Prosím o kontrolu logu. Vyřešeno

[TimCZE]

RogueKiller V12.12.32.0 (x64) [Aug 20 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.17134) 64 bits version
Spuštěno : Normální režim
Uživatel : mmeli [Práva správce]
Started from : C:\Users\mmeli\OneDrive\Plocha\RogueKiller_portable64.exe
Mód : Smazat -- Datum : 08/25/2018 08:56:35 (Duration : 00:17:33)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Windows\CurrentVersion\Run | Discord : C:\ProgramData\mmeli\Discord\app-0.0.301\Discord.exe [7] -> Nevybráno
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Windows\CurrentVersion\Run | Discord : C:\ProgramData\mmeli\Discord\app-0.0.301\Discord.exe [7] -> Nevybráno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{49945E31-7723-4D77-811C-A26778946BAC}C:\users\mmeli\appdata\local\temp\commongamedownloader\100223_1532335527_62499\teniodl.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\mmeli\appdata\local\temp\commongamedownloader\100223_1532335527_62499\teniodl.exe|Name=teniodl.exe|Desc=teniodl.exe|Defer=User| [x] -> Nevybráno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{20F04277-9EA6-42B7-BF68-934BD618105D}C:\users\mmeli\appdata\local\temp\commongamedownloader\100223_1532335527_62499\teniodl.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\mmeli\appdata\local\temp\commongamedownloader\100223_1532335527_62499\teniodl.exe|Name=teniodl.exe|Desc=teniodl.exe|Defer=User| [x] -> Nevybráno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Hidden.ADS][] C::${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SA400S37480G +++++
--- User ---
[MBR] 5bfa9e93360da0aba88eae324f500780
[BSP] 0a910b8817e33669337607bbd02408e2 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 456890 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 936738816 | Size: 468 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST1000DM010-2EP102 +++++
--- User ---
[MBR] c1b2a36a94eae4e4178c1a5424f4ee68
[BSP] 51074f59e71edc2484a6fb961847f5c1 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[Reklama]

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Měl by si resetnout router , nebo lépe dát nejnovější FW.


Vlož nový log z HJT

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[TimCZE]

RogueKiller V12.12.32.0 (x64) [Aug 20 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.17134) 64 bits version
Spuštěno : Normální režim
Uživatel : mmeli [Práva správce]
Started from : C:\Users\mmeli\OneDrive\Plocha\RogueKiller_portable64.exe
Mód : Smazat -- Datum : 08/25/2018 13:35:56 (Duration : 00:17:01)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Windows\CurrentVersion\Run | Discord : C:\ProgramData\mmeli\Discord\app-0.0.301\Discord.exe [7] -> Smazáno
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Windows\CurrentVersion\Run | Discord : C:\ProgramData\mmeli\Discord\app-0.0.301\Discord.exe [7] -> ERROR [2]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{49945E31-7723-4D77-811C-A26778946BAC}C:\users\mmeli\appdata\local\temp\commongamedownloader\100223_1532335527_62499\teniodl.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\mmeli\appdata\local\temp\commongamedownloader\100223_1532335527_62499\teniodl.exe|Name=teniodl.exe|Desc=teniodl.exe|Defer=User| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{20F04277-9EA6-42B7-BF68-934BD618105D}C:\users\mmeli\appdata\local\temp\commongamedownloader\100223_1532335527_62499\teniodl.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\mmeli\appdata\local\temp\commongamedownloader\100223_1532335527_62499\teniodl.exe|Name=teniodl.exe|Desc=teniodl.exe|Defer=User| [x] -> Smazáno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Hidden.ADS][] C::${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SA400S37480G +++++
--- User ---
[MBR] 5bfa9e93360da0aba88eae324f500780
[BSP] 0a910b8817e33669337607bbd02408e2 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 456890 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 936738816 | Size: 468 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST1000DM010-2EP102 +++++
--- User ---
[MBR] c1b2a36a94eae4e4178c1a5424f4ee68
[BSP] 51074f59e71edc2484a6fb961847f5c1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[TimCZE]

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by mmeli on 25.08.2018 at 13:58:20,22.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\mmeli\OneDrive\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25.08.2018 13:59:19 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\mmeli\AppData\Local\DBG deleted successfully
C:\Users\mmeli\AppData\Local\Notepad++ deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{027EC44E-3D98-4751-BDD6-143B8DE0AC29} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{083654CF-894E-4930-9E13-E52669BCEF06} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0B24FA38-9546-4FDD-807C-EE6FD0F7B0AC} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0BF657E1-7770-4140-9216-D09753B5C88F} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0D74F07D-0553-4DF5-993D-1FCC34948EC8} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E8EDD4B-63B3-435E-AF15-48628241A65D} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0F9B33D4-011F-4777-9ADB-489CA617A9CD} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10D98FD6-1B67-48CE-9962-142E50CB3CE5} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B7BEF0E-CED7-4E3E-B6D9-AF8A7B3E4668} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2145EDD6-E9F9-4EEE-8F04-545767A3872F} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F94808C-07D2-49B5-ADAF-A782C4647D8A} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3380F551-BDB0-4E41-84D8-B2F553F67BAC} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38508A4E-2A37-4B13-8A8F-9E79D242A644} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C2753DE-AD93-4FB8-B646-06162230FB9C} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F0FAD03-916A-464C-B051-4F7045E32686} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{532198C6-7B44-4E55-B020-7FA45ACEE549} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57F1D073-9B58-4E85-86CD-780033B134AB} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5920E4B2-3541-4C7D-AB95-F6AAB202C3C1} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EE150FF-BBEB-4851-A86E-E03D3D1ABB0D} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61B0E65F-E5AB-4709-9FBD-E8E19C7D38FA} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ACE712B-CAE6-4EE9-A06B-BAD9E2B22343} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D144674-995B-4776-9667-CB085F0037E2} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70FBB87B-7B32-4122-8FA9-EC4A26CBFB9C} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73CCE521-1D88-439E-ABB3-5542A57B264B} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79A39FA1-C928-4A47-A714-FFAA3F29ACB9} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CAFA09A-4AAC-4D83-8FEA-FFC0BE36111C} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9633BDBA-E003-4118-96AA-EC1992A73785} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96943C15-AFB1-49E9-B6EB-4FBB917CC153} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99DA4943-ACE3-447C-A55C-7CAEFAED1870} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A05E7F85-9052-4D49-8CEC-8C2BB8D2FAF2} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1BF95AD-9D5E-4477-9869-5DA47681C785} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A35D4D2A-4E0B-4823-BA54-FC27CDD301BA} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB535F9-2C35-4F16-8A8F-D5206CDCEA3C} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B21D8A08-12EE-4535-BFB7-D711AF83E23E} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC80B26E-B69C-4EBF-B29D-BB2BC41C90FE} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCF7ACCA-C579-4944-AB68-DBE6F5DBC395} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE0EBBD3-15AB-4827-AD83-CEB2DDAB7650} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEBC02A3-9D1E-491E-98D9-42BE49C4AD19} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7CC87A6-28DA-41A3-B61F-2E690A1ADC2B} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD5EB613-C047-430C-A099-8AEBBF876EEB} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E48AD5CB-476E-4B13-9452-9C419A2C5616} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDFD8E30-E008-410D-BAFC-8F6DC1CBE882} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7EBC531-1432-43E9-839E-47980F6D1880} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB7F29CA-F66E-4AEE-8CAD-A1AB79C305D8} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDE6B4FA-1C57-47CC-87F0-08BC7160287F} deleted successfully
HKEY_USERS\S-1-5-21-104165689-936418207-1968852515-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFA04762-4BD8-414E-A31A-57D71ACD4FFE} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\mmeli\AppData\Roaming\.technic deleted
C:\Users\mmeli\AppData\Roaming\discord deleted
C:\Users\mmeli\AppData\Roaming\Twitch deleted
C:\Users\mmeli\.android deleted
C:\82ace7d6-0197-474d-bf4b-a2043e72329b deleted
C:\Users\mmeli\AppData\Roaming\Adobe.BackupByPhotoshopPortable deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\AVAST Software deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineCore deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineUA deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
"C:\Users\mmeli\AppData\Roaming\spek\preferences" deleted
"C:\Users\mmeli\AppData\Local\AVAST Software\APM\mmeliFfl2.dat" not deleted
"C:\Users\mmeli\AppData\Local\AVAST Software\APM\mmeli\kv_pam.db" not deleted
"C:\Users\mmeli\AppData\Roaming\spek" deleted
"C:\Users\mmeli\AppData\Local\AVAST Software" not deleted
"C:\Users\mmeli\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\mmeli\AppData\Local\AVAST Software\APM\mmeli" not deleted

==== Orphaned Tasks deleted from Registry ======================

AvastUpdateTaskMachineCore deleted
AvastUpdateTaskMachineUA deleted

==== Firefox XPI-files found: ======================

- __MSG_avastAppName__ - C:\Program Files\AVAST Software\Avast\SafePrice\FF\sp@avast.com.xpi
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF\wrc@avast.com.xpi

==== Chromium Look ======================

Google Chrome Version: 68.0.3440.106

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

SIH - mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl
Chrome Media Router - mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\mmeli\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\mmeli\AppData\Local\Microsoft\Windows\INetCache\IE\CVR69RSY will be deleted at reboot
C:\Users\mmeli\AppData\Local\Microsoft\Windows\INetCache\IE\RSPW1DHQ will be deleted at reboot
C:\Users\mmeli\AppData\Local\Microsoft\Windows\INetCache\IE\UM0T9738 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache is not empty, a reboot is needed

==== Empty Chrome Cache ======================

C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=10118 folders=2208 3391894236 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\mmeli\AppData\Local\Temp will be emptied at reboot
C:\Users\TEMP\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\mmeli\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\mmeli\AppData\Local\AVAST Software\APM\mmeliFfl2.dat" not found
"C:\Users\mmeli\AppData\Local\AVAST Software\APM\mmeli\kv_pam.db" not found
"C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Users\mmeli\AppData\Local\AVAST Software" not found
"C:\Users\mmeli\AppData\Local\Microsoft\Windows\INetCache\IE\CVR69RSY" not found
"C:\Users\mmeli\AppData\Local\Microsoft\Windows\INetCache\IE\RSPW1DHQ" not found
"C:\Users\mmeli\AppData\Local\Microsoft\Windows\INetCache\IE\UM0T9738" not found
"C:\Users\mmeli\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge" not found
"C:\Users\mmeli\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp" not found

==== EOF on 25.08.2018 at 14:15:08,06 ======================

[TimCZE]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by mmeli (25-08-2018 14:20:48)
Running from C:\Users\mmeli\Downloads
Windows 10 Home Version 1803 17134.228 (X64) (2018-05-15 14:21:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-104165689-936418207-1968852515-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-104165689-936418207-1968852515-503 - Limited - Disabled)
Guest (S-1-5-21-104165689-936418207-1968852515-501 - Limited - Disabled)
mmeli (S-1-5-21-104165689-936418207-1968852515-1001 - Administrator - Enabled) => C:\Users\mmeli
WDAGUtilityAccount (S-1-5-21-104165689-936418207-1968852515-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CS6 version 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 68.0.746.60 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Clustertruck (HKLM-x32\...\{BB09E395-9405-44CA-A17C-98DF998CF216}) (Version: - TinyBuild LLC)
CyberGhost 6 (HKLM\...\CyberGhost 6) (Version: 6.6.0.3645 - CyberGhost S.A.)
Discord (HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{D442B219-3EBE-4EE2-88F9-5A31DF331CB1}) (Version: 1.1.144.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fortnite (HKLM-x32\...\Fortnite) (Version: - Tencent)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Growtopia (remove only) (HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\Growtopia) (Version: - )
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{9bd48a22-fe5a-457c-8f10-da6c2be89eee}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft Note Block Studio version 3.3.4 (HKLM-x32\...\{0E1D8C28-6DCF-452D-A0C4-E08A0E252FE8}_is1) (Version: 3.3.4 - Stuff by David)
My Game Long Name (HKLM\...\UDK-a7c7bd91-0342-4351-8410-85d20a7be3a0) (Version: - Epic Games, Inc.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.0.1 - OBS Project)
Ovládací panel NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Roblox Player for mmeli (HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for mmeli (HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for mmeli (HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.1548 - TeamViewer)
Twitch (HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
WeGame (HKLM-x32\...\WeGameFormal) (Version: - Tencent)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-24] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-08-25] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-24] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-24] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-08-25] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-24] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BE20CE1-EF6C-4475-8D0C-3DAD438DC385} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {62CB7467-B6B7-4DB5-A254-238ED6A260D4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {65AF9FCA-E6A8-4D2A-834A-7C3E9D247192} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {690602F2-5E17-43CD-AA0F-0B46464CCB07} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {72202C5F-D96B-4540-AFDC-1D41CBB1B809} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {79A49601-A1B2-40B1-A4EC-17509D45C857} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {8803E2C3-5FFE-4BB9-8EE1-B5EB8C0844F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-01] (Google Inc.)
Task: {913115CC-4D28-41C6-B6E6-186055BB6641} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-24] (AVAST Software)
Task: {B38A2DCC-B20B-40D9-A579-7D5F129A70B0} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {BDF8A0CF-F03E-4BC7-A08A-F048138D1695} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {CD5E6578-A395-4E49-B431-5892459E0648} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {D099494A-6C50-4E39-BAF0-4D6ECFBF06D3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {E02E687B-A19F-4329-A06B-CA49D7B80543} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-08-24] (AVAST Software)
Task: {E0EE3EC0-3FB3-4214-A097-C6857835BCDF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-01] (Google Inc.)
Task: {FCDFC62E-C53B-4437-85C7-AE849DB07D5F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-05-26 19:29 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-31 17:12 - 2018-07-22 18:55 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-16 14:30 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-20 15:25 - 2018-07-20 15:26 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-20 15:25 - 2018-07-20 15:26 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-20 15:25 - 2018-07-20 15:26 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-20 15:25 - 2018-07-20 15:26 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-20 15:25 - 2018-07-20 15:26 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-08-16 14:20 - 2018-08-16 14:20 - 035124224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-08-16 14:20 - 2018-08-16 14:20 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-08-16 14:20 - 2018-08-16 14:20 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-03-01 16:43 - 2018-03-01 16:45 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-16 14:20 - 2018-08-16 14:20 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-03-01 17:13 - 2018-03-01 17:14 - 098275328 _____ () D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-03-01 17:14 - 2018-03-01 17:14 - 003922432 _____ () D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2018-03-01 17:14 - 2018-03-01 17:14 - 000092672 _____ () D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-08-17 11:49 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-17 11:49 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-05-26 19:29 - 2018-07-19 22:19 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-26 19:29 - 2018-07-19 22:19 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-26 19:29 - 2018-07-19 22:19 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-07-25 11:03 - 2018-07-25 11:03 - 004383232 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll
2018-05-05 18:41 - 2018-07-19 22:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-06-02 20:49 - 2018-06-02 20:49 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-24 19:18 - 2018-08-24 19:18 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-01 16:06 - 2018-07-21 23:07 - 000854304 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-03-01 16:06 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-03-01 16:06 - 2018-08-09 00:43 - 002644768 _____ () C:\Program Files (x86)\Steam\video.dll
2018-03-01 16:06 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-03-01 16:06 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-03-01 16:06 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-03-01 16:06 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-03-01 16:06 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-03-01 16:06 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-03-01 16:06 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-03-01 16:06 - 2018-08-09 00:43 - 001015072 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-03-01 16:06 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-03-01 16:07 - 2018-07-21 23:07 - 000854304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-03-01 16:07 - 2018-07-21 00:24 - 083524896 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2018-03-01 16:07 - 2018-07-21 00:24 - 003732256 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libglesv2.dll
2018-03-01 16:07 - 2018-07-21 00:24 - 000086304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libegl.dll
2018-03-01 16:06 - 2018-07-03 23:58 - 000137504 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\mmeli\OneDrive\Dokumenty\AutomaticSolution Software:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mmeli\OneDrive\Dokumenty\Curse:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mmeli\OneDrive\Dokumenty\Klei:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mmeli\OneDrive\Dokumenty\My Cheat Tables:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mmeli\OneDrive\Dokumenty\My Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mmeli\OneDrive\Dokumenty\My Nopde Tables:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mmeli\OneDrive\Dokumenty\My Spore Creations:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mmeli\OneDrive\Dokumenty\ROBLOX:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mmeli\OneDrive\Dokumenty\Rockstar Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-03-01 15:36 - 2018-08-25 13:59 - 000000841 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-104165689-936418207-1968852515-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{54D84E3D-F7F8-4F9E-BC7D-01531577590D}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{8C324E5D-F062-45A4-9755-1722B89C6F6D}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{CB3172D5-34E3-4780-A945-2DD2CB6C82D6}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{92AE25D9-BC93-4221-A000-907C454854A9}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{10A8B51C-2DE0-43A0-B093-31FC159D024C}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{0961E95A-7A2A-4149-BE0D-E7BB769C042E}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{DB901870-C8FD-42B4-811C-ED5A213FA0C7}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{68FD0911-7E16-4DB7-9A9D-CD6EB18D4928}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{FD32BA31-3C2E-45EA-A2DC-B1BC60D84884}] => (Allow) D:\KOPLAYER\KOPLAYER.exe
FirewallRules: [{95A22C74-9294-4112-97A3-63A537E7BE4D}] => (Allow) D:\KOPLAYER\KOPLAYER.exe
FirewallRules: [{9C53347B-F010-4D34-917C-6AB4E2307101}] => (Allow) D:\KOPLAYER\KOPLAYER.exe
FirewallRules: [{3B932185-F5DA-457D-AC5E-399019A38987}] => (Allow) D:\KOPLAYER\KOPLAYER.exe
FirewallRules: [UDP Query User{6EA2A5C8-6080-4FD6-80E8-9FE3C7C49888}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{DBD9BA91-033F-499C-A455-20C3CECDC9B2}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{5B876666-E957-469F-9CA1-CCFE83A34362}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{B947A270-CFF0-49C8-BFEB-78D91767772E}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{61AABC3F-0C12-43C0-9883-2C98B18BF12A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{D6544D0B-4422-430A-B23E-F29B7044E4E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{58107A75-8684-4BB0-B766-FAB5A912EF80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7DA4BAA5-9949-4A20-B145-691988AC4A49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1B820A91-C541-40BC-B3BE-5B60AB4E0BD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1E174712-7BEE-471F-9EAA-6FD1E936D4CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EB864FC6-7004-42AB-8D06-740FB257CFCD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E49656BC-2243-4D04-BD7F-BDE275562100}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D4990633-4E5B-451A-A198-6E37D8052780}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6FA5FF8F-1AAC-4D26-90D8-8B361B1E9A4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7DCE5067-4432-425C-ADB5-DC21BAB962FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5EF920BA-6097-41D2-8866-426032D24495}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E73BEA8F-212B-4879-8FD9-EA94FB079AD8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8E760A60-000B-4B96-818D-7C86655AFE16}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{51CCC6B7-CA7E-4317-8B34-4209A7FC1C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hobo Tough Life\HoboRPG.exe
FirewallRules: [{B8256D81-8BC8-4844-AA41-4A5A4E02EF4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hobo Tough Life\HoboRPG.exe
FirewallRules: [{2439A8F8-4D55-4E05-ABDD-14CC8440A449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{561F2F0C-A0F1-4BBE-89E7-E142A7CEDC0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{9A419EFA-6A49-4BAD-ADA5-7F680B1926E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{C2FB52C1-6632-405A-B280-D07CA26057E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{1A995E1D-2004-4FE2-B62B-620F33B28564}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5F1C8C0C-681E-46CB-AE4A-6C333E710A8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{403474B4-CE29-4C5C-9011-FA35F410AAFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{EE41756F-F9E4-4785-A044-560D69248363}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [UDP Query User{10BB4B84-6236-40AC-9161-2229FEECF597}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [TCP Query User{B68804E2-FF33-4D3D-A14C-EBA5FF588B87}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{1EB54E0D-FBD3-446B-86A9-A5DE252A30D4}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{EE10030B-6FDB-4CA7-8D36-8316048B8029}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{330A64B3-163E-4460-B55C-F26F6743B744}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{A34D2F56-E5B3-4E55-8B83-243DC338C7D1}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{13FC032A-6798-4F44-BFCD-8FB71EAAFF83}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{898EB50E-F49D-4798-8C79-6DB2916023C3}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{BDB56A7E-125A-4333-BFFF-44EE8BC8DC59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0CDB63BD-B611-4DD8-A21D-DA3A1FABA08B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C9BD6684-9469-4D5F-AD36-88C7F9B89E8B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2AB9CCB9-DF99-4DE4-8D7E-9124B980DF75}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{985EF42B-8EF5-41D7-B8D1-2EE26B01AADC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{2EE81691-35EE-495F-8710-2174A6422E61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{A4513EF5-6BDC-4721-A9BD-7F865DED2A25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9D12F4FC-FF3E-4343-83EC-EA08D9C27FF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{CD6EEEA9-394D-4FE9-AC5A-F0D812FFCE39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{307CA36A-DB70-47FD-B744-98BD70180E9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{52344A57-5FF4-440D-B94C-38FAC91F5969}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{A98C96F8-BA8E-46C4-B117-43588D1202D2}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{A672EB17-6E77-4DD3-BBD9-196CAB687F33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{8671365A-E1EA-41ED-BE93-6C0B33632F30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{8DE76FCE-D4E7-42F5-B917-1C7765BAAECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{B7FE9A29-EAAF-425F-A170-1F2472E46956}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{28582313-B1C7-4E27-91EB-896787CCEBEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{35FF4EEE-C291-4309-9B33-99354894CFF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{8B3C1FD0-B566-4276-B04B-013B82F906FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{7038A28C-31B5-4096-8815-AB47ACBD6F9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{1749D7D0-D852-4359-AA84-B9E7B445F044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{1F375942-3C94-48BF-8327-A7228A77E7E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [TCP Query User{5E4CF1D2-ECB5-4B08-8D5F-104BB3E280A5}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{ABC29B8A-6D18-4722-81E3-EC860B86DFF8}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{640EF085-F701-4EFC-AFFF-D4E166C69CF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{8A377B55-4A3C-4A5F-808B-BDB89C300CA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{42A44CBA-52B0-4B85-BE6E-487671635451}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6F6DA54A-2676-4EC3-8029-7513D1BE9ED9}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BB6200F6-6813-4C43-9A05-DFB9DF0DA91F}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{657EBB8D-309D-410A-A0A5-5435BD923F98}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{826C834E-353C-4B7A-8428-C60DB520DBD3}] => (Allow) D:\SteamLibrary\steamapps\common\Portal\hl2.exe
FirewallRules: [{6071506E-973E-4DC5-A965-9100052296F7}] => (Allow) D:\SteamLibrary\steamapps\common\Portal\hl2.exe
FirewallRules: [{D630B564-56FD-4B42-95FE-7405A14572FA}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{6581666C-49B0-4953-9C30-6B2D18D4679F}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{4EF537F0-992E-48D7-9509-EA2D8D3F0E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E2354A9C-F9D7-448E-B727-A372A0B1B9BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{35D53538-4B13-4002-8B7C-54D6AAE9457D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6B7D15A-C733-4BC0-8864-29D51550BC14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{751215F1-07EC-4A73-852F-CE9C92165051}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Custom Night\Ultimate Custom Night.exe
FirewallRules: [{27689028-23EE-4E83-ADB5-5EB40531AB06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Custom Night\Ultimate Custom Night.exe
FirewallRules: [{50EC5CC2-FBC4-4D91-8C92-BFC03E738C8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{781CF423-B364-4C44-B711-295174574BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{9855822A-B9C3-4B5E-BC08-A4858ABE4C09}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{DABC1270-72C0-4CDB-8577-638E6DCC7399}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{E02890DA-DAFF-45C7-A781-E3AFA04D73EF}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B397C3AF-FB0E-48AC-8335-6AB554AD75D4}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{D53BF180-37C2-450F-8024-1B141F6DAADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{259BB06D-5782-4E3C-8C44-E6A02897283C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{A001F4A3-E7FD-45F8-AD9F-CA58FA0EA917}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{587C362A-C870-468D-8CFC-FEA69CA51296}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{9D4D35D8-D842-4A10-9F4C-2BB09D8F7A03}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{FD98666E-DD89-425A-81FF-424872F1841E}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5F03C5CA-539F-4604-8B24-B964D9E88CC5}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{3341852E-AC6A-406F-97FC-F3EB4E370774}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{A72C2DC8-C958-476E-9143-E19EB3A36401}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6E6481BB-781E-473D-B553-80C8AA86D97E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{F800E97A-74CB-43A3-88C0-040C75DCCB9A}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{4FFE078F-0B61-44E1-84FC-7286B6F482C5}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{9B11D810-C3CA-4472-AF6D-338EDC331A0F}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{492A4B3E-2DFB-460F-B685-36EA5E9C1D7C}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{7CAA94BD-589D-4984-B3A3-7D46C8E4678D}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{38FBF13E-37B1-4838-AA97-D8B132E3B1E0}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{313080BA-698B-48A8-AB5B-EBEB473B0045}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{67359F09-CFBB-4045-99D9-FA7EDB1D5179}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{623DB94C-EA47-40B4-9820-888E8F76F384}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{EBD1418F-3E51-4F57-BC7D-7DF39C98BF38}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

25-08-2018 00:23:56 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/25/2018 01:55:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x2924
Čas spuštění chybující aplikace: 0x01d43c6751529e9b
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: a92a6645-4ae8-4c5c-8eb8-f9346e73be67
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/25/2018 01:52:54 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (08/25/2018 01:52:54 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (08/25/2018 01:52:47 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (08/25/2018 01:52:47 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (08/25/2018 12:31:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: QuietHours.dll, verze: 10.0.17134.165, časové razítko: 0xa4eee2d0
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004bae4
ID chybujícího procesu: 0x568
Čas spuštění chybující aplikace: 0x01d43c5c0e6d296b
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\QuietHours.dll
ID zprávy: c7c0913e-676b-4f84-a40a-0166dba4629f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/25/2018 09:58:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0xa68
Čas spuštění chybující aplikace: 0x01d43c43e890d16e
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: d98f965b-8c2b-42cb-8b3a-02d271961095
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/25/2018 09:13:59 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000


System errors:
=============
Error: (08/25/2018 02:15:31 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec 00FFF6E4A818. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (08/25/2018 02:15:29 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2R88NAU)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-2R88NAU\mmeli (SID: S-1-5-21-104165689-936418207-1968852515-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/25/2018 02:15:26 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2R88NAU)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-2R88NAU\mmeli (SID: S-1-5-21-104165689-936418207-1968852515-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/25/2018 02:15:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2R88NAU)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-2R88NAU\mmeli (SID: S-1-5-21-104165689-936418207-1968852515-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/25/2018 02:11:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (08/25/2018 02:11:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (08/25/2018 02:11:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (08/25/2018 02:11:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Windows Defender:
===================================
Date: 2018-06-02 20:06:23.660
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Skeeyah.A!bit
ID: 2147695505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\mmeli\OneDrive\Plocha\[ViperVenom] Reveil v3\[ViperVenom] Reveil v3\Scripts\Skisploit\Skisploit\Skisploit.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT Authority\System
Název procesu: System
Verze podpisu: AV: 1.269.518.0, AS: 1.269.518.0, NIS: 1.269.518.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-02 19:38:30.301
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Skeeyah.A!bit
ID: 2147695505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\mmeli\OneDrive\Plocha\[ViperVenom] Reveil v3.zip;file:_C:\Users\mmeli\OneDrive\Plocha\[ViperVenom] Reveil v3.zip->[ViperVenom] Reveil v3/Scripts/Skisploit/Skisploit/Skisploit.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: DESKTOP-2R88NAU\mmeli
Název procesu: Unknown
Verze podpisu: AV: 1.269.518.0, AS: 1.269.518.0, NIS: 1.269.518.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-02 19:35:41.646
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Skeeyah.A!bit
ID: 2147695505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\Malwarebytes\MBAMService\5ee53cbc-668b-11e8-85f0-1c1b0dfae078
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Verze podpisu: AV: 1.269.518.0, AS: 1.269.518.0, NIS: 1.269.518.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-02 17:54:05.349
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Skeeyah.A!bit
ID: 2147695505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\mmeli\Downloads\[ViperVenom] Reveil v3.zip;file:_C:\Users\mmeli\Downloads\[ViperVenom] Reveil v3.zip->[ViperVenom] Reveil v3/Scripts/Skisploit/Skisploit/Skisploit.exe;webfile:_C:\Users\mmeli\Downloads\[ViperVenom] Reveil v3.zip|about:internet|pid:54748,ProcessStart:131724212372842044
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: DESKTOP-2R88NAU\mmeli
Název procesu: Unknown
Verze podpisu: AV: 1.269.518.0, AS: 1.269.518.0, NIS: 1.269.518.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-02 17:53:39.485
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Skeeyah.A!bit
ID: 2147695505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\mmeli\Downloads\[ViperVenom] Reveil v3.zip;file:_C:\Users\mmeli\Downloads\[ViperVenom] Reveil v3.zip->[ViperVenom] Reveil v3/Scripts/Skisploit/Skisploit/Skisploit.exe;webfile:_C:\Users\mmeli\Downloads\[ViperVenom] Reveil v3.zip|about:internet|pid:54748,ProcessStart:131724212372842044
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: DESKTOP-2R88NAU\mmeli
Název procesu: Unknown
Verze podpisu: AV: 1.269.518.0, AS: 1.269.518.0, NIS: 1.269.518.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-02 09:20:41.380
Description:
Virtuální počítač Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\ProgramData\Malwarebytes\MBAMService\73ab377e-6635-11e8-ad1c-1c1b0dfae078
Sha256:
Aktuální verze podpisu: AV: 1.269.471.0, AS: 1.269.471.0
Aktuální verze modulu: 1.1.14901.4
Kód chyby: 0x80508016

Date: 2018-05-30 19:45:41.733
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-05-27 17:21:45.130
Description:
Virtuální počítač Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\ProgramData\Malwarebytes\MBAMService\a720445a-61c1-11e8-b600-1c1b0dfae078
Sha256:
Aktuální verze podpisu: AV: 1.269.149.0, AS: 1.269.149.0
Aktuální verze modulu: 1.1.14901.4
Kód chyby: 0x80508016

CodeIntegrity:
===================================

Date: 2018-08-20 11:33:15.495
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wd\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-08-20 11:33:15.254
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-08-20 11:33:14.909
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswbuniva.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-08-20 11:33:14.898
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswbidsha.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-07-02 21:49:39.171
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-02 21:49:39.146
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-02 16:04:36.868
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-02 16:04:36.864
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-7600 CPU @ 3.50GHz
Percentage of memory in use: 24%
Total physical RAM: 16343.95 MB
Available physical RAM: 12362.8 MB
Total Virtual: 17367.95 MB
Available Virtual: 11895.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.18 GB) (Free:257.5 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:592.58 GB) NTFS

\\?\Volume{e2037bf2-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{e2037bf2-0000-0000-0000-00ab6f000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: E2037BF2)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=468 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 56FF8EC8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[TimCZE]

Ten druhý je moc dlouhý
tak jsem ho dal sem https://pastebin.com/Peu5AsBZ

[jaro3]

-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

[TimCZE]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by mmeli (administrator) on DESKTOP-2R88NAU (25-08-2018 14:20:27)
Running from C:\Users\mmeli\Downloads
Loaded Profiles: mmeli (Available Profiles: mmeli)
Platform: Windows 10 Home Version 1803 17134.228 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Epic Games, Inc.) D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-24] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2018-05-30] (LogMeIn Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3206432 2018-08-09] (Valve Corporation)
HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\Run: [EpicGamesLauncher] => D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1457880 2018-07-30] (CyberGhost S.A.)
HKU\S-1-5-21-104165689-936418207-1968852515-1001\...\Run: [GoogleChromeAutoLaunch_7314967452FAC0D021CE3B56656D72DA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1577816 2018-08-08] (Google Inc.)
Startup: C:\Users\mmeli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-05-10]
ShortcutTarget: Twitch.lnk -> C:\Users\mmeli\AppData\Roaming\Twitch\Bin\Twitch.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{573c63ab-0893-4828-9292-9f3430ff0f2a}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-104165689-936418207-1968852515-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2018-06-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2018-06-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-06-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-03] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2018-06-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2018-06-03] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-03] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Profile: C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default [2018-08-25]
CHR Extension: (Prezentace) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-01]
CHR Extension: (Ninja Miner) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\annleikkbaaaecaaopjgkgjjmnlbjndl [2018-03-01]
CHR Extension: (Dokumenty) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-01]
CHR Extension: (Disk Google) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-01]
CHR Extension: (YouTube) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-01]
CHR Extension: (Steam Inventory Helper) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2018-08-24]
CHR Extension: (Tabulky) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\mmeli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-24] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-02] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-24] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-02] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-24] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-16] ()
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [205016 2018-07-30] (CyberGhost S.A.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-07-24] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3346856 2018-05-30] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11294448 2018-03-09] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-24] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-24] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-24] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-24] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-24] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-07-30] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249016 2018-08-24] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-24] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163272 2018-08-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-24] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467232 2018-08-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214800 2018-08-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-24] (AVAST Software)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2018-05-23] (LogMeIn Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-25] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_485c1c3102021986\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [68112 2018-06-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-08-25] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-08-25] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-25 14:19 - 2018-08-25 14:20 - 000059365 _____ C:\Users\mmeli\Downloads\Addition.txt
2018-08-25 14:19 - 2018-08-25 14:20 - 000019497 _____ C:\Users\mmeli\Downloads\FRST.txt
2018-08-25 14:19 - 2018-08-25 14:20 - 000000000 ____D C:\FRST
2018-08-25 14:18 - 2018-08-25 14:18 - 002413056 _____ (Farbar) C:\Users\mmeli\Downloads\FRST64.exe
2018-08-25 14:15 - 2018-08-25 14:15 - 000000000 ___HD C:\OneDriveTemp
2018-08-25 14:15 - 2018-08-25 14:15 - 000000000 ____D C:\Users\mmeli\AppData\Local\AVAST Software
2018-08-25 14:14 - 2018-08-25 14:14 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-08-25 14:14 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2018-08-25 13:56 - 2018-08-25 14:11 - 000000000 ____D C:\zoek_backup
2018-08-25 13:56 - 2018-08-25 13:56 - 002038755 _____ C:\Users\mmeli\Downloads\zoek.exe
2018-08-25 08:56 - 2018-08-25 13:35 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-08-25 08:54 - 2018-08-25 08:54 - 000000000 ____D C:\ProgramData\RogueKiller
2018-08-25 08:53 - 2018-08-25 08:53 - 027105848 _____ (Adlice Software) C:\Users\mmeli\Downloads\RogueKiller_portable64.exe
2018-08-25 08:52 - 2018-08-25 08:52 - 000000037 _____ C:\Users\mmeli\Downloads\file-not-found.txt
2018-08-25 08:48 - 2018-08-25 14:20 - 000082654 _____ C:\WINDOWS\ZAM.krnl.trace
2018-08-25 08:48 - 2018-08-25 14:20 - 000057423 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-08-25 08:48 - 2018-08-25 08:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2018-08-25 08:48 - 2018-08-25 08:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2018-08-25 08:48 - 2018-08-25 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-08-25 08:48 - 2018-08-25 08:48 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-08-25 08:47 - 2018-08-25 08:47 - 006625600 _____ (Zemana Ltd. ) C:\Users\mmeli\Downloads\Zemana.AntiMalware.Setup (1).exe
2018-08-25 08:47 - 2018-08-25 08:47 - 000000000 ____D C:\Users\mmeli\AppData\Local\Zemana
2018-08-25 08:46 - 2018-08-25 08:46 - 006625600 _____ (Zemana Ltd. ) C:\Users\mmeli\Downloads\Zemana.AntiMalware.Setup.exe
2018-08-25 00:51 - 2018-08-25 00:51 - 000000000 ____D C:\ProgramData\Sophos
2018-08-25 00:48 - 2018-08-25 00:50 - 204028112 _____ (Sophos Limited) C:\Users\mmeli\Downloads\Sophos Virus Removal Tool.exe
2018-08-25 00:22 - 2018-08-25 00:22 - 001790024 _____ (Malwarebytes) C:\Users\mmeli\Downloads\JRT.exe
2018-08-25 00:01 - 2018-08-25 00:02 - 000000000 ____D C:\AdwCleaner
2018-08-25 00:01 - 2018-08-25 00:01 - 007395536 _____ (Malwarebytes) C:\Users\mmeli\Downloads\AdwCleaner.exe
2018-08-24 23:56 - 2018-08-24 23:56 - 000448512 _____ (OldTimer Tools) C:\Users\mmeli\Downloads\TFC.exe
2018-08-24 23:55 - 2018-08-24 23:55 - 000050688 _____ (Atribune.org) C:\Users\mmeli\Downloads\ATF-Cleaner.exe
2018-08-24 22:31 - 2018-08-24 22:31 - 001279536 _____ C:\Users\mmeli\Downloads\avg_remover_nimda.exe
2018-08-24 21:35 - 2018-08-24 21:35 - 000000000 ____D C:\KVRT_Data
2018-08-24 21:34 - 2018-08-24 21:35 - 147346216 _____ (Kaspersky Lab ZAO) C:\Users\mmeli\Downloads\KVRT.exe
2018-08-24 19:34 - 2018-08-24 19:34 - 000388608 _____ (Trend Micro Inc.) C:\Users\mmeli\Downloads\HijackThis.exe
2018-08-24 19:18 - 2018-08-24 19:18 - 000379608 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-08-23 14:34 - 2018-08-23 14:36 - 062836972 _____ C:\Users\mmeli\Downloads\ReThemedLANC.rar
2018-08-21 23:05 - 2018-08-21 23:05 - 000020235 _____ C:\Users\mmeli\Downloads\Pokebot.ts3_plugin
2018-08-19 23:19 - 2018-08-19 23:19 - 004279416 _____ (ESET) C:\Users\mmeli\Downloads\eset_nod32_antivirus_live_installer.exe
2018-08-19 21:12 - 2018-08-19 21:12 - 746908542 _____ C:\Users\mmeli\Downloads\CSSContent_Jun2018.zip
2018-08-19 16:49 - 2018-08-19 16:49 - 000057102 _____ C:\Users\mmeli\Downloads\dsound 1.10 (MistermodzZ).rar
2018-08-19 16:48 - 2018-08-19 16:48 - 000351340 _____ C:\Users\mmeli\Downloads\MisterModzZ 1.10.rar
2018-08-17 11:49 - 2018-08-25 13:33 - 000003350 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9AF66DB3-89A5-4015-A179-3F2E5145E8A9}
2018-08-16 17:42 - 2018-08-16 17:42 - 000000000 ____D C:\Users\mmeli\AppData\Roaming\Mael
2018-08-16 17:28 - 2018-08-16 17:28 - 000872029 _____ C:\Users\mmeli\Downloads\HxDSetupEN.zip
2018-08-16 17:27 - 2018-08-16 17:27 - 000001094 _____ C:\Users\mmeli\Downloads\Fortnite Skin CODE NAMES.rar
2018-08-16 14:30 - 2018-08-03 10:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-16 14:30 - 2018-08-03 10:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-16 14:30 - 2018-08-03 10:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-16 14:30 - 2018-08-03 10:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-16 14:30 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-16 14:30 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-16 14:30 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-16 14:30 - 2018-08-03 10:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-16 14:30 - 2018-08-03 10:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-16 14:30 - 2018-08-03 10:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-16 14:30 - 2018-08-03 10:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-16 14:30 - 2018-08-03 10:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-16 14:30 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-16 14:30 - 2018-08-03 10:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-16 14:30 - 2018-08-03 10:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-16 14:30 - 2018-08-03 10:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-16 14:30 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-16 14:30 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-16 14:30 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-16 14:30 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-16 14:30 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-16 14:30 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-16 14:30 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-16 14:30 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-16 14:30 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-16 14:30 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-16 14:30 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-16 14:30 - 2018-08-03 07:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-16 14:30 - 2018-08-03 06:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-16 14:30 - 2018-08-03 05:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-16 14:30 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-16 14:30 - 2018-08-03 05:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-16 14:30 - 2018-08-03 05:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-16 14:30 - 2018-08-03 05:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-16 14:30 - 2018-08-03 05:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-16 14:30 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-16 14:30 - 2018-08-03 05:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-16 14:30 - 2018-08-03 05:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-16 14:30 - 2018-08-03 05:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-16 14:30 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-16 14:30 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-16 14:30 - 2018-08-03 05:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-16 14:30 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-16 14:30 - 2018-08-03 05:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-16 14:30 - 2018-08-03 05:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-16 14:30 - 2018-08-03 05:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-16 14:30 - 2018-08-03 05:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-16 14:30 - 2018-08-03 05:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-08-16 14:30 - 2018-08-03 05:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-16 14:30 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-16 14:30 - 2018-08-03 05:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-16 14:30 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-16 14:30 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-16 14:30 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-16 14:30 - 2018-08-03 05:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-16 14:30 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-16 14:30 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-16 14:30 - 2018-08-03 05:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-16 14:30 - 2018-08-03 05:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-16 14:30 - 2018-08-03 05:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-16 14:30 - 2018-08-03 05:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-16 14:30 - 2018-08-03 05:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-16 14:30 - 2018-08-03 05:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-16 14:30 - 2018-08-03 05:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-16 14:30 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-16 14:30 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-16 14:30 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-16 14:30 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-16 14:30 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-16 14:30 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-16 14:30 - 2018-08-03 05:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-16 14:30 - 2018-08-03 05:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-16 14:30 - 2018-08-03 05:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-16 14:30 - 2018-08-03 05:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-16 14:30 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-16 14:30 - 2018-08-03 05:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-16 14:30 - 2018-08-03 05:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-16 14:30 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-16 14:30 - 2018-08-03 05:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-16 14:30 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-16 14:30 - 2018-08-03 05:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-16 14:30 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-16 14:30 - 2018-08-03 05:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-16 14:30 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-16 14:30 - 2018-08-03 05:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-16 14:30 - 2018-08-03 05:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-16 14:30 - 2018-08-03 05:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-16 14:30 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-16 14:30 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-16 14:30 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-16 14:30 - 2018-08-03 05:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-16 14:30 - 2018-08-03 05:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-16 14:30 - 2018-08-03 05:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-16 14:30 - 2018-08-03 05:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-16 14:30 - 2018-08-03 05:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-16 14:30 - 2018-08-03 05:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-16 14:30 - 2018-08-03 05:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-16 14:30 - 2018-08-03 05:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-16 14:30 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-16 14:30 - 2018-08-03 05:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-16 14:30 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-16 14:30 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-16 14:30 - 2018-08-03 05:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-16 14:30 - 2018-08-03 05:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-16 14:30 - 2018-08-03 05:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-16 14:30 - 2018-08-03 05:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-16 14:30 - 2018-08-03 05:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-16 14:30 - 2018-08-03 05:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-16 14:30 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-16 14:30 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-16 14:30 - 2018-08-03 05:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-16 14:30 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-16 14:30 - 2018-08-03 05:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-16 14:30 - 2018-08-03 05:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-16 14:30 - 2018-08-03 05:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-16 14:30 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-16 14:30 - 2018-08-03 05:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-16 14:30 - 2018-08-03 05:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-16 14:30 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-16 14:30 - 2018-08-03 05:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-16 14:30 - 2018-08-03 05:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-16 14:30 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-16 14:30 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-16 14:30 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-16 14:30 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-16 14:30 - 2018-08-03 05:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-16 14:30 - 2018-08-03 05:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-16 14:30 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-16 14:30 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-16 14:30 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-16 14:30 - 2018-08-03 05:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-16 14:30 - 2018-08-03 05:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-16 14:30 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-16 14:30 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-16 14:30 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-16 14:30 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-16 14:30 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-16 14:30 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-16 14:30 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-16 14:30 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-16 14:30 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-16 14:30 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-16 14:30 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-16 14:30 - 2018-08-03 03:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-16 14:30 - 2018-07-15 02:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-16 14:30 - 2018-07-15 02:56 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-16 14:30 - 2018-07-15 02:44 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-16 14:30 - 2018-07-15 02:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-16 14:30 - 2018-07-15 02:43 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-16 14:30 - 2018-07-15 02:42 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-16 14:30 - 2018-07-15 02:42 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-16 14:30 - 2018-07-15 02:41 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-16 14:30 - 2018-07-15 02:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-16 14:30 - 2018-07-15 02:39 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-16 14:30 - 2018-07-15 02:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-16 14:30 - 2018-07-15 02:38 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-16 14:30 - 2018-07-15 02:38 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-16 14:30 - 2018-07-15 02:38 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-16 14:30 - 2018-07-15 02:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-16 14:30 - 2018-07-15 02:36 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-16 14:30 - 2018-07-15 01:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-16 14:30 - 2018-07-15 01:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-16 14:30 - 2018-07-15 01:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-16 14:30 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-16 14:30 - 2018-07-15 01:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-16 14:30 - 2018-07-15 01:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-16 14:30 - 2018-07-15 01:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-16 14:30 - 2018-07-15 01:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-16 14:30 - 2018-07-15 01:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-16 14:30 - 2018-07-15 01:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-16 14:30 - 2018-07-14 08:46 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-16 14:30 - 2018-07-14 08:42 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-16 14:30 - 2018-07-14 06:37 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-16 14:30 - 2018-07-14 06:37 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-16 14:30 - 2018-07-14 06:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-16 14:30 - 2018-07-14 06:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-16 14:30 - 2018-07-14 06:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-16 14:30 - 2018-07-14 06:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-16 14:30 - 2018-07-14 06:22 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-16 14:30 - 2018-07-14 06:21 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-16 14:30 - 2018-07-14 06:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-16 14:30 - 2018-07-14 06:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-16 14:30 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-16 14:30 - 2018-07-14 06:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-16 14:30 - 2018-07-14 06:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-16 14:30 - 2018-07-14 06:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-16 14:30 - 2018-07-14 06:19 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-16 14:30 - 2018-07-14 06:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-16 14:30 - 2018-07-14 06:18 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-16 14:30 - 2018-07-14 06:18 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-16 14:30 - 2018-07-14 06:18 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-16 14:30 - 2018-07-14 06:18 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-16 14:30 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-16 14:30 - 2018-07-14 06:18 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-16 14:30 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-16 14:30 - 2018-07-14 06:17 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-16 14:30 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-16 14:30 - 2018-07-14 06:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-16 14:30 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-16 14:30 - 2018-07-14 06:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-16 14:30 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-16 14:30 - 2018-07-14 06:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-16 14:30 - 2018-07-14 06:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-16 14:30 - 2018-07-14 06:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-16 14:30 - 2018-07-14 05:59 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-16 14:30 - 2018-07-14 05:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-16 14:30 - 2018-07-14 05:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-16 14:30 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-16 14:30 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-16 14:30 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-16 14:30 - 2018-07-14 05:57 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-16 14:30 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-16 14:30 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-16 14:30 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-16 14:30 - 2018-07-14 05:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-16 14:30 - 2018-07-14 05:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-16 14:30 - 2018-07-14 05:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-16 14:30 - 2018-07-14 05:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-16 14:30 - 2018-07-14 05:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-16 14:30 - 2018-07-14 05:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-16 14:30 - 2018-07-14 05:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-16 14:30 - 2018-07-14 05:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-16 14:30 - 2018-07-14 05:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-16 14:30 - 2018-07-14 05:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-16 14:30 - 2018-07-14 05:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-16 14:30 - 2018-07-14 05:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-16 14:30 - 2018-07-14 05:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-16 14:30 - 2018-07-14 05:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-16 14:30 - 2018-07-14 05:51 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-16 14:30 - 2018-07-14 05:51 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-16 14:30 - 2018-07-14 05:51 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-16 14:30 - 2018-07-14 05:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-16 14:30 - 2018-07-14 05:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-16 14:30 - 2018-07-14 05:51 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-16 14:30 - 2018-07-14 05:50 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-16 14:30 - 2018-07-14 05:49 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-16 14:30 - 2018-07-13 06:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-02 12:19 - 2018-08-02 12:19 - 000127488 _____ C:\Users\mmeli\Downloads\40271106.xls
2018-07-30 22:35 - 2018-07-30 22:35 - 000000000 _____ C:\Users\mmeli\Downloads\Try Not To Laugh Challenge [Mpgun.com].mp4
2018-07-30 22:08 - 2018-07-30 22:08 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-07-30 12:10 - 2018-08-24 19:22 - 000000000 ____D C:\Users\mmeli\AppData\Local\CyberGhost
2018-07-30 12:10 - 2018-07-30 12:11 - 000000000 ____D C:\Program Files\CyberGhost 6
2018-07-30 12:10 - 2018-07-30 12:10 - 000065752 _____ (CyberGhost S.A.) C:\Users\mmeli\Downloads\cgsetup_en_ivW8pxxbg3JkSKxVyYje.exe
2018-07-30 12:10 - 2018-07-30 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
2018-07-30 12:10 - 2018-07-30 12:10 - 000000000 ____D C:\Program Files\TAP-Windows
2018-07-29 20:53 - 2018-07-29 20:56 - 000000000 ____D C:\Users\mmeli\AppData\Roaming\UserCache
2018-07-27 19:35 - 2018-07-27 19:35 - 000000000 ____D C:\Users\mmeli\AppData\LocalLow\Adobe
2018-07-27 19:34 - 2018-07-27 19:34 - 000000000 ____D C:\Users\mmeli\AppData\Roaming\Adobe
2018-07-27 19:34 - 2018-07-27 19:34 - 000000000 ____D C:\ProgramData\Adobe
2018-07-27 13:10 - 2018-07-27 13:10 - 000348091 _____ C:\Users\mmeli\Downloads\MisterModzZ 1.44.rar
2018-07-27 13:09 - 2018-07-27 13:09 - 000057102 _____ C:\Users\mmeli\Downloads\dsound 1.44.rar
2018-07-26 15:08 - 2018-07-26 15:08 - 000242110 _____ C:\Users\mmeli\Downloads\Loader.zip
2018-07-26 10:10 - 2018-07-29 11:55 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-07-26 10:10 - 2018-07-26 10:10 - 000000000 ____D C:\Users\mmeli\OneDrive\Dokumenty\Rockstar Games
2018-07-26 10:10 - 2018-07-26 10:10 - 000000000 ____D C:\Users\mmeli\AppData\Local\Rockstar Games
2018-07-26 10:09 - 2018-07-29 11:55 - 000000000 ____D C:\Program Files\Rockstar Games

[TimCZE]

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-25 14:17 - 2018-03-01 15:46 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-25 14:16 - 2018-06-03 17:56 - 000000000 ____D C:\Users\mmeli\AppData\Local\LogMeIn Hamachi
2018-08-25 14:15 - 2018-06-02 20:48 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-08-25 14:15 - 2018-03-01 16:05 - 000000000 ____D C:\Program Files (x86)\Steam
2018-08-25 14:15 - 2018-03-01 15:53 - 000000000 ___RD C:\Users\mmeli\OneDrive
2018-08-25 14:14 - 2018-05-15 16:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-25 14:14 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-25 14:14 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-25 14:14 - 2018-03-17 19:55 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-08-25 14:11 - 2018-05-15 16:18 - 000000000 ____D C:\Users\mmeli
2018-08-25 14:11 - 2018-03-01 15:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-08-25 13:55 - 2018-05-06 16:25 - 000000000 ____D C:\Users\mmeli\AppData\Local\CrashDumps
2018-08-25 13:34 - 2018-03-01 16:08 - 000000000 ____D C:\Users\mmeli\AppData\Roaming\TS3Client
2018-08-25 13:33 - 2018-06-02 20:49 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-08-25 13:33 - 2018-05-26 19:29 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-26 19:29 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-26 19:29 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-26 19:29 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-26 19:29 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-15 16:21 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-25 13:33 - 2018-05-15 16:21 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-15 16:21 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-15 16:21 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-25 13:33 - 2018-05-15 16:21 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-15 16:21 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-15 16:21 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-104165689-936418207-1968852515-1001
2018-08-25 13:33 - 2018-05-15 16:21 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 13:33 - 2018-05-15 16:21 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-25 00:08 - 2018-05-15 16:26 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-25 00:08 - 2018-04-12 17:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2018-08-25 00:08 - 2018-04-12 17:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2018-08-25 00:08 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-24 23:53 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-24 22:36 - 2018-07-24 22:38 - 000000000 ____D C:\Users\mmeli\AppData\Local\FalloutShelter
2018-08-24 21:36 - 2018-03-18 19:21 - 000000000 ____D C:\Users\mmeli\AppData\Roaming\obs-studio
2018-08-24 19:22 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-24 19:18 - 2018-06-02 20:48 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000467232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000381560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000249016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000229384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000214800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000201320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000199712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000163272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000111864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000059568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-24 19:18 - 2018-06-02 20:48 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-24 17:39 - 2018-04-04 20:47 - 000000582 _____ C:\Users\mmeli\OneDrive\Dokumenty\ClownfishForTeamspeak.ini
2018-08-24 12:37 - 2018-03-01 15:51 - 000000000 ____D C:\Users\mmeli\AppData\Local\VirtualStore
2018-08-24 11:40 - 2018-05-15 16:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-24 11:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-22 11:55 - 2018-03-01 16:49 - 000000000 ____D C:\Users\mmeli\AppData\Local\Growtopia
2018-08-21 22:37 - 2018-03-01 18:12 - 000000000 ____D C:\Users\mmeli\AppData\Roaming\.minecraft
2018-08-20 16:57 - 2018-06-02 20:51 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-19 23:15 - 2018-03-03 10:32 - 000000250 _____ C:\Users\mmeli\AppData\LocalLow\rbxcsettings.rbx
2018-08-19 23:15 - 2018-03-03 10:32 - 000000000 ____D C:\Users\mmeli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-08-17 11:49 - 2018-03-01 15:56 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-17 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-16 18:38 - 2018-05-15 16:17 - 000234144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-16 18:38 - 2018-03-01 15:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-16 18:38 - 2018-03-01 15:51 - 000000000 ___RD C:\Users\mmeli\3D Objects
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-16 18:37 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-16 18:37 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-16 14:32 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-16 14:30 - 2018-03-02 15:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-16 14:29 - 2018-03-02 15:33 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-16 14:18 - 2018-05-15 16:18 - 000002387 _____ C:\Users\mmeli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-06 17:19 - 2018-04-12 01:41 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-06 17:19 - 2018-04-12 01:41 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-03 17:42 - 2018-04-15 09:35 - 000000000 ____D C:\Users\mmeli\AppData\Local\ElevatedDiagnostics
2018-08-03 12:56 - 2018-06-25 21:41 - 000000000 ____D C:\ProgramData\Packages
2018-07-30 16:10 - 2018-05-15 16:28 - 000000000 ____D C:\Users\mmeli\AppData\Local\D3DSCache
2018-07-27 19:42 - 2018-03-13 19:38 - 000000132 _____ C:\Users\mmeli\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-07-27 10:07 - 2018-03-01 15:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

==================== Files in the root of some directories =======

2018-03-13 19:38 - 2018-07-27 19:42 - 000000132 _____ () C:\Users\mmeli\AppData\Roaming\Adobe PNG Format CS6 Prefs

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-15 16:17

==================== End of FRST.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
Task: {8803E2C3-5FFE-4BB9-8EE1-B5EB8C0844F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-01] (Google Inc.)
Task: {E0EE3EC0-3FB3-4214-A097-C6857835BCDF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-01] (Google Inc.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
ShortcutTarget: Twitch.lnk -> C:\Users\mmeli\AppData\Roaming\Twitch\Bin\Twitch.exe (No File)
SearchScopes: HKU\S-1-5-21-104165689-936418207-1968852515-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

C:\Users\mmeli\AppData\Roaming\Mael --- tento program znáš?


C:\Users\mmeli\OneDrive\Plocha\[ViperVenom] Reveil v3\[ViperVenom] Reveil v3\Scripts\Skisploit\Skisploit\Skisploit.exe
Cesta: containerfile:_C:\Users\mmeli\OneDrive\Plocha\[ViperVenom] Reveil v3.zip;file:_C:\Users\mmeli\OneDrive\Plocha\[ViperVenom] Reveil v3.zip->[ViperVenom] Reveil v3/Scripts/Skisploit/Skisploit/Skisploit.exe
C:\ProgramData\Malwarebytes\MBAMService\5ee53cbc-668b-11e8-85f0-1c1b0dfae078
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
C:\Users\mmeli\Downloads\[ViperVenom] Reveil v3.zip;file
ty soubory budou asi zavirované..

[TimCZE]

Promiňte za otázku ale chci se ujistit ... takže otevřu FIRST a dám tam ten fixlist.txt co jsem uložil.
A jak se zbavím těch zavirovaných souboru?

[jaro3]

Ten fixlist si musíš dát na uložit na plochu. frst.exe musíš mít taky na ploše. Spustíš ho frst.exe a klikneš v něm na fix.
program si ten script na ploše najde sám.