PC-HELP.CZ

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:30, on 01.07.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)

Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Aida64 Extreme\aida64.exe
C:\Program Files\Avast Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Users\JitKae\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\MMon2.exe
E:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [MsiDS100gmmouseRun] "C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\mmon2.exe" -runauto
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\JitKae\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Avast Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESLoadService - TODO: <Company name> - C:\Program Files (x86)\EaseUS\EaseUS MobiMover\bin\ESLoadService.exe
O23 - Service: ET Gaming Mouse Service (ETGMGlcsSrv) - Unknown owner - C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\ETGMSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 8996 bytes

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.0
# -------------------------------
# Build: 06-26-2018
# Database: 2018-07-02.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-02-2018
# Duration: 00:00:09
# OS: Windows 10 Pro
# Scanned: 41359
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 02.07.18
Čas skenování: 20:28
Logovací soubor: b707339f-7e25-11e8-9a60-448a5bd84aec.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.374
Aktualizovat verzi balíku komponent: 1.0.5731
Licence: Premium

-Systémová informace-
OS: Windows 10 (Build 17134.137)
CPU: x64
Systém souborů: NTFS
Uživatel: HOME-PC\JitKae

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 280974
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 0 min, 24 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/

Jsou nějaké problémy?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by JitKae (Administrator) on 02.07.2018 at 21:05:51,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.07.2018 at 21:07:27,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2018-07-02 19:08:12.800 Sophos Virus Removal Tool version 2.6.1
2018-07-02 19:08:12.800 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2018-07-02 19:08:12.800 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2018-07-02 19:08:12.800 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64
2018-07-02 19:08:12.800 Checking for updates...
2018-07-02 19:08:12.831 Update progress: proxy server not available
2018-07-02 19:08:20.804 Option all = no
2018-07-02 19:08:20.804 Option recurse = yes
2018-07-02 19:08:20.804 Option archive = no
2018-07-02 19:08:20.804 Option service = yes
2018-07-02 19:08:20.804 Option confirm = yes
2018-07-02 19:08:20.804 Option sxl = yes
2018-07-02 19:08:20.804 Option max-data-age = 35
2018-07-02 19:08:20.804 Option vdl-logging = yes
2018-07-02 19:08:20.804 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-07-02 19:08:20.804 Machine ID: 71dfb5c634924ab4ae2677edc9749384
2018-07-02 19:08:20.804 Component SVRTcli.exe version 2.6.1
2018-07-02 19:08:20.804 Component control.dll version 2.6.1
2018-07-02 19:08:20.804 Component SVRTservice.exe version 2.6.1
2018-07-02 19:08:20.804 Component engine\osdp.dll version 1.44.1.2286
2018-07-02 19:08:20.804 Component engine\veex.dll version 3.68.6.2286
2018-07-02 19:08:20.819 Component engine\savi.dll version 9.0.7.2286
2018-07-02 19:08:20.819 Component rkdisk.dll version 1.5.31.1
2018-07-02 19:08:20.819 Version info: Product version 2.6.1
2018-07-02 19:08:20.819 Version info: Detection engine 3.68.6
2018-07-02 19:08:20.819 Version info: Detection data 5.40
2018-07-02 19:08:20.819 Version info: Build date 30.05.2017
2018-07-02 19:08:20.819 Version info: Data files added 542
2018-07-02 19:08:20.819 Version info: Last successful update (not yet updated)
2018-07-02 19:08:45.725 Downloading updates...
2018-07-02 19:08:45.725 Update progress: [I96736] sdds.svrt_v1.1: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2018-07-02 19:08:45.725 Update progress: [I95020] sdds.svrt_v1.1: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-07-02 19:08:45.725 Update progress: [I22529] sdds.svrt_v1.1: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-07-02 19:08:45.725 Update progress: [I49502] sdds.savi_v551_v3686.1.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2018-07-02 19:08:45.725 Update progress: [I95020] sdds.savi_v551_v3686.1.xml: looking for packages included from product SAVIW32 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I22529] sdds.savi_v551_v3686.1.xml: looking for supplements included from product SAVIW32 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I49502] sdds.data0910.xml: found supplement IDE552 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2018-07-02 19:08:45.725 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE552 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE552 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I49502] sdds.data0910.xml: found supplement IDE553 LATEST path= baseVersion= [included from product IDE552 LATEST path=]
2018-07-02 19:08:45.725 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE553 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE553 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I49502] sdds.data0910.xml: found supplement IDE554 LATEST path= baseVersion= [included from product IDE553 LATEST path=]
2018-07-02 19:08:45.725 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE554 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE554 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I49502] sdds.data0910.xml: found supplement IDE555 LATEST path= baseVersion= [included from product IDE554 LATEST path=]
2018-07-02 19:08:45.725 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE555 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE555 LATEST path=
2018-07-02 19:08:45.725 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-07-02 19:08:46.084 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2018-07-02 19:08:46.084 Update progress: [I19463] Product download size 194032015 bytes
2018-07-02 19:09:47.146 Update progress: [I19463] Syncing product IDE552 LATEST path=
2018-07-02 19:09:47.146 Update progress: [I19463] Product download size 3032962 bytes
2018-07-02 19:10:06.726 Update progress: [I19463] Syncing product IDE553 LATEST path=
2018-07-02 19:10:06.726 Update progress: [I19463] Product download size 2250332 bytes
2018-07-02 19:10:20.601 Update progress: [I19463] Syncing product IDE554 LATEST path=
2018-07-02 19:10:20.601 Update progress: [I19463] Product download size 1460825 bytes
2018-07-02 19:10:25.335 Update progress: [I19463] Syncing product IDE555 LATEST path=
2018-07-02 19:10:25.414 Installing updates...
2018-07-02 19:10:26.039 Error level 1
2018-07-02 19:10:29.429 Update successful
2018-07-02 19:10:36.051 Option all = no
2018-07-02 19:10:36.051 Option recurse = yes
2018-07-02 19:10:36.051 Option archive = no
2018-07-02 19:10:36.051 Option service = yes
2018-07-02 19:10:36.051 Option confirm = yes
2018-07-02 19:10:36.051 Option sxl = yes
2018-07-02 19:10:36.051 Option max-data-age = 35
2018-07-02 19:10:36.051 Option vdl-logging = yes
2018-07-02 19:10:36.051 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-07-02 19:10:36.051 Machine ID: 71dfb5c634924ab4ae2677edc9749384
2018-07-02 19:10:36.067 Component SVRTcli.exe version 2.6.1
2018-07-02 19:10:36.067 Component control.dll version 2.6.1
2018-07-02 19:10:36.067 Component SVRTservice.exe version 2.6.1
2018-07-02 19:10:36.067 Component engine\osdp.dll version 1.44.1.2286
2018-07-02 19:10:36.067 Component engine\veex.dll version 3.68.6.2286
2018-07-02 19:10:36.067 Component engine\savi.dll version 9.0.7.2286
2018-07-02 19:10:36.067 Component rkdisk.dll version 1.5.31.1
2018-07-02 19:10:36.067 Version info: Product version 2.6.1
2018-07-02 19:10:36.067 Version info: Detection engine 3.68.6
2018-07-02 19:10:36.067 Version info: Detection data 5.51
2018-07-02 19:10:36.067 Version info: Build date 15.05.2018
2018-07-02 19:10:36.067 Version info: Data files added 299
2018-07-02 19:10:36.067 Version info: Last successful update 02.07.2018 21:10:29

2018-07-02 19:16:03.675 Could not open C:\hiberfil.sys
2018-07-02 19:16:03.675 Could not open C:\pagefile.sys
2018-07-02 19:20:23.127 Could not open C:\swapfile.sys
2018-07-02 19:21:11.202 Could not open C:\Users\JitKae\AppData\Roaming\Opera Software\Opera Stable\Current Session
2018-07-02 19:21:11.202 Could not open C:\Users\JitKae\AppData\Roaming\Opera Software\Opera Stable\Current Tabs
2018-07-02 19:23:31.220 Could not open C:\Windows\System32\config\BBI
2018-07-02 19:23:31.251 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2018-07-02 19:23:31.251 Could not open C:\Windows\System32\config\RegBack\SAM
2018-07-02 19:23:31.251 Could not open C:\Windows\System32\config\RegBack\SECURITY
2018-07-02 19:23:31.251 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2018-07-02 19:23:31.251 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2018-07-02 19:49:29.610 >>> Virus 'Mal/Generic-S' found in file D:\__Zaloha DiskE 17-08-2017\X____Instalace\MalwareBytes\URET 1.7\URET NFO v2.2.exe
2018-07-02 19:49:29.611 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1169072027-563865220-1595250771-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2103
2018-07-02 19:49:29.611 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1169072027-563865220-1595250771-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2103
2018-07-02 20:10:05.566 >>> Virus 'Mal/Generic-S' found in file E:\X____Instalace\MalwareBytes\URET 1.7\URET NFO v2.2.exe
2018-07-02 20:10:05.566 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1169072027-563865220-1595250771-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2103
2018-07-02 20:10:05.566 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1169072027-563865220-1595250771-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2103
2018-07-02 20:16:24.695 The following items will be cleaned up:
2018-07-02 20:16:24.695 Mal/Generic-S
2018-07-02 20:21:24.860 Threat 'Mal/Generic-S' has been cleaned up.
2018-07-02 20:21:24.860 File "D:\__Zaloha DiskE 17-08-2017\X____Instalace\MalwareBytes\URET 1.7\URET NFO v2.2.exe" belongs to malware 'Mal/Generic-S'.
2018-07-02 20:21:24.860 File "D:\__Zaloha DiskE 17-08-2017\X____Instalace\MalwareBytes\URET 1.7\URET NFO v2.2.exe" has been cleaned up.
2018-07-02 20:21:24.860 File "E:\X____Instalace\MalwareBytes\URET 1.7\URET NFO v2.2.exe" belongs to malware 'Mal/Generic-S'.
2018-07-02 20:21:24.860 File "E:\X____Instalace\MalwareBytes\URET 1.7\URET NFO v2.2.exe" has been cleaned up.
2018-07-02 20:21:24.860 Removal successful
2018-07-02 20:21:25.421 Error level 0

2018-07-02 20:21:47.220 Scan completed.
2018-07-02 20:21:47.220

------------------------------------------------------------

RogueKiller V12.12.25.0 (x64) [Jul 2 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.17134) 64 bits version
Spuštěno : Normální režim
Uživatel : JitKae [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mód : Prohledat -- Datum : 07/02/2018 22:23:59 (Duration : 00:22:00)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1169072027-563865220-1595250771-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1169072027-563865220-1595250771-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A120G +++++
--- User ---
[MBR] 53fb1fa757064064ba982fc2eb4e294d
[BSP] 936ca4896f6de33afde5d8c1c5c01078 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 450 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 923648 | Size: 100 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1128448 | Size: 16 MB
3 - Basic data partition | Offset (sectors): 1161216 | Size: 113906 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD10EADS-00L5B1 +++++
--- User ---
[MBR] ba84558db93fd09c8ad21e3c638ebe86
[BSP] b0b35ab5779a131df22c69e2b03a0de7 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953866 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD10EADS-00L5B1 +++++
--- User ---
[MBR] 5fa1a7ef87258eccf6d6316f6541181e
[BSP] f31bdfed9d48531e5f4c6fb671de8bc9 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

____________________________________________________________
____________________________________________________________

Problémy s PC nemám vůbec žádné, jen hledám důvod proč se mi na sítovém disku stále objevují stovky souborů Photo.scr... viz téma: viewtopic.php?f=47&t=200112

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.

Vlož nový log z HJT

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by JitKae on 03.07.2018 at 18:52:37,72.
Microsoft Windows 10 Pro 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JitKae\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

03.07.2018 18:53:54 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\EMM deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\JitKae\AppData\Local\D3DSCache deleted successfully
C:\Users\JitKae\AppData\Local\DBG deleted successfully
C:\Users\JitKae\AppData\Local\GHISLER deleted successfully
C:\Users\JitKae\AppData\Local\PeerDistRepub deleted successfully
C:\Users\JitKae\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\Users\JitKae\AppData\Local\VirtualStore deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\JitKae\.android deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
"C:\Users\JitKae\AppData\Local\AVAST Software\APM\kv_pam.db" not deleted
"C:\Users\JitKae\AppData\Local\AVAST Software\APM\kv_pamcore.db" not deleted
"C:\Users\JitKae\AppData\Local\AVAST Software\APM\kv_pampub.db" not deleted
"C:\Users\JitKae\AppData\Local\AVAST Software\APM\pam.db" not deleted
"C:\Users\JitKae\AppData\Local\AVAST Software" not deleted
"C:\Users\JitKae\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\JitKae\AppData\Local\AVAST Software\Avast" not deleted
"C:\Users\JitKae\AppData\Local\AVAST Software\Avast\Bodyguard" not deleted

==== Firefox XPI-files found: ======================

- __MSG_avastAppName__ - C:\Program Files\Avast Software\Avast\SafePrice\FF\sp@avast.com.xpi
- Avast Online Security - C:\Program Files\Avast Software\Avast\WebRep\FF\wrc@avast.com.xpi

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\JitKae\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\JitKae\Appdata\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\JitKae\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\JitKae\Appdata\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JitKae\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JitKae\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JitKae\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\JitKae\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache is not empty, a reboot is needed

==== Empty Chrome Cache ======================

C:\Users\JitKae\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=43 folders=50 44616902 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\JitKae\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\JitKae\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\JitKae\AppData\Local\AVAST Software\APM\kv_pam.db" not found
"C:\Users\JitKae\AppData\Local\AVAST Software\APM\kv_pamcore.db" not found
"C:\Users\JitKae\AppData\Local\AVAST Software\APM\kv_pampub.db" not found
"C:\Users\JitKae\AppData\Local\AVAST Software\APM\pam.db" not found
"C:\Users\JitKae\AppData\Local\AVAST Software" not found
"C:\Users\JitKae\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge" not found
"C:\Users\JitKae\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp" not found

==== EOF on 03.07.2018 at 19:17:57,43 ======================

Zemana AntiMalware 2.74.2.150 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2018.7.3
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
BIOS Mode : UEFI
CUID : 120B54848E85A01F87D9B8
Scan Type : Skenování systému
Duration : 0m 56s
Scanned Objects : 67594
Detected Objects : 0
Excluded Objects : 0
Read Level : Normal
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Nebyly zjištěny žádné hrozby

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:28:19, on 03.07.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)

Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Aida64 Extreme\aida64.exe
C:\Program Files\Avast Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Users\JitKae\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\MMon2.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Users\JitKae\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [MsiDS100gmmouseRun] "C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\mmon2.exe" -runauto
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\JitKae\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Avast Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESLoadService - Unknown owner - C:\Program Files (x86)\EaseUS\EaseUS MobiMover\bin\ESLoadService.exe (file missing)
O23 - Service: ET Gaming Mouse Service (ETGMGlcsSrv) - Unknown owner - C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\ETGMSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 9221 bytes

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by JitKae (administrator) on HOME-PC (03-07-2018 19:31:08)
Running from C:\Users\JitKae\Desktop
Loaded Profiles: JitKae (Available Profiles: JitKae)
Platform: Windows 10 Pro Version 1803 17134.137 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\ETGMSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(FinalWire Ltd.) C:\Program Files (x86)\Aida64 Extreme\aida64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
() C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\MMon2.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575256 2014-05-12] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [242904 2018-07-01] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [MsiDS100gmmouseRun] => C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\mmon2.exe [3698176 2014-03-10] ()
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1169072027-563865220-1595250771-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-1169072027-563865220-1595250771-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-1169072027-563865220-1595250771-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-1169072027-563865220-1595250771-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ebe0afb-3616-4201-9fb5-84e441b483f3}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1169072027-563865220-1595250771-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1169072027-563865220-1595250771-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1169072027-563865220-1595250771-1001 -> hxxp://www.seznam.cz/

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-06-13] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-06-13] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-01] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [322464 2018-07-01] (AVAST Software)
R2 ETGMGlcsSrv; C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\ETGMSrv.exe [1181544 2012-04-24] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-27] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S3 ESLoadService; "C:\Program Files (x86)\EaseUS\EaseUS MobiMover\bin\ESLoadService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AIDA64Driver; C:\Program Files (x86)\Aida64 Extreme\kerneld.x64 [45696 2018-03-27] ()
S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-07-01] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-07-01] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-07-01] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-07-01] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-07-01] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-07-01] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-07-01] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-07-01] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-07-01] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-07-01] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-07-01] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-07-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [463080 2018-07-01] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-07-01] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-07-01] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-05-24] (Malwarebytes)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-04-12] (Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-07-01] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112872 2018-07-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-07-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103656 2018-07-03] (Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_38c9bee769f9ef1f\nvlddmkm.sys [17168744 2018-05-08] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31200 2018-05-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-03-15] (NVIDIA Corporation)
R3 usbglcs1100302; C:\WINDOWS\system32\drivers\usbglcs1100302.sys [25600 2012-04-24] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46592 2018-06-27] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-06-27] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-27] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-07-03] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-07-03] (Zemana Ltd.)
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-03 19:31 - 2018-07-03 19:31 - 000013364 _____ C:\Users\JitKae\Desktop\FRST.txt
2018-07-03 19:30 - 2018-07-03 19:31 - 000000000 ____D C:\FRST
2018-07-03 19:29 - 2018-07-03 19:29 - 002412544 _____ (Farbar) C:\Users\JitKae\Desktop\FRST64.exe
2018-07-03 19:26 - 2018-07-03 19:26 - 000388608 _____ (Trend Micro Inc.) C:\Users\JitKae\Desktop\HijackThis.exe
2018-07-03 19:21 - 2018-07-03 19:31 - 000011873 _____ C:\WINDOWS\ZAM.krnl.trace
2018-07-03 19:21 - 2018-07-03 19:31 - 000009420 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-07-03 19:21 - 2018-07-03 19:21 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2018-07-03 19:21 - 2018-07-03 19:21 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2018-07-03 19:21 - 2018-07-03 19:21 - 000001217 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-07-03 19:21 - 2018-07-03 19:21 - 000000000 ____D C:\Users\JitKae\AppData\Local\Zemana
2018-07-03 19:21 - 2018-07-03 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-07-03 19:21 - 2018-07-03 19:21 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-07-03 19:20 - 2018-07-03 19:20 - 006625600 _____ (Zemana Ltd. ) C:\Users\JitKae\Desktop\Zemana.AntiMalware.Setup.exe
2018-07-03 19:18 - 2018-07-03 19:18 - 000000000 ___HD C:\OneDriveTemp
2018-07-03 19:18 - 2018-07-03 19:18 - 000000000 ____D C:\Users\JitKae\AppData\Local\AVAST Software
2018-07-03 19:17 - 2018-07-03 19:17 - 000000000 ____D C:\Users\JitKae\AppData\Local\VirtualStore
2018-07-03 19:17 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2018-07-03 18:52 - 2018-07-03 19:12 - 000000000 ____D C:\zoek_backup
2018-07-03 18:52 - 2018-07-03 18:50 - 002038755 _____ C:\Users\JitKae\Desktop\zoek.exe
2018-07-02 23:03 - 2018-07-02 23:03 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-07-02 22:24 - 2018-07-02 22:24 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-07-01 18:10 - 2018-07-03 19:18 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-07-01 18:10 - 2018-07-03 19:17 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-07-01 18:10 - 2018-07-03 19:17 - 000112872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-07-01 18:10 - 2018-07-03 19:17 - 000103656 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-07-01 18:10 - 2018-07-01 18:10 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-07-01 18:10 - 2018-07-01 18:10 - 000001912 _____ C:\Users\Public\Desktop\Malware Bytes.lnk
2018-07-01 18:10 - 2018-07-01 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MalwareBytes
2018-07-01 10:31 - 2018-07-01 10:32 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1169072027-563865220-1595250771-1001
2018-07-01 10:31 - 2018-07-01 10:32 - 000002390 _____ C:\Users\JitKae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-01 10:31 - 2018-07-01 10:31 - 000002323 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-01 10:31 - 2018-07-01 10:31 - 000002323 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-01 10:31 - 2018-07-01 10:31 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2018-07-01 08:14 - 2018-06-15 19:55 - 002266016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-07-01 08:14 - 2018-06-15 19:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-01 08:14 - 2018-06-15 19:54 - 000541600 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-01 08:14 - 2018-06-15 19:53 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-01 08:14 - 2018-06-15 19:53 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-01 08:14 - 2018-06-15 19:50 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-01 08:14 - 2018-06-15 19:49 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-01 08:14 - 2018-06-15 19:48 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-01 08:14 - 2018-06-15 19:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-01 08:14 - 2018-06-15 19:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-01 08:14 - 2018-06-15 19:34 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-01 08:14 - 2018-06-15 19:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-01 08:14 - 2018-06-15 19:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-01 08:14 - 2018-06-15 19:33 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-01 08:14 - 2018-06-15 19:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-01 08:14 - 2018-06-15 19:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-01 08:14 - 2018-06-15 19:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-01 08:14 - 2018-06-15 19:32 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-01 08:14 - 2018-06-15 19:32 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2018-07-01 08:14 - 2018-06-15 19:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2018-07-01 08:14 - 2018-06-15 19:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-01 08:14 - 2018-06-15 19:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-01 08:14 - 2018-06-15 19:31 - 002193920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2018-07-01 08:14 - 2018-06-15 19:31 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-01 08:14 - 2018-06-15 19:31 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-01 08:14 - 2018-06-15 19:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-01 08:14 - 2018-06-15 19:31 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-01 08:14 - 2018-06-15 19:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-01 08:14 - 2018-06-15 19:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-01 08:14 - 2018-06-15 19:30 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-01 08:14 - 2018-06-15 19:30 - 001186816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2018-07-01 08:14 - 2018-06-15 19:30 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2018-07-01 08:14 - 2018-06-15 19:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-01 08:14 - 2018-06-15 19:30 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-01 08:14 - 2018-06-15 19:30 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-01 08:14 - 2018-06-15 19:30 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-01 08:14 - 2018-06-15 19:30 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-07-01 08:14 - 2018-06-15 19:30 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-01 08:14 - 2018-06-15 19:30 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-07-01 08:14 - 2018-06-15 19:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-01 08:14 - 2018-06-15 19:29 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-01 08:14 - 2018-06-15 19:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-01 08:14 - 2018-06-15 19:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-01 08:14 - 2018-06-15 19:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-01 08:14 - 2018-06-15 19:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-01 08:14 - 2018-06-15 19:29 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-01 08:14 - 2018-06-15 19:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-01 08:14 - 2018-06-15 19:28 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-01 08:14 - 2018-06-15 19:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-01 08:14 - 2018-06-15 19:03 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2018-07-01 08:14 - 2018-06-15 19:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2018-07-01 08:14 - 2018-06-15 17:57 - 001538976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-07-01 08:14 - 2018-06-15 17:25 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-01 08:14 - 2018-06-15 17:22 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-01 08:14 - 2018-06-15 17:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-01 08:14 - 2018-06-15 17:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-01 08:14 - 2018-06-15 17:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-01 08:14 - 2018-06-15 17:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-01 08:14 - 2018-06-15 17:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-01 08:14 - 2018-06-15 17:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-01 08:14 - 2018-06-15 17:04 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-01 08:14 - 2018-06-15 17:03 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-01 08:14 - 2018-06-15 17:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-01 08:14 - 2018-06-15 17:03 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-01 08:14 - 2018-06-15 17:03 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-01 08:14 - 2018-06-15 17:02 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-01 08:14 - 2018-06-15 17:02 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-01 08:14 - 2018-06-15 17:02 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-01 08:14 - 2018-06-15 17:01 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-01 08:14 - 2018-06-15 17:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-01 08:14 - 2018-06-15 17:01 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-01 08:14 - 2018-06-15 15:23 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-01 08:14 - 2018-06-15 15:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-01 08:14 - 2018-06-15 14:09 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-01 08:14 - 2018-06-15 09:11 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-01 08:14 - 2018-06-15 09:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-01 08:14 - 2018-06-15 09:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-01 08:14 - 2018-06-15 07:24 - 000482472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-01 08:14 - 2018-06-15 07:21 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-01 08:14 - 2018-06-15 07:21 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-01 08:14 - 2018-06-15 07:19 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-01 08:14 - 2018-06-15 07:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-01 08:14 - 2018-06-15 07:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-01 08:14 - 2018-06-15 07:18 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-01 08:14 - 2018-06-15 07:18 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-01 08:14 - 2018-06-15 07:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-01 08:14 - 2018-06-15 07:16 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-01 08:14 - 2018-06-15 07:16 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-01 08:14 - 2018-06-15 07:15 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-01 08:14 - 2018-06-15 07:15 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-01 08:14 - 2018-06-15 07:15 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-01 08:14 - 2018-06-15 07:13 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-01 08:14 - 2018-06-15 07:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-01 08:14 - 2018-06-15 07:12 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-01 08:14 - 2018-06-15 07:12 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-01 08:14 - 2018-06-15 07:12 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-01 08:14 - 2018-06-15 07:12 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-01 08:14 - 2018-06-15 07:12 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-01 08:14 - 2018-06-15 07:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-01 08:14 - 2018-06-15 07:11 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-01 08:14 - 2018-06-15 07:11 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-01 08:14 - 2018-06-15 07:11 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-01 08:14 - 2018-06-15 07:11 - 000134560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-01 08:14 - 2018-06-15 07:10 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-01 08:14 - 2018-06-15 07:10 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-01 08:14 - 2018-06-15 07:10 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-01 08:14 - 2018-06-15 07:10 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-01 08:14 - 2018-06-15 07:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-01 08:14 - 2018-06-15 07:10 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-01 08:14 - 2018-06-15 07:09 - 009147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-01 08:14 - 2018-06-15 07:09 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-01 08:14 - 2018-06-15 07:09 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-01 08:14 - 2018-06-15 07:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-01 08:14 - 2018-06-15 07:09 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-01 08:14 - 2018-06-15 07:09 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-01 08:14 - 2018-06-15 07:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-01 08:14 - 2018-06-15 07:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-01 08:14 - 2018-06-15 07:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-01 08:14 - 2018-06-15 07:09 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-01 08:14 - 2018-06-15 07:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-01 08:14 - 2018-06-15 07:09 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-01 08:14 - 2018-06-15 07:09 - 000709848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-01 08:14 - 2018-06-15 07:09 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-01 08:14 - 2018-06-15 07:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-01 08:14 - 2018-06-15 07:08 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-01 08:14 - 2018-06-15 07:08 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-01 08:14 - 2018-06-15 07:08 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-01 08:14 - 2018-06-15 07:08 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-01 08:14 - 2018-06-15 07:08 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-01 08:14 - 2018-06-15 07:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-01 08:14 - 2018-06-15 07:08 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-01 08:14 - 2018-06-15 07:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-01 08:14 - 2018-06-15 07:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-01 08:14 - 2018-06-15 07:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-01 08:14 - 2018-06-15 07:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-01 08:14 - 2018-06-15 07:05 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-01 08:14 - 2018-06-15 07:05 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-01 08:14 - 2018-06-15 07:04 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-01 08:14 - 2018-06-15 07:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-01 08:14 - 2018-06-15 07:04 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-01 08:14 - 2018-06-15 07:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-01 08:14 - 2018-06-15 07:04 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-01 08:14 - 2018-06-15 07:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-01 08:14 - 2018-06-15 07:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001981384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001175056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 000988128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-01 08:14 - 2018-06-15 07:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-01 08:14 - 2018-06-15 07:03 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-01 08:14 - 2018-06-15 06:56 - 022003712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-01 08:14 - 2018-06-15 06:53 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-01 08:14 - 2018-06-15 06:50 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-01 08:14 - 2018-06-15 06:49 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-01 08:14 - 2018-06-15 06:48 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-01 08:14 - 2018-06-15 06:48 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-01 08:14 - 2018-06-15 06:47 - 022714368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-01 08:14 - 2018-06-15 06:47 - 001360384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-01 08:14 - 2018-06-15 06:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-01 08:14 - 2018-06-15 06:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-01 08:14 - 2018-06-15 06:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-01 08:14 - 2018-06-15 06:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-01 08:14 - 2018-06-15 06:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-01 08:14 - 2018-06-15 06:45 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-01 08:14 - 2018-06-15 06:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-01 08:14 - 2018-06-15 06:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-01 08:14 - 2018-06-15 06:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-01 08:14 - 2018-06-15 06:45 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-01 08:14 - 2018-06-15 06:45 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-01 08:14 - 2018-06-15 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-01 08:14 - 2018-06-15 06:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-01 08:14 - 2018-06-15 06:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-01 08:14 - 2018-06-15 06:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-01 08:14 - 2018-06-15 06:44 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-01 08:14 - 2018-06-15 06:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-01 08:14 - 2018-06-15 06:44 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-01 08:14 - 2018-06-15 06:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-01 08:14 - 2018-06-15 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-01 08:14 - 2018-06-15 06:44 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-01 08:14 - 2018-06-15 06:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-01 08:14 - 2018-06-15 06:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-01 08:14 - 2018-06-15 06:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-01 08:14 - 2018-06-15 06:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-01 08:14 - 2018-06-15 06:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-01 08:14 - 2018-06-15 06:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-01 08:14 - 2018-06-15 06:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-01 08:14 - 2018-06-15 06:42 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-07-01 08:14 - 2018-06-15 06:42 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-01 08:14 - 2018-06-15 06:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-01 08:14 - 2018-06-15 06:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-01 08:14 - 2018-06-15 06:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-01 08:14 - 2018-06-15 06:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-01 08:14 - 2018-06-15 06:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-01 08:14 - 2018-06-15 06:40 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-01 08:14 - 2018-06-15 06:40 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-01 08:14 - 2018-06-15 06:40 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-01 08:14 - 2018-06-15 06:40 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-01 08:14 - 2018-06-15 06:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-01 08:14 - 2018-06-15 06:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-01 08:14 - 2018-06-15 06:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-01 08:14 - 2018-06-15 06:39 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-01 08:14 - 2018-06-15 06:39 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-01 08:14 - 2018-06-15 06:39 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-01 08:14 - 2018-06-15 06:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-01 08:14 - 2018-06-15 06:39 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-01 08:14 - 2018-06-15 06:39 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-01 08:14 - 2018-06-15 06:39 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-01 08:14 - 2018-06-15 06:39 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-01 08:14 - 2018-06-15 06:38 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-01 08:14 - 2018-06-15 06:38 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-01 08:14 - 2018-06-15 06:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-01 08:14 - 2018-06-15 06:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-01 08:14 - 2018-06-15 06:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys

2018-07-01 08:14 - 2018-06-15 05:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-01 08:14 - 2018-06-01 07:18 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-01 08:14 - 2018-05-20 13:53 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-07-01 08:14 - 2018-05-20 13:52 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-07-01 08:06 - 2018-07-01 08:06 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-07-01 08:06 - 2018-07-01 08:06 - 000001967 _____ C:\Users\Public\Desktop\Avast.lnk
2018-07-01 08:06 - 2018-07-01 08:06 - 000000000 ____D C:\Users\JitKae\AppData\Roaming\AVAST Software
2018-07-01 08:05 - 2018-07-02 08:03 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-07-01 08:05 - 2018-07-01 08:05 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000463080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-07-01 08:05 - 2018-07-01 08:05 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-07-01 08:05 - 2018-07-01 08:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-07-01 08:05 - 2018-07-01 08:05 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-07-01 08:04 - 2018-07-01 09:01 - 000000000 ____D C:\ProgramData\AVAST Software
2018-07-01 08:04 - 2018-07-01 08:04 - 000000000 ____D C:\Program Files\Avast Software
2018-06-28 20:18 - 2018-06-28 20:19 - 000000000 ____D C:\Users\JitKae\AppData\Roaming\Apowersoft
2018-06-28 20:18 - 2018-06-28 20:18 - 000000000 ____D C:\Usr
2018-06-28 20:18 - 2018-06-28 20:18 - 000000000 ____D C:\Users\JitKae\Documents\Apowersoft
2018-06-28 20:18 - 2018-06-28 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ApowerSoft
2018-06-28 20:18 - 2018-06-28 20:18 - 000000000 ____D C:\ProgramData\Apowersoft
2018-06-28 20:18 - 2018-06-28 20:18 - 000000000 ____D C:\Program Files (x86)\Apowersoft
2018-06-28 20:18 - 2017-10-08 00:42 - 000370424 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\wpcap.dll
2018-06-28 20:18 - 2017-10-08 00:42 - 000282360 _____ (Riverbed Technology, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2018-06-28 20:18 - 2017-10-08 00:42 - 000107768 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Packet.dll
2018-06-28 20:18 - 2017-10-08 00:42 - 000098040 _____ (Riverbed Technology, Inc.) C:\WINDOWS\SysWOW64\Packet.dll
2018-06-28 20:18 - 2017-10-08 00:42 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2018-06-28 20:18 - 2017-10-08 00:42 - 000036600 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2018-06-28 19:47 - 2018-06-28 20:22 - 000000000 ____D C:\Users\JitKae\AppData\Roaming\Audacity
2018-06-28 12:30 - 2018-05-07 21:16 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-06-28 12:30 - 2018-05-07 21:15 - 005947976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-06-28 12:30 - 2018-05-07 21:15 - 002612520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-06-28 12:30 - 2018-05-07 21:15 - 001767552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-06-28 12:30 - 2018-05-07 21:15 - 000634952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-06-28 12:30 - 2018-05-07 21:15 - 000450856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-06-28 12:30 - 2018-05-07 21:15 - 000124384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-06-28 12:30 - 2018-05-07 21:15 - 000083240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-06-28 12:30 - 2018-04-25 08:18 - 008173402 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-06-28 12:04 - 2018-06-25 19:26 - 000551840 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-06-28 12:04 - 2018-06-25 19:26 - 000457144 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-06-28 12:03 - 2018-06-28 12:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-06-28 12:01 - 2018-06-25 19:25 - 002013784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439836.dll
2018-06-28 12:01 - 2018-06-25 19:25 - 001468448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439836.dll
2018-06-28 12:01 - 2018-05-07 23:04 - 000044277 _____ C:\WINDOWS\system32\nvinfo.pb
2018-06-19 12:05 - 2018-06-28 12:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-06-17 22:39 - 2018-06-17 22:39 - 000000000 ____D C:\Program Files\DIFX
2018-06-17 22:38 - 2018-06-17 22:38 - 000000000 ____D C:\Adb
2018-06-17 22:38 - 2014-09-20 12:49 - 001002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2018-06-17 22:18 - 2018-06-18 00:26 - 000000000 ____D C:\Users\JitKae\AppData\Local\Deployment
2018-06-17 22:18 - 2018-06-17 22:18 - 000000000 ____D C:\Users\JitKae\AppData\Local\Apps\2.0
2018-06-13 13:56 - 2018-06-08 21:07 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-06-13 13:56 - 2018-06-08 21:07 - 000183712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe
2018-06-13 13:56 - 2018-06-08 21:07 - 000040864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-06-13 13:56 - 2018-06-08 21:07 - 000019872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVTerminator.dll
2018-06-13 13:56 - 2018-06-08 21:02 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-06-13 13:56 - 2018-06-08 21:02 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-13 13:56 - 2018-06-08 21:02 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-06-13 13:56 - 2018-06-08 21:01 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-06-13 13:56 - 2018-06-08 20:47 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-13 13:56 - 2018-06-08 20:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-13 13:56 - 2018-06-08 20:45 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-13 13:56 - 2018-06-08 20:45 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-06-13 13:56 - 2018-06-08 20:45 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-13 13:56 - 2018-06-08 20:44 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-06-13 13:56 - 2018-06-08 20:44 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-06-13 13:56 - 2018-06-08 20:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-13 13:56 - 2018-06-08 20:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-06-13 13:56 - 2018-06-08 20:43 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-13 13:56 - 2018-06-08 20:43 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-13 13:56 - 2018-06-08 20:43 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-06-13 13:56 - 2018-06-08 20:43 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-06-13 13:56 - 2018-06-08 20:43 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-06-13 13:56 - 2018-06-08 20:42 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-06-13 13:56 - 2018-06-08 20:42 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-13 13:56 - 2018-06-08 20:42 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2018-06-13 13:56 - 2018-06-08 20:42 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-06-13 13:56 - 2018-06-08 20:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-06-13 13:56 - 2018-06-08 20:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-06-13 13:56 - 2018-06-08 20:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-13 13:56 - 2018-06-08 20:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-06-13 13:56 - 2018-06-08 20:40 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-06-13 13:56 - 2018-06-08 19:07 - 000148896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe
2018-06-13 13:56 - 2018-06-08 19:04 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-13 13:56 - 2018-06-08 18:58 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-06-13 13:56 - 2018-06-08 18:50 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-06-13 13:56 - 2018-06-08 18:47 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-06-13 13:56 - 2018-06-08 18:47 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-13 13:56 - 2018-06-08 18:47 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-06-13 13:56 - 2018-06-08 18:47 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-06-13 13:56 - 2018-06-08 18:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-06-13 13:56 - 2018-06-08 18:46 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-13 13:56 - 2018-06-08 18:46 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-06-13 13:56 - 2018-06-08 18:45 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-13 13:56 - 2018-06-08 18:06 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-13 13:56 - 2018-06-08 18:05 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-13 13:56 - 2018-06-08 16:00 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 13:56 - 2018-06-08 12:38 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-06-13 13:56 - 2018-06-08 12:37 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-13 13:56 - 2018-06-08 12:35 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-06-13 13:56 - 2018-06-08 12:35 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-13 13:56 - 2018-06-08 12:34 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-06-13 13:56 - 2018-06-08 12:34 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-06-13 13:56 - 2018-06-08 12:31 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-06-13 13:56 - 2018-06-08 12:31 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-13 13:56 - 2018-06-08 12:31 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-13 13:56 - 2018-06-08 12:30 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-13 13:56 - 2018-06-08 11:31 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-06-13 13:56 - 2018-06-08 11:30 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-13 13:56 - 2018-06-08 11:30 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-13 13:56 - 2018-06-08 11:30 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-13 13:56 - 2018-06-08 11:30 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-13 13:56 - 2018-06-08 11:30 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-13 13:56 - 2018-06-08 11:30 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-13 13:56 - 2018-06-08 11:30 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-06-13 13:56 - 2018-06-08 11:30 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-13 13:56 - 2018-06-08 11:30 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-13 13:56 - 2018-06-08 11:30 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-13 13:56 - 2018-06-08 11:29 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-13 13:56 - 2018-06-08 11:29 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-13 13:56 - 2018-06-08 11:29 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-06-13 13:56 - 2018-06-08 11:29 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-13 13:56 - 2018-06-08 11:29 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-13 13:56 - 2018-06-08 11:12 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-06-13 13:56 - 2018-06-08 11:12 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-13 13:56 - 2018-06-08 11:10 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-13 13:56 - 2018-06-08 11:10 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-06-13 13:56 - 2018-06-08 11:10 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-13 13:56 - 2018-06-08 11:10 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-06-13 13:56 - 2018-06-08 11:10 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-06-13 13:56 - 2018-06-08 11:10 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-13 13:56 - 2018-06-08 11:09 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-13 13:56 - 2018-06-08 11:09 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-13 13:56 - 2018-06-08 11:09 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-06-13 13:56 - 2018-06-08 11:09 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 13:56 - 2018-06-08 11:09 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 13:56 - 2018-06-08 11:09 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-06-13 13:56 - 2018-06-08 11:09 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-13 13:56 - 2018-06-08 11:09 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-06-13 13:56 - 2018-06-08 11:09 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-13 13:56 - 2018-06-08 11:03 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-13 13:56 - 2018-06-08 11:03 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-06-13 13:56 - 2018-06-08 11:03 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-06-13 13:56 - 2018-06-08 11:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-06-13 13:56 - 2018-06-08 11:02 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-06-13 13:56 - 2018-06-08 11:02 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-13 13:56 - 2018-06-08 11:01 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-13 13:56 - 2018-06-08 11:01 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-13 13:56 - 2018-06-08 11:01 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-13 13:56 - 2018-06-08 11:01 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-13 13:56 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-06-13 13:56 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-13 13:56 - 2018-06-08 11:00 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-13 13:56 - 2018-06-08 11:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-06-13 13:56 - 2018-06-08 11:00 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-06-13 13:56 - 2018-06-08 11:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-13 13:56 - 2018-06-08 11:00 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-06-13 13:56 - 2018-06-08 11:00 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-13 13:56 - 2018-06-08 10:59 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-06-13 13:56 - 2018-06-08 10:59 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-13 13:56 - 2018-06-08 10:59 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-13 13:56 - 2018-06-08 10:59 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-06-13 13:56 - 2018-06-08 10:59 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-06-13 13:56 - 2018-06-08 10:59 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-13 13:56 - 2018-06-08 10:59 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-06-13 13:56 - 2018-06-08 10:59 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 13:56 - 2018-06-08 10:59 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-13 13:56 - 2018-06-08 10:58 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 13:56 - 2018-06-08 10:58 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-06-13 13:56 - 2018-06-08 10:58 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-06-13 13:56 - 2018-06-08 10:58 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-13 13:56 - 2018-06-08 10:58 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-06-13 13:56 - 2018-06-08 10:57 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-13 13:56 - 2018-06-08 10:57 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-13 13:56 - 2018-06-08 10:57 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-06-13 13:56 - 2018-06-08 10:57 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-13 13:56 - 2018-06-08 10:57 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 13:56 - 2018-06-08 10:57 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-13 13:56 - 2018-06-08 10:56 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-06-13 13:56 - 2018-06-08 10:55 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 13:56 - 2018-06-08 10:55 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-06-13 13:56 - 2018-06-08 10:54 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-06-13 13:56 - 2018-06-08 10:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-06-13 13:56 - 2018-06-08 10:53 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-06-13 13:56 - 2018-06-08 10:53 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 13:56 - 2018-06-08 10:53 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-13 13:56 - 2018-06-08 10:53 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 13:56 - 2018-06-08 10:53 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 13:56 - 2018-06-08 10:53 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-13 13:56 - 2018-06-06 20:57 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-13 13:56 - 2018-06-06 06:20 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-13 13:56 - 2018-06-02 01:24 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-13 13:56 - 2018-06-02 00:54 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-13 13:56 - 2018-05-25 05:24 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-06-13 13:56 - 2018-05-20 21:45 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-13 13:56 - 2018-05-20 21:42 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-06-13 13:56 - 2018-05-20 21:42 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-13 13:56 - 2018-05-20 21:26 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-06-13 13:56 - 2018-05-20 21:23 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-13 13:56 - 2018-05-20 21:23 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-06-13 13:56 - 2018-05-20 21:23 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-13 13:56 - 2018-05-20 21:22 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-13 13:56 - 2018-05-20 21:22 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-13 13:56 - 2018-05-20 21:22 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-06-13 13:56 - 2018-05-20 21:22 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-06-13 13:56 - 2018-05-20 20:20 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-06-13 13:56 - 2018-05-20 20:15 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-06-13 13:56 - 2018-05-20 20:14 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-06-13 13:56 - 2018-05-20 20:02 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-06-13 13:56 - 2018-05-20 20:00 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-06-13 13:56 - 2018-05-20 19:59 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-06-13 13:56 - 2018-05-20 19:59 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-06-13 13:56 - 2018-05-20 18:59 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-13 13:56 - 2018-05-20 18:45 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-13 13:56 - 2018-05-20 18:35 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-13 13:56 - 2018-05-20 18:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-13 13:56 - 2018-05-20 16:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-06-13 13:56 - 2018-05-20 14:33 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-13 13:56 - 2018-05-20 13:53 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-13 13:56 - 2018-05-20 13:53 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-13 13:56 - 2018-05-20 13:53 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-13 13:56 - 2018-05-20 13:53 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-06-13 13:56 - 2018-05-20 13:53 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-06-13 13:56 - 2018-05-20 13:52 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-13 13:56 - 2018-05-20 13:52 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-13 13:56 - 2018-05-20 13:52 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-06-13 13:56 - 2018-05-20 13:52 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-06-13 13:56 - 2018-05-20 13:34 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-13 13:56 - 2018-05-20 13:34 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-13 13:56 - 2018-05-20 13:33 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-13 13:56 - 2018-05-20 13:33 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-06-13 13:56 - 2018-05-20 13:32 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-13 13:56 - 2018-05-20 13:32 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-13 13:56 - 2018-05-20 13:32 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-13 13:56 - 2018-05-20 13:32 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-06-13 13:56 - 2018-05-20 13:31 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-13 13:56 - 2018-05-20 13:30 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-13 13:56 - 2018-05-20 13:28 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-13 13:56 - 2018-05-20 13:28 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-13 13:56 - 2018-05-20 13:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-13 13:56 - 2018-05-20 13:27 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-06-13 13:56 - 2018-05-20 13:27 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-13 13:56 - 2018-05-20 13:26 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-13 13:56 - 2018-05-20 13:26 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-13 13:56 - 2018-05-20 13:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-06-13 13:56 - 2018-05-20 13:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-13 13:56 - 2018-05-20 13:26 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-13 13:56 - 2018-05-20 13:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-06-13 13:56 - 2018-05-20 13:25 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-13 13:56 - 2018-05-20 13:25 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-06-13 13:56 - 2018-05-20 13:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-13 13:56 - 2018-05-20 13:24 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-13 13:56 - 2018-05-20 13:23 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 13:56 - 2018-05-20 13:23 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-13 13:56 - 2018-05-20 13:23 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-06-13 13:56 - 2018-05-20 13:21 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-13 13:56 - 2018-05-20 13:21 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-13 13:56 - 2018-05-20 13:21 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-06-13 13:56 - 2018-05-20 13:21 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-13 13:56 - 2018-05-20 13:17 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-13 13:56 - 2018-05-20 13:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-13 13:56 - 2018-05-20 13:16 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-13 13:56 - 2018-05-20 13:16 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-13 13:56 - 2018-05-20 13:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-13 13:56 - 2018-05-20 13:15 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-06-13 13:56 - 2018-05-20 13:15 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-06-13 13:56 - 2018-05-20 13:14 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-13 13:56 - 2018-05-20 13:13 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-13 13:56 - 2018-05-20 13:13 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-06-13 13:56 - 2018-05-20 13:12 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-13 13:56 - 2018-05-20 13:11 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-13 13:56 - 2018-05-20 13:11 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-13 13:56 - 2018-05-20 10:26 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-06-13 13:56 - 2018-05-18 19:08 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-06-13 11:38 - 2018-06-13 11:38 - 000004642 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-06-13 11:37 - 2018-06-13 11:37 - 000004630 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-13 11:36 - 2018-06-13 11:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-13 10:34 - 2018-06-13 10:41 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-06-13 10:33 - 2018-06-13 10:33 - 000000000 ____D C:\WINDOWS\pss
2018-06-04 18:40 - 2018-06-04 18:40 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-06-04 15:28 - 2018-06-04 15:28 - 000046344 _____ C:\Users\JitKae\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-04 15:28 - 2018-06-04 15:28 - 000001318 _____ C:\Users\Public\Desktop\Interceptor DS100.lnk
2018-06-04 15:28 - 2018-06-04 15:28 - 000000000 ____D C:\Users\JitKae\Documents\Gaming Mouse Profiles
2018-06-04 15:28 - 2018-06-04 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Msi Interceptor
2018-06-04 15:28 - 2018-06-04 15:28 - 000000000 ____D C:\Program Files (x86)\MSI Gaming Series
2018-06-04 15:28 - 2012-04-24 18:42 - 000025600 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\usbglcs1100302.sys
2018-06-04 14:56 - 2018-06-04 14:56 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-06-04 14:56 - 2018-06-04 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-06-04 14:56 - 2018-06-04 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-06-04 14:56 - 2018-06-04 14:56 - 000000000 ____D C:\Program Files\iPod
2018-06-04 14:55 - 2018-06-04 14:56 - 000000000 ____D C:\Program Files\iTunes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-03 19:28 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-03 19:23 - 2018-05-21 19:58 - 001627554 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-03 19:23 - 2018-04-12 17:51 - 000693992 _____ C:\WINDOWS\system32\perfh005.dat
2018-07-03 19:23 - 2018-04-12 17:51 - 000140562 _____ C:\WINDOWS\system32\perfc005.dat
2018-07-03 19:23 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-03 19:19 - 2018-04-16 12:37 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-03 19:19 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-07-03 19:18 - 2018-05-03 08:40 - 000000000 ___RD C:\Users\JitKae\iCloudDrive
2018-07-03 19:18 - 2018-04-16 13:59 - 000000000 ___HD C:\Users\JitKae\MicrosoftEdgeBackups
2018-07-03 19:18 - 2018-04-16 12:34 - 000000000 ___RD C:\Users\JitKae\OneDrive
2018-07-03 19:17 - 2018-05-21 19:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-03 19:17 - 2018-04-16 14:21 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-07-03 19:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-03 19:17 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-03 19:12 - 2018-05-21 19:50 - 000000000 ____D C:\Users\JitKae
2018-07-03 19:12 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-07-03 18:52 - 2018-04-16 19:51 - 000000000 ____D C:\Users\JitKae\AppData\Local\CrashDumps
2018-07-03 18:51 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-03 09:25 - 2018-05-21 19:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-02 15:06 - 2018-05-28 21:16 - 000000000 ____D C:\WINDOWS\Minidump
2018-07-02 08:04 - 2018-05-17 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Origins
2018-07-01 18:10 - 2018-04-16 16:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-01 11:31 - 2018-05-21 19:49 - 000269592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-01 09:04 - 2018-04-16 13:59 - 000000000 ___RD C:\Users\JitKae\3D Objects
2018-07-01 09:04 - 2018-04-16 12:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-01 09:03 - 2018-04-12 17:52 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-01 09:03 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-01 09:03 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-01 09:03 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-01 08:16 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-01 08:05 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-06-28 12:30 - 2018-04-16 12:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-06-28 12:30 - 2018-04-16 12:36 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-06-28 12:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Help
2018-06-28 12:04 - 2018-04-16 12:36 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-06-28 12:02 - 2018-04-16 16:41 - 000000000 ____D C:\Users\JitKae\AppData\Local\NVIDIA
2018-06-28 08:03 - 2018-04-18 22:32 - 000000000 ____D C:\Users\JitKae\AppData\Roaming\Apple Computer
2018-06-27 17:49 - 2018-05-21 19:53 - 000003942 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1524816111
2018-06-27 17:49 - 2018-04-27 10:01 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-06-27 17:49 - 2018-04-27 10:01 - 000000000 ____D C:\Program Files\Opera
2018-06-27 16:25 - 2018-04-16 14:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-24 22:09 - 2018-04-16 13:55 - 000000000 ____D C:\Users\JitKae\AppData\Local\Packages
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-13 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-13 16:48 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-13 13:22 - 2018-04-16 14:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-13 13:21 - 2018-04-16 14:44 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 13:21 - 2018-04-16 14:43 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-13 11:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-12 09:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-06-06 23:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-06 01:29 - 2018-04-12 01:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 01:29 - 2018-04-12 01:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2018-04-16 18:49 - 2018-05-18 22:26 - 000000034 _____ () C:\Users\JitKae\AppData\Roaming\AdobeWLCMCache.dat

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-21 19:49

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by JitKae (03-07-2018 19:31:38)
Running from C:\Users\JitKae\Desktop
Windows 10 Pro Version 1803 17134.137 (X64) (2018-05-21 17:54:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1169072027-563865220-1595250771-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1169072027-563865220-1595250771-503 - Limited - Disabled)
Guest (S-1-5-21-1169072027-563865220-1595250771-501 - Limited - Disabled)
JitKae (S-1-5-21-1169072027-563865220-1595250771-1001 - Administrator - Enabled) => C:\Users\JitKae
WDAGUtilityAccount (S-1-5-21-1169072027-563865220-1595250771-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AIDA64 Extreme v5.97 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.97 - FinalWire Ltd.)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Apowersoft Video Konvertor V4.7.8 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.7.8 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Assassin's Creed Origins (HKLM-x32\...\{DAC281DD-7006-49D4-905B-E8BDA474A230}_is1) (Version: - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.64 - NVIDIA Corporation) Hidden
iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)
iTunes (HKLM\...\{1E59D781-14F1-4FFA-85A9-C003CC9956ED}) (Version: 12.7.5.9 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1169072027-563865220-1595250771-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
MSI Interceptor DS100 Gaming Mouse (HKLM-x32\...\{0554E252-D345-4924-A87E-F1C6242371AB}_is1) (Version: 1.1 - MSI Co., LTD)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 397.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.64 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Opera Stable 53.0.2907.110 (HKLM-x32\...\Opera 53.0.2907.110) (Version: 53.0.2907.110 - Opera Software)
Ovládací panel NVIDIA 397.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.64 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7245 - Realtek Semiconductor Corp.)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShA64.dll [2018-07-01] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-07-03] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShA64.dll [2018-07-01] (AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShA64.dll [2018-07-01] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-05-07] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-07-03] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShA64.dll [2018-07-01] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0310A518-5367-49F1-87F8-40B3A7E89F93} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {14A0E4F5-8ECB-4D4F-926D-1EBAED7724B1} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {326BFC82-4A7C-4EA2-B208-C10E2D88C7A9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {51B1B376-20B8-4941-B947-E66D56E45509} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {5B362E61-4070-4F0C-9121-CA969CF7B467} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [2018-07-01] (AVAST Software)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {69248216-1CE8-4659-AE7F-B5D6A0BF79A5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-07-01] (AVAST Software)
Task: {7E9D2F5E-ABBB-4E40-88D4-8A6A19BA890E} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {851CB737-FA87-4655-A81F-4B5310A05C22} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {8F36ED28-8566-4206-B0DF-B8286EFF3030} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {969954B0-BE21-461A-AEB3-2A9FE94BBE6E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {97E5CD7D-03CD-4860-8626-15406FBEC305} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-06-13] (Adobe Systems Incorporated)
Task: {9AB0BC22-A419-4BA7-B059-54018BDE676A} - System32\Tasks\Opera scheduled Autoupdate 1524816111 => C:\Program Files\Opera\launcher.exe [2018-06-26] (Opera Software)
Task: {A2C2FCA3-500A-4D76-8BDF-6681B64CFE82} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {B876AF31-D9D1-414E-8E66-B40D05E2206B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-06-13] (Adobe Systems Incorporated)
Task: {DA271604-4368-449B-84D3-234AF40228F4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {DE654F7D-0489-4B52-B2A7-D541EC551308} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {F3204D19-720D-46EE-ABED-F838B3B5A75E} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\Aida64 Extreme\aida64.exe [2018-03-27] (FinalWire Ltd.)
Task: {F3E0EB32-2D1B-45C0-978C-66C6AFBDD4ED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {FC8D70B9-124D-4F9A-B8A5-BDCCE5A8B4FB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-03 19:21 - 2018-07-03 19:21 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-04 15:28 - 2012-04-24 18:42 - 001181544 _____ () C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\ETGMSrv.exe
2018-05-25 09:36 - 2018-05-20 19:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-16 20:10 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-16 20:11 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-13 13:56 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-27 10:32 - 2018-06-27 10:32 - 027126784 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-06-27 10:32 - 2018-06-27 10:32 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-06-27 10:32 - 2018-06-27 10:32 - 006735872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-04-16 13:04 - 2018-04-16 13:04 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-27 10:32 - 2018-06-27 10:32 - 009360384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-05-22 22:09 - 2018-05-22 22:09 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-05-22 22:08 - 2018-05-22 22:08 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-06-04 15:28 - 2014-03-10 11:43 - 003698176 _____ () C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\MMon2.exe
2018-07-01 08:06 - 2018-07-01 08:06 - 067126928 _____ () C:\Program Files\Avast Software\Avast\libcef.dll
2018-07-01 08:05 - 2018-07-01 08:05 - 000483544 _____ () C:\Program Files\Avast Software\Avast\streamback.dll
2018-07-01 08:05 - 2018-07-01 08:05 - 000282840 _____ () C:\Program Files\Avast Software\Avast\gaming_mode_ui.dll
2018-05-15 18:59 - 2018-05-15 18:59 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-16 15:20 - 2018-03-16 15:20 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:59 - 2018-05-15 18:59 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2018-06-04 15:28 - 2011-01-27 00:53 - 000028160 _____ () C:\Program Files (x86)\MSI Gaming Series\Interceptor DS100\uiHook.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2018-07-03 18:54 - 000000841 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1169072027-563865220-1595250771-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4A2A7DCA-E62F-4DFC-9D3A-3D7A966CAEEB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B2DA47DD-777A-412A-B045-26C4392D52CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{74B0AF79-6BA5-454F-959C-8E7004FCC0AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4E34DFF0-D534-4400-8466-7415A9AF7F64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{26E8AD39-96E0-4A74-BAEA-F35171D0D0A6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{BE68398A-7B7D-47EC-8FDD-C276F6927436}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CA696856-9315-46E0-A498-2B475221047D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F861D3F5-ED56-4877-AF70-86A45ABEFD68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D978EF61-E451-4645-AE77-562E0718D2FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{06172EA8-BEDC-4535-8C61-101B6362B069}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5E6D61EF-2412-4089-93F7-FE7B484473AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8D5A60EC-4C2D-454F-886B-8B44A27E0A18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{19E803BE-60F8-4AC6-848C-C178AFA5CDFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{449ADA77-FCF8-4576-A633-F7AC001907EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{01BF3B52-963F-40A5-B9C8-8F7752850CED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{74A14015-8709-46B8-82E2-A9D0771D1D97}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{95FEDE74-87B0-48C3-A691-AFF72BC60134}] => (Allow) C:\Program Files\Opera\53.0.2907.99\opera.exe
FirewallRules: [{43F9E04B-0C5F-4FF7-B9E0-30C0F450D3BC}] => (Allow) C:\Program Files\Opera\53.0.2907.110\opera.exe
FirewallRules: [{7539B34A-E7FE-47E5-A1A2-846228240C76}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{4B3BEDA4-3B21-46A5-81E3-A116B3F0739D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{9DC8649F-24EF-442E-80EF-D28B89E68913}] => (Allow) C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
FirewallRules: [{466F54B1-F652-4039-A6E4-6E2F77E99E18}] => (Allow) C:\Program Files\Avast Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

03-07-2018 08:54:17 01

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2018 07:18:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/03/2018 07:18:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/03/2018 06:52:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.137, časové razítko: 0x16722c9d
Kód výjimky: 0xc0000409
Posun chyby: 0x0010db92
ID chybujícího procesu: 0x2c5c
Čas spuštění chybující aplikace: 0x01d412ee3bfbcd6e
Cesta k chybující aplikaci: C:\Users\JitKae\Desktop\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 90631f2a-8468-4662-a9f4-b5bd02cda255
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/03/2018 06:47:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/03/2018 06:47:53 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/03/2018 06:47:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (07/03/2018 05:53:37 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/03/2018 05:53:35 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

System errors:
=============
Error: (07/03/2018 07:17:52 PM) (Source: DCOM) (EventID: 10016) (User: HOME-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli HOME-PC\JitKae (SID: S-1-5-21-1169072027-563865220-1595250771-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/03/2018 07:12:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/03/2018 07:12:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/03/2018 07:12:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/03/2018 07:12:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/03/2018 07:12:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/03/2018 07:04:56 AM) (Source: DCOM) (EventID: 10016) (User: HOME-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli HOME-PC\JitKae (SID: S-1-5-21-1169072027-563865220-1595250771-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/02/2018 10:54:49 PM) (Source: DCOM) (EventID: 10016) (User: HOME-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli HOME-PC\JitKae (SID: S-1-5-21-1169072027-563865220-1595250771-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Windows Defender:
===================================
Date: 2018-07-03 18:50:57.897
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\JitKae\Desktop\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.271.379.0, AS: 1.271.379.0, NIS: 1.271.379.0
Verze modulu: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-01 08:01:49.721
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CoinMiner.BB!bit
ID: 2147716648
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_\\SERVER\sda1\1_BORDEL\Photo.scr;file:_\\SERVER\sda1\1_LHOTA\1_Barak\Photo.scr;file:_\\SERVER\sda1\1_LHOTA\Photo.scr
Původ zjišťování: Sdílená síťová složka
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: HOME-PC\JitKae
Název procesu: C:\Program Files (x86)\TotalComm\TOTALCMD64.EXE
Verze podpisu: AV: 1.271.260.0, AS: 1.271.260.0, NIS: 1.271.260.0
Verze modulu: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-01 08:01:38.337
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CoinMiner.BB!bit
ID: 2147716648
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_\\SERVER\sda1\1_BORDEL\Photo.scr;file:_\\SERVER\sda1\1_LHOTA\1_Barak\Photo.scr;file:_\\SERVER\sda1\1_LHOTA\Photo.scr
Původ zjišťování: Sdílená síťová složka
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: HOME-PC\JitKae
Název procesu: C:\Program Files (x86)\TotalComm\TOTALCMD64.EXE
Verze podpisu: AV: 1.271.260.0, AS: 1.271.260.0, NIS: 1.271.260.0
Verze modulu: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-01 08:01:13.328
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CoinMiner.BB!bit
ID: 2147716648
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_\\SERVER\sda1\1_BORDEL\Photo.scr;file:_\\SERVER\sda1\1_LHOTA\Photo.scr
Původ zjišťování: Sdílená síťová složka
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: HOME-PC\JitKae
Název procesu: C:\Program Files (x86)\TotalComm\TOTALCMD64.EXE
Verze podpisu: AV: 1.271.260.0, AS: 1.271.260.0, NIS: 1.271.260.0
Verze modulu: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-01 08:01:03.850
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CoinMiner.BB!bit
ID: 2147716648
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_\\SERVER\sda1\1_BORDEL\Photo.scr
Původ zjišťování: Sdílená síťová složka
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: HOME-PC\JitKae
Název procesu: C:\Program Files (x86)\TotalComm\TOTALCMD64.EXE
Verze podpisu: AV: 1.271.260.0, AS: 1.271.260.0, NIS: 1.271.260.0
Verze modulu: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-03 19:19:01.817
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-06-13 10:41:15.546
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-06-13 10:34:14.619
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-06-12 09:26:39.574
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.269.1075.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14901.4
Kód chyby: 0x80240438
Popis chyby

ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2018-07-03 19:18:01.183
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-03 19:18:00.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-03 19:18:00.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-03 18:47:49.427
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-03 18:47:48.980
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-03 18:47:48.831
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-03 18:47:43.761
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-03 18:47:43.586
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 33%
Total physical RAM: 8143.79 MB
Available physical RAM: 5438.73 MB
Total Virtual: 9423.79 MB
Available Virtual: 6320.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.24 GB) (Free:13.93 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:90.65 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Data) (Fixed) (Total:931.51 GB) (Free:181.77 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{ca05dd7d-d6cf-4dce-a857-e1be062d5572}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{5aac1062-ff11-4241-afb6-4437030653df}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: E951ED6D)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6DFBF7A9)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 86BE98E2)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
SearchScopes: HKU\S-1-5-21-1169072027-563865220-1595250771-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
nech jen Avast , ostatní AV deaktivuj.

Windows Defender:
===================================
Date: 2018-07-03 18:50:57.897
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\JitKae\Desktop\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.271.379.0, AS: 1.271.379.0, NIS: 1.271.379.0
Verze modulu: AM: 1.1.15000.2, NIS: 1.1.15000.2

zoek není nákaza..

Date: 2018-07-01 08:01:49.721
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CoinMiner.BB!bit
ID: 2147716648
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_\\SERVER\sda1\1_BORDEL\Photo.scr;file:_\\SERVER\sda1\1_LHOTA\1_Barak\Photo.scr;file:_\\SERVER\sda1\1_LHOTA\Photo.scr
Původ zjišťování: Sdílená síťová složka
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: HOME-PC\JitKae
Název procesu: C:\Program Files (x86)\TotalComm\TOTALCMD64.EXE
Verze podpisu: AV: 1.271.260.0, AS: 1.271.260.0, NIS: 1.271.260.0
Verze modulu: AM: 1.1.15000.2, NIS: 1.1.15000.2

Nákaza není v PC , ale tam , kam se připojuješ pomocí TC..

Drive c: () (Fixed) (Total:111.24 GB) (Free:13.93 GB) NTFS
nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!

PC-HELP.CZ

Prosim o kontrolu logu

Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu