physical RAM: 4845.77 MB
Total Virtual: 9692.13 MB
Available Virtual: 4669.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.68 GB) (Free:45.96 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:877.14 GB) NTFS
Drive g: (Grand Theft Auto V) (CDROM) (Total:59.03 GB) (Free:0 GB) UDF

\\?\Volume{c7153f6a-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.89 GB) (Free:0.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: C7153F6A)
Partition 1: (Active) - (Size=913 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.7 GB) - (Type=07 NTFS)

========================================================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Steam Games 2.
  C:\Steam Games 2.
  HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: F - "F:\setup.exe" 
  HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: G - "G:\setup.exe" 
  HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: {52ead3b1-1032-11e9-9e4d-309c2309f422} - "G:\HiSuiteDownLoader.exe" 
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 19.08.2018 02
Ran by preda (23-01-2019 21:12:17) Run:8
Running from C:\Users\preda\Desktop
Loaded Profiles: preda (Available Profiles: preda)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Steam Games 2.
C:\Steam Games 2.
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: F - "F:\setup.exe"
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: G - "G:\setup.exe"
HKU\S-1-5-21-1388702623-1948067699-396894549-1001\...\MountPoints2: {52ead3b1-1032-11e9-9e4d-309c2309f422} - "G:\HiSuiteDownLoader.exe"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 250
Average :
Sum : 557383937
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Steam Games 2. ========================

"C:\Steam Games 2." => not found
====== End of File: ======

"C:\Steam Games 2." => not found
"HKU\S-1-5-21-1388702623-1948067699-396894549-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => removed successfully
"HKU\S-1-5-21-1388702623-1948067699-396894549-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => removed successfully
"HKU\S-1-5-21-1388702623-1948067699-396894549-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52ead3b1-1032-11e9-9e4d-309c2309f422}" => removed successfully
HKLM\Software\Classes\CLSID\{52ead3b1-1032-11e9-9e4d-309c2309f422} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 601256598 B
Java, Flash, Steam htmlcache => 371528435 B
Windows/system/drivers => 94833 B
Edge => 2718065 B
Chrome => 551477303 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 320324 B
NetworkService => 0 B
preda => 130002178 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:12:54 ====

Logy vyzeraju OK. Su este nejake problemy s PC?