Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Záhadný pád do modré smrti

V tomto fóru se řeší problematika modré smrti - BSOD

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Kema1962
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 03 črc 2016 06:11

Záhadný pád do modré smrti

#1 Příspěvek od Kema1962 »

Ahoj všem.
Nejprve popřeji Vše NEJ v novém roce 2020.

Mám problém se stolním počítačem, který v posledních dnech již asi potřetí spadl do modré smrti.
Přes vánoční svátky se u klávesnice vystřídalo více lidí a tak teď nevím jestli je problém na straně HW nebo jestli nám do systému nevlezla nějaká potvora.
Prosím tedy o kontrolu logu.
A předem MOC děkuji :-)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Kema (administrator) on KEMA-PC (Gigabyte Technology Co., Ltd. H81M-S2PV) (04-01-2020 10:58:10)
Running from D:\stažené soubory
Loaded Profiles: Kema (Available Profiles: Kema)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) D:\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Kema\AppData\Local\WhatsApp\app-0.3.9309\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Kema\AppData\Local\WhatsApp\app-0.3.9309\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Kema\AppData\Local\WhatsApp\app-0.3.9309\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Kema\AppData\Local\WhatsApp\app-0.3.9309\WhatsApp.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [WhatsApp] => C:\Users\Kema\AppData\Local\WhatsApp\Update.exe [2253232 2019-12-13] (WhatsApp, Inc -> )
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Kema\AppData\Local\WhatsApp\Update.exe [2253232 2019-12-13] (WhatsApp, Inc -> )
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91503464 2019-12-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [CCleaner Smart Cleaning] => D:\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Policies\Explorer: [NoSecurityTab] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FA82C00-6561-4023-A5ED-D3FE52000FF4} - System32\Tasks\CCleanerSkipUAC => D:\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {1ED0E0B2-D927-48FA-BB64-21CF69D7787D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe)
Task: {35A3D979-7367-4495-A684-AE4BE62C7410} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-15] (Google Inc -> Google Inc.)
Task: {502C46F4-FFCA-477D-8348-3C6408EFBDC9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-10] (Adobe Inc. -> Adobe)
Task: {5B241BD6-B73A-4C28-9222-B31FAE08D11C} - System32\Tasks\CCleaner Update => D:\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {60FFA8DD-4DD9-426F-82E7-3B1F80E79D22} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {704C73E0-D859-49AA-84B6-D48DC59B7BBE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {9C9B4C32-BF6F-4C61-8B78-AA24D147AD6B} - System32\Tasks\{AA7F488A-E2ED-40A0-9A4C-B39DBF142DF4} => C:\Windows\system32\pcalua.exe -a C:\Users\Kema\Downloads\F-DCDATA-2017W.exe -d C:\Users\Kema\Downloads
Task: {A470041B-6305-482E-9E7E-22B0021D675C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-15] (Google Inc -> Google Inc.)
Task: {B826EC51-7281-447B-8AE2-E484BE24B5CE} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineUP => C:\Windows\SysWOW64\Microsoft\Protect\S-1-84-54\RB_1.4.84.30.exe (Access Denied) <==== ATTENTION
Task: {BCCDB329-E4BA-4501-80BA-B18566D1307F} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené soubory\esetonlinescanner_csy.exe
Task: {C18FB085-6CC8-4EBE-929F-059E6A74D5D1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-10] (Adobe Inc. -> Adobe)
Task: {E2C52C53-D067-4C71-B9D0-60FFD2737CCC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F17C2AFC-7347-4AE8-B92E-501B13E745A0} - System32\Tasks\Opera scheduled Autoupdate 1536670065 => C:\Users\Kema\AppData\Local\Programs\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {FEB5AE5C-5874-4817-B0A7-10DA7B799685} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené soubory\esetonlinescanner_csy.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{7104C21C-2A53-436C-AA15-0F9478A1ED07}: [NameServer] 213.46.172.36,8.8.4.4
Tcpip\..\Interfaces\{7104C21C-2A53-436C-AA15-0F9478A1ED07}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4213312026-2111819374-3992623673-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/?shva=1#inbox"
CHR Notifications: Default -> hxxps://mail.google.com
CHR Profile: C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default [2020-01-04]
CHR DownloadDir: D:\stažené soubory
CHR Extension: (Prezentace) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-11]
CHR Extension: (Replace Favicon) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2018-09-11]
CHR Extension: (Dokumenty) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-11]
CHR Extension: (Disk Google) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-11]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2019-11-22]
CHR Extension: (Guitar Tuner) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglmpmegfnbclojedloihcbkemoiddi [2018-09-11]
CHR Extension: (Video Downloader professional) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-11]
CHR Extension: (Tabulky) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-11]
CHR Extension: (I don't care about cookies) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2019-12-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Flash-HTML5 for YouTube™) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2018-10-14]
CHR Extension: (Gmail) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-14]
CHR Extension: (uBlock Adblocker Plus) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhflmgomffaphmnbcogleagmloijbkd [2018-09-11]
CHR Profile: C:\Users\Kema\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-13]
CHR HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Kema\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2018-09-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [204288 2017-07-15] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
R2 ss_conn_service; D:\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11791704 2019-03-18] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9359872 2017-07-15] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [309760 2017-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S2 eusk2par; C:\Windows\SysWOW64\Drivers\eusk2par.sys [16695 2003-06-06] (EUTRON) [File not signed]
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-10-06] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10916352 2009-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Sonix Co. Ltd.)
S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10526464 2009-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Sonix Co. Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [43648 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-04 10:52 - 2020-01-04 10:52 - 000000444 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-01-04 10:52 - 2020-01-04 10:52 - 000000444 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-25 14:26 - 2019-12-25 14:26 - 000071875 _____ C:\Users\Kema\Downloads\1577219631447.JPEG
2019-12-25 14:25 - 2019-12-25 14:25 - 000230327 _____ C:\Users\Kema\Downloads\1573498945274.JPEG
2019-12-25 14:24 - 2019-12-25 14:24 - 000061416 _____ C:\Users\Kema\Downloads\1577218914159.JPEG
2019-12-11 15:24 - 2019-12-06 06:27 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2019-12-11 15:24 - 2019-11-28 04:33 - 000710072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-11 15:24 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-12-11 15:24 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-12-11 15:24 - 2019-11-28 04:32 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-12-11 15:24 - 2019-11-28 04:32 - 000627664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-11 15:24 - 2019-11-28 04:32 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-12-11 15:24 - 2019-11-28 04:32 - 000155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-12-11 15:24 - 2019-11-28 04:32 - 000097208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-12-11 15:24 - 2019-11-28 04:31 - 005554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-11 15:24 - 2019-11-28 04:31 - 001671504 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-12-11 15:24 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-12-11 15:24 - 2019-11-28 04:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-12-11 15:24 - 2019-11-28 04:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-12-11 15:24 - 2019-11-28 04:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-12-11 15:24 - 2019-11-28 03:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-12-11 15:24 - 2019-11-28 03:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-12-11 15:24 - 2019-11-28 03:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-12-11 15:24 - 2019-11-28 03:58 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-12-11 15:24 - 2019-11-28 03:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-12-11 15:24 - 2019-11-28 03:57 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-11 15:24 - 2019-11-28 03:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-12-11 15:24 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-12-11 15:24 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 03:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-12-11 15:24 - 2019-11-28 03:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-12-11 15:24 - 2019-11-28 03:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-12-11 15:24 - 2019-11-28 03:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-12-11 15:24 - 2019-11-28 03:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-12-11 15:24 - 2019-11-28 03:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-12-11 15:24 - 2019-11-28 03:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-12-11 15:24 - 2019-11-28 03:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-12-11 15:24 - 2019-11-28 03:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-12-11 15:24 - 2019-11-23 08:48 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-12-11 15:24 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-12-11 15:24 - 2019-11-21 03:16 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-11 15:24 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-11 15:24 - 2019-11-21 01:48 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-11 15:24 - 2019-11-19 21:56 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-12-11 15:24 - 2019-11-19 21:44 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-12-11 15:24 - 2019-11-19 21:44 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-12-11 15:24 - 2019-11-19 21:31 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-12-11 15:24 - 2019-11-19 21:30 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-12-11 15:24 - 2019-11-19 21:29 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-12-11 15:24 - 2019-11-19 21:29 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-12-11 15:24 - 2019-11-19 21:29 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-12-11 15:24 - 2019-11-19 21:22 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-12-11 15:24 - 2019-11-19 21:21 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-12-11 15:24 - 2019-11-19 21:19 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-12-11 15:24 - 2019-11-19 21:18 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-12-11 15:24 - 2019-11-19 21:18 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-12-11 15:24 - 2019-11-19 21:18 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-12-11 15:24 - 2019-11-19 21:18 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-12-11 15:24 - 2019-11-19 21:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-12-11 15:24 - 2019-11-19 21:10 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-12-11 15:24 - 2019-11-19 21:07 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-12-11 15:24 - 2019-11-19 21:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 15:24 - 2019-11-19 21:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-12-11 15:24 - 2019-11-19 21:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-12-11 15:24 - 2019-11-19 20:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-12-11 15:24 - 2019-11-19 20:56 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-12-11 15:24 - 2019-11-19 20:54 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-12-11 15:24 - 2019-11-19 20:52 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-12-11 15:24 - 2019-11-19 20:43 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-12-11 15:24 - 2019-11-19 20:41 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-12-11 15:24 - 2019-11-19 20:41 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-12-11 15:24 - 2019-11-19 20:39 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-12-11 15:24 - 2019-11-19 20:39 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-12-11 15:24 - 2019-11-19 20:36 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-12-11 15:24 - 2019-11-19 20:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-12-11 15:24 - 2019-11-19 20:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-12-11 15:24 - 2019-11-19 20:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-12-11 15:24 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-11 15:24 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-12-11 15:24 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-12-11 15:24 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-12-11 15:24 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-12-11 15:24 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-12-11 15:24 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-12-11 15:24 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-12-11 15:24 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-12-11 15:24 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-12-11 15:24 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-12-11 15:24 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-12-11 15:24 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-12-11 15:24 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-12-11 15:24 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-12-11 15:24 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-12-11 15:24 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-12-11 15:24 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-12-11 15:24 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-12-11 15:24 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-12-11 15:24 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-12-11 15:24 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-12-11 15:24 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-12-11 15:24 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-12-11 15:24 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-12-11 15:24 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-12-11 15:24 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-12-11 15:24 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-12-11 15:24 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-12-11 15:24 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-12-11 15:24 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-11 15:24 - 2019-11-15 03:25 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-12-11 15:24 - 2019-11-15 03:06 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-11 15:24 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-12-11 15:24 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-12-11 15:24 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2019-12-11 15:24 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-12-11 15:24 - 2019-11-15 02:48 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-12-11 15:24 - 2019-11-15 02:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-11 15:24 - 2019-11-05 22:25 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-11 15:24 - 2019-10-26 01:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-07 15:00 - 2019-12-07 15:00 - 000000222 _____ C:\Users\Kema\Desktop\Euro Truck Simulator 2.url
2019-12-07 14:58 - 2020-01-04 10:53 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-07 14:58 - 2019-12-07 14:58 - 000000967 _____ C:\Users\Public\Desktop\Steam.lnk
2019-12-07 14:58 - 2019-12-07 14:58 - 000000967 _____ C:\ProgramData\Desktop\Steam.lnk
2019-12-07 14:58 - 2019-12-07 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-04 10:58 - 2019-09-13 06:08 - 000000000 ____D C:\FRST
2020-01-04 10:55 - 2019-10-03 17:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-04 10:55 - 2019-10-03 17:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-01-04 10:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-01-04 10:53 - 2018-01-27 09:51 - 000000000 ____D C:\Windows\Minidump
2020-01-04 10:53 - 2017-12-19 09:12 - 000000000 ____D C:\Users\Kema\AppData\Roaming\PhotoScape
2020-01-04 10:53 - 2017-09-23 07:45 - 000000000 ____D C:\Users\Kema\AppData\Local\CrashDumps
2020-01-04 10:52 - 2017-10-26 10:21 - 000003824 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-01-04 10:52 - 2017-07-23 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-04 10:51 - 2009-07-14 05:45 - 000030160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-04 10:51 - 2009-07-14 05:45 - 000030160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-04 10:48 - 2010-11-21 10:27 - 000668542 _____ C:\Windows\system32\perfh005.dat
2020-01-04 10:48 - 2010-11-21 10:27 - 000141202 _____ C:\Windows\system32\perfc005.dat
2020-01-04 10:48 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-04 10:44 - 2018-08-27 03:54 - 000000000 ___RD C:\Users\Kema\Disk Google
2020-01-04 10:44 - 2018-06-03 18:22 - 000000000 ____D C:\Users\Kema\AppData\Roaming\WhatsApp
2020-01-04 10:44 - 2017-12-27 14:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-04 10:43 - 2017-11-17 11:36 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-04 10:43 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-03 18:04 - 2017-11-18 01:53 - 000000000 ___RD C:\Users\Kema\Documents\Euro Truck Simulator 2
2020-01-03 12:57 - 2018-08-27 03:52 - 000000000 ____D C:\Users\Kema\GoogleDisk
2019-12-25 17:49 - 2017-07-16 20:59 - 000000000 ____D C:\Users\Kema\AppData\Roaming\vlc
2019-12-21 14:06 - 2019-05-22 14:53 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-12-20 08:04 - 2018-09-11 13:47 - 000004040 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1536670065
2019-12-18 07:33 - 2018-09-11 13:42 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 07:33 - 2018-09-11 13:42 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-18 07:33 - 2018-09-11 13:42 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-17 07:31 - 2019-01-31 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-12-14 12:31 - 2017-07-15 08:26 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 12:31 - 2017-07-15 08:26 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 04:38 - 2018-12-22 11:54 - 000000000 ____D C:\Users\Kema\AppData\Local\WhatsApp
2019-12-13 04:38 - 2018-06-03 18:22 - 000000000 ____D C:\Users\Kema\AppData\Local\SquirrelTemp
2019-12-12 17:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-12-12 04:49 - 2019-05-22 14:53 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2019-12-12 04:34 - 2009-07-14 05:45 - 000290928 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-11 21:59 - 2017-07-15 13:16 - 000000000 ____D C:\Windows\system32\MRT
2019-12-11 21:57 - 2017-07-15 13:16 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-11 19:24 - 2017-10-23 08:30 - 000000000 ____D C:\ProgramData\TruckersMP
2019-12-10 15:30 - 2018-10-14 00:45 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-12-10 15:30 - 2018-09-11 14:16 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-12-10 15:30 - 2018-09-11 14:16 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-12-10 15:30 - 2018-09-11 14:16 - 000004536 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-10 15:30 - 2018-09-11 14:16 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-12-10 15:30 - 2018-09-11 14:16 - 000000000 ____D C:\Windows\system32\Macromed
2019-12-10 15:24 - 2018-10-14 11:35 - 000004524 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier

==================== Files in the root of some directories ========

2017-07-24 12:48 - 2019-08-29 03:49 - 000011776 _____ () C:\Users\Kema\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-05-02 03:44 - 2019-05-02 03:44 - 000000000 _____ () C:\Users\Kema\AppData\Local\oobelibMkey.log
2017-12-03 04:51 - 2019-02-27 04:50 - 000000600 _____ () C:\Users\Kema\AppData\Local\PUTTY.RND
2018-12-09 14:18 - 2019-01-27 18:57 - 000007598 _____ () C:\Users\Kema\AppData\Local\Resmon.ResmonCfg
2017-07-30 07:56 - 2017-07-30 07:56 - 000032038 _____ () C:\Users\Kema\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2019-05-17 17:08 - 2019-05-17 17:08 - 000000016 _____ () C:\Users\Kema\AppData\Local\x-plane_install_11.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Kema (04-01-2020 10:58:47)
Running from D:\stažené soubory
Windows 7 Professional Service Pack 1 (X64) (2017-07-15 07:16:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4213312026-2111819374-3992623673-500 - Administrator - Disabled)
Guest (S-1-5-21-4213312026-2111819374-3992623673-501 - Limited - Enabled)
Kema (S-1-5-21-4213312026-2111819374-3992623673-1000 - Administrator - Enabled) => C:\Users\Kema

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
ATI Catalyst Install Manager (HKLM\...\{3FD3FC64-DA16-318E-DFD5-57466FF5FEB5}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CPUID CPU-Z 1.81.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.81.1 - ) <==== ATTENTION
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
EAGLE 9.0.0 (HKLM\...\EAGLE_is1) (Version: 9.0.0 - Autodesk, Inc.)
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e9d78d68-c26c-4da7-9158-99355d8ef3ad}) (Version: 14.10.25017.0 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
ON_OFF Charge 2 B18.1203.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.18.1203.1 - GIGABYTE) Hidden
ON_OFF Charge 2 B18.1203.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.18.1203.1 - GIGABYTE)
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PDF Editor 64bit 5 (HKLM\...\PDF Editor 64bit 5) (Version: - )
PDF Editor verze 1.5 (HKLM-x32\...\PDF Editor_is1) (Version: 1.5 - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Skype verze 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.2558 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Trust Webcam (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1211.103 - Sonix)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\WhatsApp) (Version: 0.3.9309 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Device Recovery Tool 3.12.24302 (HKLM-x32\...\{d4bcfd3c-d535-406b-ae50-9cb33686933e}) (Version: 3.12.24302 - Microsoft)
Windows Phone app for desktop (HKLM-x32\...\{CE9BDD0F-BAF3-474D-B6D8-15B84BDAB229}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Záhadný pád do modré smrti

#2 Příspěvek od Rudy »

Zdravím!
Otevřte adresář c:\windows\minidump, soubory v něm zabalte do raru a přiložte k vašemu příštímu postu. Zároveň přesouvám vlákno do správné sekce.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Kema1962
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 03 črc 2016 06:11

Re: Záhadný pád do modré smrti

#3 Příspěvek od Kema1962 »

Říká mi to že složka je prázdná.
Nic tam nevidím.

C:\Windows\Minidump

Obsazený prostor:
0 bajtů - počet souborů: 0

Skutečná velikost (dle využitých clusterů) na zdrojovém disku:
0 bajtů

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Záhadný pád do modré smrti

#4 Příspěvek od Rudy »

To je smůla, systém problém nezapsal a tím pádem nevíme co ho způsobilo. Zkusíme alespoň vyčistit systém. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Kema1962
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 03 črc 2016 06:11

Re: Záhadný pád do modré smrti

#5 Příspěvek od Kema1962 »

Zde je ten výsledek:

Jo - ještě se mi před chvilkou stalo že mi najednou Seznam napsal abych si změnil heslo - že prý mohlo být prozrazeno.
Ne do e-mailu ale při přihlašování do Sbazaru.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-02.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-04-2020
# Duration: 00:00:00
# OS: Windows 7 Professional
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Replace Favicon

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\Kema\AppData\Roaming\SAMSUNG\SMART SWITCH PC


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1410 octets] - [04/01/2020 19:35:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Záhadný pád do modré smrti

#6 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Kema1962
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 03 črc 2016 06:11

Re: Záhadný pád do modré smrti

#7 Příspěvek od Kema1962 »

Zde jsou:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Kema (administrator) on KEMA-PC (Gigabyte Technology Co., Ltd. H81M-S2PV) (04-01-2020 21:56:34)
Running from D:\stažené soubory
Loaded Profiles: Kema (Available Profiles: Kema)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) D:\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [WhatsApp] => C:\Users\Kema\AppData\Local\WhatsApp\Update.exe [2253232 2019-12-13] (WhatsApp, Inc -> )
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Kema\AppData\Local\WhatsApp\Update.exe [2253232 2019-12-13] (WhatsApp, Inc -> )
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91503464 2019-12-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [CCleaner Smart Cleaning] => D:\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Policies\Explorer: [NoSecurityTab] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FA82C00-6561-4023-A5ED-D3FE52000FF4} - System32\Tasks\CCleanerSkipUAC => D:\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {1ED0E0B2-D927-48FA-BB64-21CF69D7787D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe)
Task: {35A3D979-7367-4495-A684-AE4BE62C7410} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-15] (Google Inc -> Google Inc.)
Task: {502C46F4-FFCA-477D-8348-3C6408EFBDC9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-10] (Adobe Inc. -> Adobe)
Task: {5B241BD6-B73A-4C28-9222-B31FAE08D11C} - System32\Tasks\CCleaner Update => D:\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {60FFA8DD-4DD9-426F-82E7-3B1F80E79D22} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {704C73E0-D859-49AA-84B6-D48DC59B7BBE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {9C9B4C32-BF6F-4C61-8B78-AA24D147AD6B} - System32\Tasks\{AA7F488A-E2ED-40A0-9A4C-B39DBF142DF4} => C:\Windows\system32\pcalua.exe -a C:\Users\Kema\Downloads\F-DCDATA-2017W.exe -d C:\Users\Kema\Downloads
Task: {A470041B-6305-482E-9E7E-22B0021D675C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-15] (Google Inc -> Google Inc.)
Task: {B826EC51-7281-447B-8AE2-E484BE24B5CE} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineUP => C:\Windows\SysWOW64\Microsoft\Protect\S-1-84-54\RB_1.4.84.30.exe (Access Denied) <==== ATTENTION
Task: {BCCDB329-E4BA-4501-80BA-B18566D1307F} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené soubory\esetonlinescanner_csy.exe
Task: {C18FB085-6CC8-4EBE-929F-059E6A74D5D1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-10] (Adobe Inc. -> Adobe)
Task: {E2C52C53-D067-4C71-B9D0-60FFD2737CCC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F17C2AFC-7347-4AE8-B92E-501B13E745A0} - System32\Tasks\Opera scheduled Autoupdate 1536670065 => C:\Users\Kema\AppData\Local\Programs\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {FEB5AE5C-5874-4817-B0A7-10DA7B799685} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené soubory\esetonlinescanner_csy.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{7104C21C-2A53-436C-AA15-0F9478A1ED07}: [NameServer] 213.46.172.36,8.8.4.4
Tcpip\..\Interfaces\{7104C21C-2A53-436C-AA15-0F9478A1ED07}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4213312026-2111819374-3992623673-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/?shva=1#inbox"
CHR Notifications: Default -> hxxps://mail.google.com
CHR Profile: C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default [2020-01-04]
CHR DownloadDir: D:\stažené soubory
CHR Extension: (Prezentace) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-11]
CHR Extension: (Dokumenty) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-11]
CHR Extension: (Disk Google) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-11]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2019-11-22]
CHR Extension: (Guitar Tuner) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglmpmegfnbclojedloihcbkemoiddi [2018-09-11]
CHR Extension: (Video Downloader professional) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-11]
CHR Extension: (Tabulky) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-11]
CHR Extension: (I don't care about cookies) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2019-12-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Flash-HTML5 for YouTube™) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2018-10-14]
CHR Extension: (Gmail) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-14]
CHR Extension: (uBlock Adblocker Plus) - C:\Users\Kema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhflmgomffaphmnbcogleagmloijbkd [2018-09-11]
CHR Profile: C:\Users\Kema\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-13]
CHR HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Kema\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2018-09-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [204288 2017-07-15] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
R2 ss_conn_service; D:\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11791704 2019-03-18] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9359872 2017-07-15] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [309760 2017-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S2 eusk2par; C:\Windows\SysWOW64\Drivers\eusk2par.sys [16695 2003-06-06] (EUTRON) [File not signed]
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-10-06] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10916352 2009-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Sonix Co. Ltd.)
S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10526464 2009-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Sonix Co. Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [43648 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-04 19:34 - 2020-01-04 19:36 - 000000000 ____D C:\AdwCleaner
2020-01-04 10:52 - 2020-01-04 10:52 - 000000444 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-01-04 10:52 - 2020-01-04 10:52 - 000000444 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-25 14:26 - 2019-12-25 14:26 - 000071875 _____ C:\Users\Kema\Downloads\1577219631447.JPEG
2019-12-25 14:25 - 2019-12-25 14:25 - 000230327 _____ C:\Users\Kema\Downloads\1573498945274.JPEG
2019-12-25 14:24 - 2019-12-25 14:24 - 000061416 _____ C:\Users\Kema\Downloads\1577218914159.JPEG
2019-12-11 15:24 - 2019-12-06 06:27 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2019-12-11 15:24 - 2019-11-28 04:33 - 000710072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-11 15:24 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-12-11 15:24 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-12-11 15:24 - 2019-11-28 04:32 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-12-11 15:24 - 2019-11-28 04:32 - 000627664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-11 15:24 - 2019-11-28 04:32 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-12-11 15:24 - 2019-11-28 04:32 - 000155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-12-11 15:24 - 2019-11-28 04:32 - 000097208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-12-11 15:24 - 2019-11-28 04:31 - 005554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-11 15:24 - 2019-11-28 04:31 - 001671504 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-12-11 15:24 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-12-11 15:24 - 2019-11-28 04:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-12-11 15:24 - 2019-11-28 04:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-12-11 15:24 - 2019-11-28 04:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-12-11 15:24 - 2019-11-28 03:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-12-11 15:24 - 2019-11-28 03:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-12-11 15:24 - 2019-11-28 03:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-12-11 15:24 - 2019-11-28 03:58 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-12-11 15:24 - 2019-11-28 03:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-12-11 15:24 - 2019-11-28 03:57 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-11 15:24 - 2019-11-28 03:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-12-11 15:24 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-12-11 15:24 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-11 15:24 - 2019-11-28 03:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-12-11 15:24 - 2019-11-28 03:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-12-11 15:24 - 2019-11-28 03:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-12-11 15:24 - 2019-11-28 03:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-12-11 15:24 - 2019-11-28 03:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-12-11 15:24 - 2019-11-28 03:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-12-11 15:24 - 2019-11-28 03:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-12-11 15:24 - 2019-11-28 03:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-12-11 15:24 - 2019-11-28 03:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-12-11 15:24 - 2019-11-28 03:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-12-11 15:24 - 2019-11-23 08:48 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-12-11 15:24 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-12-11 15:24 - 2019-11-21 03:16 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-11 15:24 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-11 15:24 - 2019-11-21 01:48 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-11 15:24 - 2019-11-19 21:56 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-12-11 15:24 - 2019-11-19 21:44 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-12-11 15:24 - 2019-11-19 21:44 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-12-11 15:24 - 2019-11-19 21:31 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-12-11 15:24 - 2019-11-19 21:30 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-12-11 15:24 - 2019-11-19 21:29 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-12-11 15:24 - 2019-11-19 21:29 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-12-11 15:24 - 2019-11-19 21:29 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-12-11 15:24 - 2019-11-19 21:22 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-12-11 15:24 - 2019-11-19 21:21 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-12-11 15:24 - 2019-11-19 21:19 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-12-11 15:24 - 2019-11-19 21:18 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-12-11 15:24 - 2019-11-19 21:18 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-12-11 15:24 - 2019-11-19 21:18 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-12-11 15:24 - 2019-11-19 21:18 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-12-11 15:24 - 2019-11-19 21:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-12-11 15:24 - 2019-11-19 21:10 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-12-11 15:24 - 2019-11-19 21:07 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-12-11 15:24 - 2019-11-19 21:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 15:24 - 2019-11-19 21:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-12-11 15:24 - 2019-11-19 21:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-12-11 15:24 - 2019-11-19 20:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-12-11 15:24 - 2019-11-19 20:56 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-12-11 15:24 - 2019-11-19 20:54 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-12-11 15:24 - 2019-11-19 20:52 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-12-11 15:24 - 2019-11-19 20:43 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-12-11 15:24 - 2019-11-19 20:41 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-12-11 15:24 - 2019-11-19 20:41 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-12-11 15:24 - 2019-11-19 20:39 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-12-11 15:24 - 2019-11-19 20:39 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-12-11 15:24 - 2019-11-19 20:36 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-12-11 15:24 - 2019-11-19 20:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-12-11 15:24 - 2019-11-19 20:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-12-11 15:24 - 2019-11-19 20:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-12-11 15:24 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-11 15:24 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-12-11 15:24 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-12-11 15:24 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-12-11 15:24 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-12-11 15:24 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-12-11 15:24 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-12-11 15:24 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-12-11 15:24 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-12-11 15:24 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-12-11 15:24 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-12-11 15:24 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-12-11 15:24 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-12-11 15:24 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-12-11 15:24 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-12-11 15:24 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-12-11 15:24 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-12-11 15:24 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-12-11 15:24 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-12-11 15:24 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-12-11 15:24 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-12-11 15:24 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-12-11 15:24 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-12-11 15:24 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-12-11 15:24 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-12-11 15:24 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-12-11 15:24 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-12-11 15:24 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-12-11 15:24 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-12-11 15:24 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-12-11 15:24 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-11 15:24 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-11 15:24 - 2019-11-15 03:25 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-11 15:24 - 2019-11-15 03:22 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-11 15:24 - 2019-11-15 03:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-12-11 15:24 - 2019-11-15 03:06 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-11 15:24 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-12-11 15:24 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-12-11 15:24 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2019-12-11 15:24 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-12-11 15:24 - 2019-11-15 02:48 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-12-11 15:24 - 2019-11-15 02:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-11 15:24 - 2019-11-05 22:25 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-11 15:24 - 2019-10-26 01:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-07 15:00 - 2019-12-07 15:00 - 000000222 _____ C:\Users\Kema\Desktop\Euro Truck Simulator 2.url
2019-12-07 14:58 - 2020-01-04 21:56 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-07 14:58 - 2019-12-07 14:58 - 000000967 _____ C:\Users\Public\Desktop\Steam.lnk
2019-12-07 14:58 - 2019-12-07 14:58 - 000000967 _____ C:\ProgramData\Desktop\Steam.lnk
2019-12-07 14:58 - 2019-12-07 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-04 21:56 - 2019-09-13 06:08 - 000000000 ____D C:\FRST
2020-01-04 21:56 - 2018-06-03 18:22 - 000000000 ____D C:\Users\Kema\AppData\Roaming\WhatsApp
2020-01-04 19:46 - 2009-07-14 05:45 - 000030160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-04 19:46 - 2009-07-14 05:45 - 000030160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-04 19:42 - 2010-11-21 10:27 - 000668542 _____ C:\Windows\system32\perfh005.dat
2020-01-04 19:42 - 2010-11-21 10:27 - 000141202 _____ C:\Windows\system32\perfc005.dat
2020-01-04 19:42 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-04 19:42 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-01-04 19:38 - 2017-12-27 14:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-04 19:37 - 2018-08-27 03:54 - 000000000 ___RD C:\Users\Kema\Disk Google
2020-01-04 19:37 - 2017-11-17 11:36 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-04 19:37 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-04 19:36 - 2019-01-03 10:26 - 000000000 ____D C:\Users\Kema\AppData\Roaming\Samsung
2020-01-04 18:04 - 2017-11-18 01:53 - 000000000 ___RD C:\Users\Kema\Documents\Euro Truck Simulator 2
2020-01-04 13:56 - 2018-08-27 03:52 - 000000000 ____D C:\Users\Kema\GoogleDisk
2020-01-04 10:55 - 2019-10-03 17:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-04 10:55 - 2019-10-03 17:55 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-01-04 10:53 - 2018-01-27 09:51 - 000000000 ____D C:\Windows\Minidump
2020-01-04 10:53 - 2017-12-19 09:12 - 000000000 ____D C:\Users\Kema\AppData\Roaming\PhotoScape
2020-01-04 10:53 - 2017-09-23 07:45 - 000000000 ____D C:\Users\Kema\AppData\Local\CrashDumps
2020-01-04 10:52 - 2017-10-26 10:21 - 000003824 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-01-04 10:52 - 2017-07-23 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-25 17:49 - 2017-07-16 20:59 - 000000000 ____D C:\Users\Kema\AppData\Roaming\vlc
2019-12-21 14:06 - 2019-05-22 14:53 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-12-20 08:04 - 2018-09-11 13:47 - 000004040 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1536670065
2019-12-18 07:33 - 2018-09-11 13:42 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 07:33 - 2018-09-11 13:42 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-18 07:33 - 2018-09-11 13:42 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-17 07:31 - 2019-01-31 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-12-14 12:31 - 2017-07-15 08:26 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 12:31 - 2017-07-15 08:26 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 04:38 - 2018-12-22 11:54 - 000000000 ____D C:\Users\Kema\AppData\Local\WhatsApp
2019-12-13 04:38 - 2018-06-03 18:22 - 000000000 ____D C:\Users\Kema\AppData\Local\SquirrelTemp
2019-12-12 17:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-12-12 04:49 - 2019-05-22 14:53 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2019-12-12 04:34 - 2009-07-14 05:45 - 000290928 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-11 21:59 - 2017-07-15 13:16 - 000000000 ____D C:\Windows\system32\MRT
2019-12-11 21:57 - 2017-07-15 13:16 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-11 19:24 - 2017-10-23 08:30 - 000000000 ____D C:\ProgramData\TruckersMP
2019-12-10 15:30 - 2018-10-14 00:45 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-12-10 15:30 - 2018-09-11 14:16 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-12-10 15:30 - 2018-09-11 14:16 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-12-10 15:30 - 2018-09-11 14:16 - 000004536 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-10 15:30 - 2018-09-11 14:16 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-12-10 15:30 - 2018-09-11 14:16 - 000000000 ____D C:\Windows\system32\Macromed
2019-12-10 15:24 - 2018-10-14 11:35 - 000004524 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier

==================== Files in the root of some directories ========

2017-07-24 12:48 - 2019-08-29 03:49 - 000011776 _____ () C:\Users\Kema\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-05-02 03:44 - 2019-05-02 03:44 - 000000000 _____ () C:\Users\Kema\AppData\Local\oobelibMkey.log
2017-12-03 04:51 - 2019-02-27 04:50 - 000000600 _____ () C:\Users\Kema\AppData\Local\PUTTY.RND
2018-12-09 14:18 - 2019-01-27 18:57 - 000007598 _____ () C:\Users\Kema\AppData\Local\Resmon.ResmonCfg
2017-07-30 07:56 - 2017-07-30 07:56 - 000032038 _____ () C:\Users\Kema\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2019-05-17 17:08 - 2019-05-17 17:08 - 000000016 _____ () C:\Users\Kema\AppData\Local\x-plane_install_11.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-29 10:53
==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Kema (04-01-2020 21:57:05)
Running from D:\stažené soubory
Windows 7 Professional Service Pack 1 (X64) (2017-07-15 07:16:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4213312026-2111819374-3992623673-500 - Administrator - Disabled)
Guest (S-1-5-21-4213312026-2111819374-3992623673-501 - Limited - Enabled)
Kema (S-1-5-21-4213312026-2111819374-3992623673-1000 - Administrator - Enabled) => C:\Users\Kema

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
ATI Catalyst Install Manager (HKLM\...\{3FD3FC64-DA16-318E-DFD5-57466FF5FEB5}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CPUID CPU-Z 1.81.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.81.1 - ) <==== ATTENTION
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
EAGLE 9.0.0 (HKLM\...\EAGLE_is1) (Version: 9.0.0 - Autodesk, Inc.)
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e9d78d68-c26c-4da7-9158-99355d8ef3ad}) (Version: 14.10.25017.0 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
ON_OFF Charge 2 B18.1203.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.18.1203.1 - GIGABYTE) Hidden
ON_OFF Charge 2 B18.1203.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.18.1203.1 - GIGABYTE)
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PDF Editor 64bit 5 (HKLM\...\PDF Editor 64bit 5) (Version: - )
PDF Editor verze 1.5 (HKLM-x32\...\PDF Editor_is1) (Version: 1.5 - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Skype verze 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.2558 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Trust Webcam (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1211.103 - Sonix)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\...\WhatsApp) (Version: 0.3.9309 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Device Recovery Tool 3.12.24302 (HKLM-x32\...\{d4bcfd3c-d535-406b-ae50-9cb33686933e}) (Version: 3.12.24302 - Microsoft)
Windows Phone app for desktop (HKLM-x32\...\{CE9BDD0F-BAF3-474D-B6D8-15B84BDAB229}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2017-07-16 11:53 - 2014-09-09 12:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 000114176 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\_ctypes.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000173056 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\_elementtree.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 001808896 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\_hashlib.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000032256 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\_multiprocessing.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000046080 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\_psutil_windows.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000047616 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\_socket.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 002241024 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\_ssl.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000026112 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\_yappi.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000080896 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\bz2.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000016384 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\common.time34.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000007680 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\hashobjs_ext.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000301568 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\PIL._imaging.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000169472 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\pyexpat.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 001084416 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\pysqlite2._sqlite.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000548864 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\pythoncom27.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 000137728 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\pywintypes27.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 000010752 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\select.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000020992 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\thumbnails_ext.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000689664 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\unicodedata.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000119808 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\usb_ext.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000128512 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32api.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000438784 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32com.shell.shell.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000011776 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32crypt.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000023040 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32event.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000149504 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32file.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000223232 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32gui.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000048128 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32inet.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000029696 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32pdh.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000027648 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32pipe.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000044032 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32process.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000020480 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32profile.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000136192 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32security.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000026624 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\win32ts.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000034816 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\windows.conditional.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000038400 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\windows.connectivity.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000071680 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\windows.device_monitor.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000109056 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\windows.volumes.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000020480 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\windows.winwrap.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 001325056 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wx._controls_.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 001489408 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wx._core_.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 001007104 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wx._gdi_.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000103424 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wx._html2.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 000916992 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wx._misc_.pyd
2020-01-04 19:37 - 2020-01-04 19:37 - 001039872 _____ () [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wx._windows_.pyd
2017-12-10 00:48 - 2017-10-27 17:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\python27.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wxbase30u_net_vc90_x64.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wxbase30u_vc90_x64.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wxmsw30u_adv_vc90_x64.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wxmsw30u_core_vc90_x64.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wxmsw30u_html_vc90_x64.dll
2020-01-04 19:37 - 2020-01-04 19:37 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Kema\AppData\Local\Temp\_MEI26842\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: EAGLESCR => "D:\EAGLE 9.0.0\eagle.exe" -C "" "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\PuTTY\
HKU\S-1-5-21-4213312026-2111819374-3992623673-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kema\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^Users^Kema^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "D:\adobe\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "D:\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SandboxieControl => "D:\sandbox\SbieCtrl.exe"
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: snpstd3 => C:\Windows\vsnpstd3.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: tsnpstd3 => C:\Windows\tsnpstd3.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{1D2AAB75-608C-44CE-AD62-9CD60E0F9877}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{39F1A2C3-7285-4247-AD32-BE407E4553AD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{21D6001C-5705-46BF-9C4F-BCE0565376A4}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [TCP Query User{3382E061-2CF3-45A9-8C89-6265A03D9115}D:\dreambox\dreambox 800hdse\dcc-e2 - 1.50\dcc_e2.exe] => (Allow) D:\dreambox\dreambox 800hdse\dcc-e2 - 1.50\dcc_e2.exe (BernyR) [File not signed]
FirewallRules: [UDP Query User{F6F1F781-4D22-4713-9FBE-0AFFDB4A5F10}D:\dreambox\dreambox 800hdse\dcc-e2 - 1.50\dcc_e2.exe] => (Allow) D:\dreambox\dreambox 800hdse\dcc-e2 - 1.50\dcc_e2.exe (BernyR) [File not signed]
FirewallRules: [{E6EA313F-D115-4CA5-BA5D-E68FB3A53156}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{0A9D2BAD-7750-47EC-81C9-5E098A4BD382}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5BE5DBE8-699A-45F7-B6C1-9878625804B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{696339FF-E59A-4FE6-B3AC-AFF6E351D0D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{94DE0AAC-8F9E-496F-80E3-B2A9D496F56C}] => (Allow) D:\Games\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BC45CC7F-E14D-4BC8-980A-9671C64A6746}] => (Allow) D:\Games\steamapps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{3F5885DB-F14A-4F53-94EE-239C8EFECE95}C:\users\kema\downloads\dcc_e2.exe] => (Allow) C:\users\kema\downloads\dcc_e2.exe (BernyR) [File not signed]
FirewallRules: [UDP Query User{93FF3763-CA9F-4323-AEE2-DBCDEEC20B3C}C:\users\kema\downloads\dcc_e2.exe] => (Allow) C:\users\kema\downloads\dcc_e2.exe (BernyR) [File not signed]
FirewallRules: [{8763AF62-0C0F-4DE3-A6D3-62ACE9D71E9A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BBE88D34-4E2A-4797-A89E-392FCF9666E7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C7B311B5-0712-49DC-AE47-8CC70E82A671}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D7CBE43F-3450-479D-A10A-6377BFC9B2B0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{14BD5AC8-4394-4F2D-B8CE-26921D51EE6F}E:\program na editaci a prohlížení souborů v boxu\dcc_e2.exe] => (Block) E:\program na editaci a prohlížení souborů v boxu\dcc_e2.exe No File
FirewallRules: [UDP Query User{A06204E2-B2B9-4A8D-AD94-A4329AF890DD}E:\program na editaci a prohlížení souborů v boxu\dcc_e2.exe] => (Block) E:\program na editaci a prohlížení souborů v boxu\dcc_e2.exe No File
FirewallRules: [{6BD7594A-3D04-47EA-8354-5E36E5B8A88F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{0D1E5C8A-63C1-4F4B-8DB5-B803B58E3529}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A79F1A10-6406-42C0-9809-CA719DB206C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{68484D23-2A4E-4523-BBA4-D76A4CBF378A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C18943E0-0951-4166-9A63-37EC8D184D4D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8B7EE140-309C-409E-960B-9E909A63185E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5C2B010-0CDA-4784-9B15-E956AAA6889E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{65023FD0-1352-4C44-8589-C3CC2711E766}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{48C3C330-AF00-4A76-916A-96816788A3B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9DB29FBB-61D6-4CEF-B56C-2E5C28BF958B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{6823C66E-0693-4727-AEE6-DDDCE7B523FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

==================== Restore Points =========================

10-12-2019 15:25:32 Windows Update
11-12-2019 21:57:23 Windows Update
12-12-2019 04:38:38 Windows Update
17-12-2019 07:35:36 Windows Update
20-12-2019 07:58:14 Windows Update
23-12-2019 18:39:31 Windows Update
27-12-2019 12:49:26 Windows Update
02-01-2020 08:21:20 Windows Update
04-01-2020 10:54:57 Removed Lumia UEFI Blue Driver
04-01-2020 19:36:47 AdwCleaner_BeforeCleaning_04/01/2020_19:36:47

==================== Faulty Device Manager Devices ============

Name: Řadič USB (Universal Serial Bus)
Description: Řadič USB (Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/04/2020 07:37:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/04/2020 10:43:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/04/2020 10:21:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2020 08:58:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RB_1.4.84.30.exe, verze: 2.7.22.25, časové razítko: 0x5a3200ff
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24540, časové razítko: 0x5ddf3f1e
Kód výjimky: 0xc0000005
Posun chyby: 0x0004ebc3
ID chybujícího procesu: 0x94
Čas spuštění chybující aplikace: 0x01d5c27028099671
Cesta k chybující aplikaci: C:\Windows\SysWOW64\Microsoft\Protect\S-1-84-54\RB_1.4.84.30.exe
Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID zprávy: 67e7e643-2e63-11ea-9595-fcaa141acbfa

Error: (01/03/2020 09:08:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/02/2020 08:43:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TiWorker.exe, verze: 4.1.0.0, časové razítko: 0x593a0b3e
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.24540, časové razítko: 0x5ddf3fa1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000aa4d9
ID chybujícího procesu: 0x76c
Čas spuštění chybující aplikace: 0x01d5c13e3d015be0
Cesta k chybující aplikaci: C:\Windows\SysWOW64\ru-RU\S-1-5-94\TiWorker.exe
Cesta k chybujícímu modulu: C:\Windows\system32\kernel32.dll
ID zprávy: 949e75a9-2d33-11ea-ac05-fcaa141acbfa

Error: (01/02/2020 08:15:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/01/2020 05:02:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: googleearth.exe, verze: 7.3.2.5776, časové razítko: 0x5c7dc975
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.1.0, časové razítko: 0x5b015a11
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001b05bb
ID chybujícího procesu: 0x1534
Čas spuštění chybující aplikace: 0x01d5c0ba9c1a0ba7
Cesta k chybující aplikaci: C:\Program Files\Google\Google Earth Pro\client\googleearth.exe
Cesta k chybujícímu modulu: C:\Program Files\Google\Google Earth Pro\client\Qt5Core.dll
ID zprávy: 12f6b802-2cb0-11ea-b9c7-fcaa141acbfa


System errors:
=============
Error: (01/04/2020 07:38:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
UsbCharger

Error: (01/04/2020 07:37:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EUTRON SmartKey Parallel Driver neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (01/04/2020 07:37:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Windows\SysWow64\Drivers\eusk2par.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (01/04/2020 07:36:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/04/2020 07:36:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/04/2020 07:36:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WMI Performance Adapter byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/04/2020 07:36:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/04/2020 07:36:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2018-06-21 05:01:36.996
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{15CA367C-2B12-4E0A-897C-2E7EBC6624F8}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Kema-PC\Kema

Date: 2019-12-13 21:02:35.988
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x8050a005
Popis chyby:V programu nelze najít soubory definic, které pomáhají rozpoznat nežádoucí software. Zkontrolujte aktualizace definičních souborů a opakujte akci. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze podpisu:1.307.13.0
Verze modulu:1.1.16600.7

Date: 2019-12-13 21:02:35.083
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Verze podpisu:1.307.204.0
Verze modulu:1.1.16600.7

Date: 2019-12-13 21:01:31.003
Description:
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2017-07-19 04:44:28.322
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.247.990.0
Verze modulu:1.1.13903.0

==================== Memory info ===========================

BIOS: American Megatrends Inc. FC 08/11/2015
Motherboard: Gigabyte Technology Co., Ltd. H81M-S2PV
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 36%
Total physical RAM: 8158.32 MB
Available physical RAM: 5144.36 MB
Total Virtual: 16314.79 MB
Available Virtual: 13322.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.44 GB) (Free:112.7 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Fotky) (Fixed) (Total:465.76 GB) (Free:122.19 GB) NTFS

\\?\Volume{bb4d4bad-692c-11e7-89dd-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: E30CE30C)
Partition 1: (Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0367C0E6)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Záhadný pád do modré smrti

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start:

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Task: {35A3D979-7367-4495-A684-AE4BE62C7410} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-15] (Google Inc -> Google Inc.)
Task: {9C9B4C32-BF6F-4C61-8B78-AA24D147AD6B} - System32\Tasks\{AA7F488A-E2ED-40A0-9A4C-B39DBF142DF4} => C:\Windows\system32\pcalua.exe -a C:\Users\Kema\Downloads\F-DCDATA-2017W.exe -d C:\Users\Kema\Downloads
Task: {A470041B-6305-482E-9E7E-22B0021D675C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-15] (Google Inc -> Google Inc.)
Task: {B826EC51-7281-447B-8AE2-E484BE24B5CE} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineUP => C:\Windows\SysWOW64\Microsoft\Protect\S-1-84-54\RB_1.4.84.30.exe (Access Denied) <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Kema\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Kema\AppData\Local\Temp
HKLM\...\.scr: EAGLESCR => "D:\EAGLE 9.0.0\eagle.exe" -C "" "%1" <==== ATTENTION
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File

EmptyTemp:
End
Uložte do D:\stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Kema1962
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 03 črc 2016 06:11

Re: Záhadný pád do modré smrti

#9 Příspěvek od Kema1962 »

Dobrý den.

Tak zde je ten výsledný log.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Kema (05-01-2020 12:31:06) Run:3
Running from D:\stažené soubory
Loaded Profiles: Kema (Available Profiles: Kema)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start:

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Task: {35A3D979-7367-4495-A684-AE4BE62C7410} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-15] (Google Inc -> Google Inc.)
Task: {9C9B4C32-BF6F-4C61-8B78-AA24D147AD6B} - System32\Tasks\{AA7F488A-E2ED-40A0-9A4C-B39DBF142DF4} => C:\Windows\system32\pcalua.exe -a C:\Users\Kema\Downloads\F-DCDATA-2017W.exe -d C:\Users\Kema\Downloads
Task: {A470041B-6305-482E-9E7E-22B0021D675C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-15] (Google Inc -> Google Inc.)
Task: {B826EC51-7281-447B-8AE2-E484BE24B5CE} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineUP => C:\Windows\SysWOW64\Microsoft\Protect\S-1-84-54\RB_1.4.84.30.exe (Access Denied) <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Kema\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Kema\AppData\Local\Temp
HKLM\...\.scr: EAGLESCR => "D:\EAGLE 9.0.0\eagle.exe" -C "" "%1" <==== ATTENTION
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35A3D979-7367-4495-A684-AE4BE62C7410}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35A3D979-7367-4495-A684-AE4BE62C7410}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C9B4C32-BF6F-4C61-8B78-AA24D147AD6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C9B4C32-BF6F-4C61-8B78-AA24D147AD6B}" => removed successfully
C:\Windows\System32\Tasks\{AA7F488A-E2ED-40A0-9A4C-B39DBF142DF4} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AA7F488A-E2ED-40A0-9A4C-B39DBF142DF4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A470041B-6305-482E-9E7E-22B0021D675C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A470041B-6305-482E-9E7E-22B0021D675C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B826EC51-7281-447B-8AE2-E484BE24B5CE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B826EC51-7281-447B-8AE2-E484BE24B5CE}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineUP => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Google\GoogleUpdateTaskMachineUP" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Kema\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\Kema\AppData\Local\Temp" folder move:

Could not move "C:\Users\Kema\AppData\Local\Temp" => Scheduled to move on reboot.

HKLM\Software\Classes\.scr\\"Default"="scrfile" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP-NoScope" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18294696 B
Java, Flash, Steam htmlcache => 31027019 B
Windows/system/drivers => 4125143 B
Edge => 0 B
Chrome => 393922919 B
Firefox => 0 B
Opera => 4056648 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
Kema => 165066848 B

RecycleBin => 0 B
EmptyTemp: => 595.9 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-01-2020 12:32:52)

C:\Users\Kema\AppData\Local\Temp => moved successfully

==== End of Fixlog 12:32:53 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Záhadný pád do modré smrti

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Kema1962
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 03 črc 2016 06:11

Re: Záhadný pád do modré smrti

#11 Příspěvek od Kema1962 »

Počítač se chová zatím zcela normálně.
Zatím jsem nezaznamenal nějaké anomálie.
Tak snad to bude saze v pořádku.
Kdyby něco tak napíši.
Děkuji MOC.
Hezký den.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Záhadný pád do modré smrti

#12 Příspěvek od Rudy »

OK. Hezký den i vám a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno