Eset předchází k otevření static.adsnative Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Nighters
Level 2.5
Level 2.5
Příspěvky: 253
Registrován: červen 14
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative

Příspěvekod Nighters » 04 bře 2019 20:26

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by peter (administrator) on DESKTOP-452CQVQ (04-03-2019 20:24:06)
Running from C:\Users\Nighters\Desktop
Loaded Profiles: peter & Nighters (Available Profiles: peter & Nighters)
Platform: Windows 10 Pro Version 1809 17763.316 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Zemana D.O.O. Sarajevo -> Copyright 2018.) D:\Software\Zemana AntiMalware\ZAM.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Cinema 3\Sound Blaster Cinema 3\SBCinema3.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Pinnula) [File not signed] C:\Program Files\WindowsApps\55888ChristopheLavalle.DynamicTheme_1.4.30212.0_x64__jdggxwd41xcr0\Pinnula.DynamicThemeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google LLC -> Google) C:\Users\Nighters\AppData\Local\Google\Chrome\User Data\SwReporter\38.192.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Nighters\AppData\Local\Google\Chrome\User Data\SwReporter\38.192.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Nighters\AppData\Local\Google\Chrome\User Data\SwReporter\38.192.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Nighters\AppData\Local\Google\Chrome\User Data\SwReporter\38.192.200.3\software_reporter_tool.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2019-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [41088 2014-02-21] (Creative Technology Ltd -> Creative Technology Ltd.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-11-29] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [ZAM] => D:\Software\Zemana AntiMalware\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
HKLM-x32\...\Run: [Sound Blaster Cinema 3] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 3\Sound Blaster Cinema 3\SBCinema3.exe [1464832 2016-07-29] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [700328 2017-01-06] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-3387105439-1097537418-4165403734-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3144480 2019-02-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-3387105439-1097537418-4165403734-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3387105439-1097537418-4165403734-1001\...\Run: [Fatal1tySTU] => [X]
HKU\S-1-5-21-3387105439-1097537418-4165403734-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\...\Run: [Spotify] => C:\Users\Nighters\AppData\Roaming\Spotify\Spotify.exe [26154216 2019-02-10] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\...\Run: [GalaxyClient] => D:\Games\GOG Galaxy\GalaxyClient.exe [7415880 2018-12-20] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-21] (Google LLC -> Google Inc.)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{51446afe-c7a1-412c-b20e-353f0080fea5}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{6a3eadd6-1b55-4aa6-ac12-7caac65453ea}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3387105439-1097537418-4165403734-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3387105439-1097537418-4165403734-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-11] (Google Inc -> Google Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1290744 2017-01-06] (Autodesk, Inc -> Autodesk Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-07] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-11-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-11-29] (ESET, spol. s r.o. -> ESET)
S3 GalaxyClientService; D:\Games\GOG Galaxy\GalaxyClientService.exe [707144 2018-12-20] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-20] (GOG Sp. z o.o. -> GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [760008 2018-04-12] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720072 2018-04-12] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-06-13] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\Windows\System32\OpenSSH\sshd.exe [974848 2019-02-24] (Microsoft Windows -> )
S3 SshdBroker; C:\Windows\System32\SshdBroker.dll [289280 2018-09-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAMSvc; D:\Software\Zemana AntiMalware\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2019-03-02] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2019-01-14] (ASROCK Incorporation -> ASRock Incorporation)
R0 asstahci64; C:\Windows\System32\drivers\asstahci64.sys [89960 2016-05-18] (ASMedia Technology Inc. -> Asmedia Technology)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-11-29] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107896 2018-11-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188832 2018-10-17] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50144 2018-10-17] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [82304 2018-10-17] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [109864 2018-10-17] (ESET, spol. s r.o. -> ESET)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_3b97b64bf877b381\nvlddmkm.sys [20726016 2019-02-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [66792 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 UcmCxUcsiNvppc; C:\Windows\System32\drivers\UcmCxUcsiNvppc.sys [468504 2018-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [333792 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2019-03-03] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2019-03-03] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 20:24 - 2019-03-04 20:24 - 000014757 _____ C:\Users\Nighters\Desktop\FRST.txt
2019-03-04 20:23 - 2019-03-04 20:24 - 000000000 ____D C:\FRST
2019-03-04 20:23 - 2019-03-04 20:17 - 002434560 _____ (Farbar) C:\Users\Nighters\Desktop\FRST64.exe
2019-03-04 20:20 - 2019-03-04 20:20 - 000000000 ____D C:\Users\Nighters\Desktop\backups
2019-03-04 20:18 - 2019-03-02 21:08 - 000388608 _____ (Trend Micro Inc.) C:\Users\Nighters\Desktop\HijackThis.exe
2019-03-04 16:21 - 2019-03-04 16:21 - 000000000 ____D C:\Users\Nighters\AppData\Local\Zemana
2019-03-03 19:54 - 2019-03-04 20:24 - 000116623 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-03-03 19:54 - 2019-03-03 19:54 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2019-03-03 19:54 - 2019-03-03 19:54 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2019-03-03 19:54 - 2019-03-03 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-03-03 16:59 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2019-03-03 16:41 - 2019-03-03 16:58 - 000445226 _____ C:\Windows\ntbtlog.txt
2019-03-03 16:41 - 2019-03-03 16:48 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2019-03-03 16:41 - 2019-03-03 16:41 - 000000000 ____D C:\zoek_backup
2019-03-02 21:58 - 2019-03-04 20:24 - 000280122 _____ C:\Windows\ZAM.krnl.trace
2019-03-02 21:58 - 2019-03-03 19:53 - 000000000 ____D C:\Users\peter\AppData\Local\Zemana
2019-03-02 21:58 - 2019-03-02 21:58 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2019-03-02 21:58 - 2019-03-02 21:58 - 000003522 _____ C:\Windows\System32\Tasks\AMHelper
2019-03-02 21:58 - 2019-03-02 21:58 - 000000000 ____D C:\Users\peter\AppData\Local\AMSDK
2019-03-02 15:20 - 2019-03-02 15:23 - 000000000 ____D C:\ProgramData\HitmanPro
2019-02-25 19:36 - 2019-02-25 19:36 - 000000000 ____D C:\Users\Nighters\AppData\Roaming\Kubat Software
2019-02-25 19:36 - 2019-02-25 19:36 - 000000000 ____D C:\ProgramData\Kubat Software
2019-02-25 19:36 - 2019-02-25 19:36 - 000000000 ____D C:\ProgramData\CS-Script
2019-02-24 17:22 - 2019-02-24 17:22 - 000000000 __RSD C:\Windows\SysWOW64\WindowsDevicePortal
2019-02-24 17:22 - 2019-02-24 17:22 - 000000000 __RSD C:\Windows\system32\WindowsDevicePortal
2019-02-24 17:22 - 2019-02-24 17:22 - 000000000 ___RD C:\Windows\WebManagement
2019-02-24 17:22 - 2018-09-14 21:54 - 000525544 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftWebDriver.exe
2019-02-24 17:22 - 2018-09-14 21:09 - 000404200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftWebDriver.exe
2019-02-24 17:22 - 2018-09-14 18:05 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperTools.ProxyStub.dll
2019-02-24 17:22 - 2018-09-14 18:04 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\SshdPinAuthLsa.dll
2019-02-24 17:22 - 2018-09-14 18:04 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\DeployUtil.exe
2019-02-24 17:22 - 2018-09-14 18:03 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\DevToolsLauncher.exe
2019-02-24 17:22 - 2018-09-14 18:03 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\debugregsvcapi.dll
2019-02-24 17:22 - 2018-09-14 18:02 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationREST.dll
2019-02-24 17:22 - 2018-09-14 18:02 - 000289280 _____ (Microsoft Corporation) C:\Windows\system32\SshdBroker.dll
2019-02-24 17:22 - 2018-09-14 18:02 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperToolsSvc.exe
2019-02-24 17:22 - 2018-09-14 17:59 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\debugregsvc.dll
2019-02-24 17:22 - 2018-09-14 17:57 - 000909312 _____ (Microsoft Corporation) C:\Windows\system32\wdp.dll
2019-02-24 17:22 - 2018-09-14 17:56 - 001303040 _____ (Microsoft Corporation) C:\Windows\system32\WebManagement.exe
2019-02-24 17:22 - 2018-09-14 17:37 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdp.dll
2019-02-24 17:14 - 2019-02-24 17:14 - 000000000 ____D C:\Users\peter\AppData\Local\ESET
2019-02-24 16:23 - 2019-02-24 16:23 - 000000000 ____D C:\Users\Nighters\AppData\Local\ESET
2019-02-24 16:22 - 2019-02-24 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-02-24 16:22 - 2019-02-24 16:22 - 000000000 ____D C:\ProgramData\ESET
2019-02-24 16:22 - 2019-02-24 16:22 - 000000000 ____D C:\Program Files\ESET
2019-02-24 15:02 - 2019-03-04 20:02 - 000000000 ____D C:\Users\Nighters\AppData\Roaming\Factorio
2019-02-24 13:19 - 2019-02-24 13:19 - 000000000 ____D C:\Users\peter\AppData\Local\mbamtray
2019-02-24 11:50 - 2019-02-24 11:50 - 000000000 ____D C:\ProgramData\Sophos
2019-02-24 11:49 - 2019-02-24 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2019-02-24 11:41 - 2019-02-24 11:41 - 000000000 ____D C:\Users\peter\AppData\Local\mbam
2019-02-23 22:32 - 2019-02-23 22:32 - 000000000 ____D C:\Users\Nighters\Documents\Forza Horizon 3
2019-02-22 22:49 - 2019-02-22 22:50 - 000000000 ____D C:\Users\Nighters\Documents\Assassin's Creed Origins
2019-02-22 22:49 - 2019-02-22 22:49 - 000000000 ____D C:\Users\Public\Documents\uPlay
2019-02-22 19:59 - 2019-02-22 19:59 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2019-02-22 19:59 - 2019-02-20 12:15 - 005365128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-02-22 19:59 - 2019-02-20 12:15 - 002624368 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-02-22 19:59 - 2019-02-20 12:15 - 001767632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-02-22 19:59 - 2019-02-20 12:15 - 000651472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-02-22 19:59 - 2019-02-20 12:15 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-02-22 19:59 - 2019-02-20 12:15 - 000125240 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-02-22 19:59 - 2019-02-20 12:15 - 000083440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-02-22 19:59 - 2019-02-15 13:14 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-02-22 19:59 - 2019-02-15 10:06 - 008504452 _____ C:\Windows\system32\nvcoproc.bin
2019-02-22 19:58 - 2019-02-21 09:55 - 001006800 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-02-22 19:58 - 2019-02-21 09:55 - 001006800 _____ C:\Windows\system32\vulkan-1.dll
2019-02-22 19:58 - 2019-02-21 09:55 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-02-22 19:58 - 2019-02-21 09:55 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-02-22 19:58 - 2019-02-21 09:55 - 000552224 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-02-22 19:58 - 2019-02-21 09:55 - 000457096 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-02-22 19:58 - 2019-02-21 09:55 - 000286416 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-02-22 19:58 - 2019-02-21 09:55 - 000286416 _____ C:\Windows\system32\vulkaninfo.exe
2019-02-22 19:58 - 2019-02-21 09:55 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-02-22 19:58 - 2019-02-21 09:55 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-02-22 19:58 - 2019-02-21 09:54 - 001464256 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-02-22 19:58 - 2019-02-21 09:54 - 001129920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-02-22 19:58 - 2019-02-21 09:54 - 000992032 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2019-02-22 19:58 - 2019-02-21 09:54 - 000668640 _____ C:\Windows\system32\nvofapi64.dll
2019-02-22 19:58 - 2019-02-21 09:54 - 000631688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-02-22 19:58 - 2019-02-21 09:54 - 000534544 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-02-22 19:58 - 2019-02-21 09:54 - 000521824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 040234808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 035140056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 020102872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 017429864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 010319504 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 008784920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 005274560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 004624832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 002031872 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 001535232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 001471816 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 001462416 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 001169336 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 001152200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 001145752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 000915120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 000858712 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2019-02-22 19:58 - 2019-02-21 09:53 - 000822816 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 000794656 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 000752064 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 000638384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 000611720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2019-02-22 19:58 - 2019-02-21 09:53 - 000566368 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2019-02-22 19:58 - 2019-02-21 09:53 - 000448800 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2019-02-22 19:58 - 2019-02-21 09:52 - 005042392 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-02-22 19:58 - 2019-02-21 09:52 - 004301152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-02-22 19:58 - 2019-02-20 15:03 - 000104677 _____ C:\Windows\system32\nvidia-smi.1.pdf
2019-02-22 19:58 - 2019-02-20 15:03 - 000066792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2019-02-22 19:58 - 2019-02-20 15:03 - 000047032 _____ C:\Windows\system32\nvinfo.pb



Reklama
Nighters
Level 2.5
Level 2.5
Příspěvky: 253
Registrován: červen 14
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative

Příspěvekod Nighters » 04 bře 2019 20:26

2019-02-19 19:06 - 2019-02-19 19:06 - 000000000 ____D C:\Users\Nighters\AppData\Local\4A Games
2019-02-13 16:34 - 2019-02-13 16:34 - 026807296 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 023439360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 022111856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 020812288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 019284480 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 019023872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 017520640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 015224832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 009683984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 008875520 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 007897088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 007724992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 007645600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 006540424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 006070272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 005584864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 005565952 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 005561856 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 005527552 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 005440008 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 005205464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 005112792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 004991096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 004885504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 004702704 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 004688896 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 004526080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 004298752 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 004019200 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 003982848 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 003922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 003662336 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 003601920 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 003556352 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 003550384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 003386368 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002992640 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002927120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 002776920 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002766136 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002721280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 002702528 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002689024 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002626592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 002618880 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002488320 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 002469648 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002466304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002437552 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002323696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002298880 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002278448 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002275888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002187264 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002149368 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002085376 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002072728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 002021584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001994768 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001975296 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001969680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001720936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001700880 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001700864 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001696936 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-02-13 16:34 - 2019-02-13 16:34 - 001674480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001671864 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001604096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001533440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001467560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001467384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 001462272 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001446400 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001415680 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001341584 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-02-13 16:34 - 2019-02-13 16:34 - 001331744 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001309184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001289192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001282640 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001271608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001259024 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-02-13 16:34 - 2019-02-13 16:34 - 001258512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 001255736 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 001254912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001221120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 001209360 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001178344 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 001168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001098136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001054200 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 001050936 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001047552 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001032704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000982576 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000982032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000970256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000954368 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000925184 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000913920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000901632 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000865784 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000864056 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000850968 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000833536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000829440 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000822448 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000820736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000806560 _____ C:\Windows\SysWOW64\locale.nls
2019-02-13 16:34 - 2019-02-13 16:34 - 000806560 _____ C:\Windows\system32\locale.nls
2019-02-13 16:34 - 2019-02-13 16:34 - 000800256 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000799568 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000794112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000765960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000762272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000752136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000726208 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000700416 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000652320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000651792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000651304 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000649272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000648192 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000629576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000622592 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000612368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000604552 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000588304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000556544 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000553984 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000547840 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000535048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000522312 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000506408 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000496872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000494080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000494080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Activities.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000475152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-02-13 16:34 - 2019-02-13 16:34 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000430904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000429056 _____ (Microsoft Corporation) C:\Windows\system32\MixedReality.Broker.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000421904 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000419128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000408800 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000407040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000394752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcLayers.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000387384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000375544 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000353488 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000324408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\AcLayers.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000298296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000277536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000276488 _____ (Microsoft Corporation) C:\Windows\system32\MTF.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000262672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000251904 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000203280 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000202552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MTF.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000201216 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000193032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSrv.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000157192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000148480 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000146888 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000137216 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000132104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000122368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000121872 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000114856 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000097592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\nlahc.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\PktMon.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000091424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000074424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\umpo-overrides.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000047136 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-13 16:34 - 2019-02-13 16:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\lpkinstall.exe
2019-02-13 16:34 - 2019-02-13 16:34 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000039304 _____ (Microsoft Corporation) C:\Windows\system32\NtlmShared.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2019-02-13 16:34 - 2019-02-13 16:34 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-02-13 16:34 - 2019-02-13 16:34 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-02-13 16:34 - 2019-02-13 16:34 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-02-13 16:34 - 2019-02-13 16:34 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-02-13 16:34 - 2019-02-13 16:34 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-02-13 16:34 - 2019-02-13 16:34 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-02-13 16:34 - 2019-02-13 16:34 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-02-13 16:34 - 2019-02-13 16:34 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-02-13 16:34 - 2019-02-13 16:34 - 000000072 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2019-02-11 23:22 - 2019-02-11 23:22 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-02-09 23:47 - 2019-02-27 19:37 - 000000000 ____D C:\Program Files (x86)\Call of Duty Black Ops 4
2019-02-09 23:40 - 2019-02-27 19:37 - 000000000 ____D C:\Users\Nighters\AppData\Local\Battle.net
2019-02-09 23:40 - 2019-02-09 23:40 - 000000000 ____D C:\Users\Nighters\AppData\Roaming\Battle.net
2019-02-09 23:40 - 2019-02-09 23:40 - 000000000 ____D C:\Users\Nighters\AppData\Local\Blizzard Entertainment
2019-02-09 23:40 - 2019-02-09 23:40 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2019-02-09 23:39 - 2019-02-09 23:39 - 000000000 ____D C:\Users\peter\AppData\Local\Blizzard
2019-02-09 23:39 - 2019-02-09 23:39 - 000000000 ____D C:\ProgramData\Battle.net
2019-02-06 19:38 - 2019-02-28 23:21 - 000000000 ____D C:\Users\Nighters\AppData\Roaming\RiseOfIndustry
2019-02-06 19:37 - 2019-02-06 19:37 - 000000000 ____D C:\Users\Nighters\AppData\LocalLow\Dapper Penguin Studios

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 20:18 - 2019-01-12 15:26 - 000000000 ____D C:\Users\Nighters\AppData\Roaming\qBittorrent
2019-03-04 18:29 - 2019-01-23 21:19 - 000000000 ____D C:\ProgramData\Origin
2019-03-04 18:29 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-04 17:42 - 2019-01-23 21:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-03-04 17:42 - 2019-01-23 21:19 - 000000000 ____D C:\Users\Nighters\AppData\Roaming\Origin
2019-03-04 16:27 - 2019-01-11 10:42 - 001693636 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-04 16:27 - 2018-09-15 18:39 - 000716902 _____ C:\Windows\system32\perfh005.dat
2019-03-04 16:27 - 2018-09-15 18:39 - 000144982 _____ C:\Windows\system32\perfc005.dat
2019-03-04 16:27 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2019-03-04 16:25 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2019-03-04 16:24 - 2019-01-11 10:47 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-04 16:21 - 2019-01-11 16:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-03 23:09 - 2018-09-15 07:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-03-03 23:02 - 2019-01-11 16:38 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-03-03 17:01 - 2018-09-15 08:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-03-03 16:25 - 2018-09-15 08:33 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-03-03 14:53 - 2019-01-20 16:25 - 000000000 ____D C:\Users\Nighters\AppData\Local\Ubisoft Game Launcher
2019-03-02 21:19 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-02 10:50 - 2019-01-12 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2019-03-01 16:31 - 2019-01-12 10:19 - 000000000 ____D C:\Users\Nighters\AppData\Roaming\Spotify
2019-03-01 16:31 - 2019-01-12 10:19 - 000000000 ____D C:\Users\Nighters\AppData\Local\Spotify
2019-02-27 20:25 - 2019-01-12 10:20 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-27 20:25 - 2019-01-11 16:37 - 000000000 ____D C:\Windows\Panther
2019-02-27 20:21 - 2019-01-13 16:28 - 000000000 ____D C:\ProgramData\RogueKiller
2019-02-27 20:02 - 2019-01-11 10:43 - 000000000 ____D C:\Users\peter\AppData\Local\Packages
2019-02-27 19:38 - 2019-01-13 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 – Čeština (Czech)
2019-02-27 19:38 - 2019-01-13 15:51 - 000000000 ____D C:\Users\peter\AppData\Roaming\Autodesk
2019-02-25 19:36 - 2019-01-23 18:02 - 000000000 ____D C:\Users\Nighters\Documents\My Games
2019-02-25 19:36 - 2019-01-12 10:03 - 000000000 ____D C:\Users\Nighters\AppData\Local\NVIDIA
2019-02-25 19:29 - 2019-01-12 10:03 - 000000000 ____D C:\Users\Nighters\AppData\Local\Packages
2019-02-25 19:28 - 2019-01-12 23:17 - 000000000 ____D C:\Users\Nighters\AppData\Local\CrashDumps
2019-02-24 17:22 - 2018-09-15 18:39 - 000000000 ____D C:\Windows\system32\OpenSSH
2019-02-24 17:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SystemApps
2019-02-24 17:22 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2019-02-24 13:21 - 2019-01-11 10:45 - 000000000 ____D C:\Users\peter\AppData\Local\PlaceholderTileLogoFolder
2019-02-24 13:19 - 2019-01-11 10:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-24 13:19 - 2019-01-11 10:43 - 000000000 ___RD C:\Users\peter\3D Objects
2019-02-23 09:44 - 2019-01-11 16:38 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-02-22 22:50 - 2019-01-12 10:06 - 000000000 ____D C:\Users\Nighters\AppData\Local\D3DSCache
2019-02-22 19:59 - 2019-01-11 10:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-02-22 19:59 - 2019-01-11 10:47 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-02-22 19:59 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\Help
2019-02-21 22:10 - 2019-01-11 19:04 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-20 15:03 - 2019-01-11 19:17 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-02-19 18:59 - 2019-01-11 10:47 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-02-17 18:17 - 2019-01-24 18:51 - 000000000 ____D C:\Users\Nighters\Documents\Battlefield V
2019-02-16 10:33 - 2019-01-11 19:17 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-16 10:33 - 2019-01-11 19:17 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-15 23:05 - 2019-01-12 10:03 - 000000000 ____D C:\Users\Nighters\AppData\Local\Google
2019-02-15 21:42 - 2019-01-12 10:04 - 000000000 ____D C:\Users\Nighters\AppData\Local\PlaceholderTileLogoFolder
2019-02-14 23:19 - 2019-01-12 10:03 - 000000000 ____D C:\Users\Nighters
2019-02-14 16:37 - 2019-01-11 12:23 - 000000000 ____D C:\ProgramData\Packages
2019-02-14 16:25 - 2019-01-12 10:03 - 000000000 ___RD C:\Users\Nighters\3D Objects
2019-02-14 16:24 - 2019-01-11 16:38 - 000361104 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-13 23:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\TextInput
2019-02-13 23:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-02-13 23:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-02-13 23:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\oobe
2019-02-13 23:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-02-13 23:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-02-13 23:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-02-13 23:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellComponents
2019-02-13 23:22 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2019-02-13 23:22 - 2018-09-15 07:09 - 000000000 ____D C:\Windows\system32\Dism
2019-02-13 16:33 - 2019-01-11 14:09 - 000000000 ____D C:\Windows\system32\MRT
2019-02-13 16:32 - 2019-01-11 14:09 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-07 18:15 - 2019-01-12 19:11 - 000000000 ____D C:\Users\Nighters\AppData\Roaming\EasyAntiCheat
2019-02-05 16:47 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\NDF

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Nighters
Level 2.5
Level 2.5
Příspěvky: 253
Registrován: červen 14
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative

Příspěvekod Nighters » 04 bře 2019 20:26

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by peter (04-03-2019 20:24:43)
Running from C:\Users\Nighters\Desktop
Windows 10 Pro Version 1809 17763.316 (X64) (2019-01-11 15:41:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3387105439-1097537418-4165403734-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3387105439-1097537418-4165403734-503 - Limited - Disabled)
Guest (S-1-5-21-3387105439-1097537418-4165403734-501 - Limited - Disabled)
Nighters (S-1-5-21-3387105439-1097537418-4165403734-1003 - Limited - Enabled) => C:\Users\Nighters
peter (S-1-5-21-3387105439-1097537418-4165403734-1001 - Administrator - Enabled) => C:\Users\peter
WDAGUtilityAccount (S-1-5-21-3387105439-1097537418-4165403734-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Textures DLC (HKLM-x32\...\1286889002_is1) (Version: 1.3.0 - GOG.com)
7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.2.1.0000 - Asmedia Technology)
Assassins Creed Origins The Curse of the Pharaohs (HKLM-x32\...\Assassins Creed Origins The Curse of the Pharaohs_is1) (Version: - )
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.59.63793 - Electronic Arts)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CPUID HWMonitor 1.38 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.38 - CPUID, Inc.)
Discord (HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\...\Discord) (Version: 0.0.304 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
ESET Security (HKLM\...\{F1544F11-BFCC-43CC-9D0C-169A7E99369E}) (Version: 12.0.31.0 - ESET, spol. s r.o.)
F-Stream Tuning v3.0.184 (HKLM-x32\...\F-Stream Tuning_is1) (Version: 3.0.184 - ASRock Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Gwent (HKLM-x32\...\1971477531_is1) (Version: 1.3.0 - GOG.com)
Intel(R) Ethernet Connection Driver (HKLM-x32\...\Intel(R) Ethernet Connection Driver_is1) (Version: - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1824.12.0.1140 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{3b132227-4567-48a1-9f85-0d0dad4346ee}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{262e9c1d-e509-4e2a-86e8-0abb312ac2e9}) (Version: 10.1.17765.8094 - Intel(R) Corporation) Hidden
Kingdom Come Deliverance The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\Kingdom Come Deliverance The Amorous Adventures ~9066B541_is1) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.17 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.17 - NVIDIA Corporation) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.4.332 - Autodesk)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.17508 - Kakao Corp.)
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8454 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Sound Blaster Cinema 3 (HKLM-x32\...\{883EEEA5-1C5A-42BD-96C3-796F2ACB9120}) (Version: 1.00.12 - Creative Technology Limited)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Spotify (HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\...\Spotify) (Version: 1.0.99.250.g936eab8d - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 80.0 - Ubisoft)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.664 - Zemana Ltd.)
Zemana AntiMalware verze 3.0.894 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.0.894 - Zemana(Beta))

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Nighters\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Nighters\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Nighters\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> D:\Software\Autocad2018\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> D:\Software\Autocad2018\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Software\Autocad2018\AutoCAD 2018\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => D:\Software\Zemana AntiMalware\ZAMShellExt64.dll [2019-03-03] (Zemana D.O.O. Sarajevo -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Software\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Software\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => D:\Software\Zemana AntiMalware\ZAMShellExt64.dll [2019-03-03] (Zemana D.O.O. Sarajevo -> )
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Software\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-11-29] (ESET, spol. s r.o. -> ESET)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F68AA9-F3A8-4E39-A762-9E7AA0C0FF0E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {04C60A28-23DA-466A-8027-0D72161401A5} - System32\Tasks\S-1-5-21-3387105439-1097537418-4165403734-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {2AEF781A-2455-42BE-8FB9-EA94F1B50590} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {574FDBF6-2892-4855-A4C3-748DE428C79B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {63F42593-ABD4-44EC-87C9-B63654A7D3E8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {671AC6B3-91C5-4968-82EC-D04697302955} - System32\Tasks\AMHelper => D:\Software\AntiMalware\AntiMalware.exe (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {88D80D2A-EAEE-4267-8584-617FE99A4F3B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B203A17-C9B3-47D2-8A32-BE1CC2AD19C4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {A89A5762-313A-4771-9781-4FE226C22294} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B53751DB-CCDD-46C2-8974-2587E7FDBF8B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BB327AC2-3F3D-4F7C-B674-EBC4FF80FB8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {BC268B04-117E-4A0C-8DCA-71D174A39504} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Nighters\Desktop\AdwCleaner.exe
Task: {C759E39A-D6A5-474E-8336-B894310B34B1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0881491-816F-4C4E-BC8A-485600E617F5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {E364CB63-2787-49F1-A4A9-2144EEA37CC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E4CDE635-4834-4B4D-B2DD-5DAE60642B87} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1D3F0EE-8DE0-45CE-8A83-9B0A16F60479} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F75C02A9-6FA3-4C99-A8BE-33AB9FDA8891} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-12 09:42 - 2018-12-30 08:00 - 000077824 _____ (Igor Pavlov) [File not signed] D:\Software\7-Zip\7-zip.dll
2019-01-11 13:23 - 2016-03-15 13:55 - 000089600 _____ () [File not signed] C:\Windows\SYSTEM32\CmdRtr64.DLL
2019-01-11 13:23 - 2016-03-15 13:54 - 000359424 _____ () [File not signed] C:\Windows\SYSTEM32\APOMgr64.DLL
2019-01-11 13:23 - 2016-07-29 11:37 - 001464832 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Cinema 3\Sound Blaster Cinema 3\SBCinema3.exe
2019-02-15 21:42 - 2019-02-15 21:42 - 000016896 _____ (Pinnula) [File not signed] C:\Program Files\WindowsApps\55888ChristopheLavalle.DynamicTheme_1.4.30212.0_x64__jdggxwd41xcr0\Pinnula.DynamicThemeApp.exe
2019-02-15 21:42 - 2019-02-15 21:42 - 009140736 _____ (Pinnula) [File not signed] C:\Program Files\WindowsApps\55888ChristopheLavalle.DynamicTheme_1.4.30212.0_x64__jdggxwd41xcr0\Pinnula.DynamicThemeApp.dll
2019-02-15 21:42 - 2019-02-15 21:42 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\55888ChristopheLavalle.DynamicTheme_1.4.30212.0_x64__jdggxwd41xcr0\e_sqlite3.dll
2019-01-11 13:23 - 2016-03-14 09:15 - 000239104 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Cinema 3\Sound Blaster Cinema 3\CTLoadRs.dll
2019-01-11 13:23 - 2011-10-20 19:33 - 000249344 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Cinema 3\Sound Blaster Cinema 3\HKDetect.dll
2019-01-11 13:23 - 2012-04-27 10:26 - 000529920 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Cinema 3\Sound Blaster Cinema 3\CTAudEp.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2019-03-04 20:20 - 000000813 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\NVIDIA Corporation\NVIDIA NGX
HKU\S-1-5-21-3387105439-1097537418-4165403734-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\peter\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\re26cug_1920x1080.0.jpg
HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Nighters\AppData\Local\Packages\55888ChristopheLavalle.DynamicTheme_jdggxwd41xcr0\LocalState\WinSpotlight\RE1U1Wq_1920x1080.0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKU\S-1-5-21-3387105439-1097537418-4165403734-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3387105439-1097537418-4165403734-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3387105439-1097537418-4165403734-1003\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1D4DACD7-418B-49C7-AA0D-A05752900B9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D17511C-DAA0-4D02-987B-78A8783DCEA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{32AA8170-55D3-479E-8F17-37405EF9CEA6}] => (Allow) D:\Software\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{D16B450C-A90B-425D-9E3D-BFBED6234CEF}] => (Allow) D:\Software\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{202D5531-AB00-4AB4-B24A-2A9D23A15A19}C:\users\nighters\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nighters\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{B3A1FB31-3F70-4574-942F-F0FC56A0C348}C:\users\nighters\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nighters\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B4DFBD9D-5D35-4AD7-B620-6616A17EDF7B}] => (Block) C:\users\nighters\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B855E42-124B-40D8-8842-A60657F2467E}] => (Block) C:\users\nighters\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2267AE17-DF29-4C37-A9B5-DAC21B97412D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EA72CDE0-61D0-4635-AC8D-8CF5B646FBFA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{296646F6-F0E8-4965-9FB5-28DFF3AAE528}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{17539D7E-3CAB-416F-B348-A0A1B5C33744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{20B8FB75-8767-4F5D-8B84-8143C0FFE513}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [{2B6FDA3B-19F3-406F-93B7-32FE7DA23D25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7658C819-0D04-480A-9DA6-1977C6662624}C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive)
FirewallRules: [UDP Query User{B4BD2560-7483-4059-9852-6C4DB0E8636C}C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive)
FirewallRules: [{A17FB379-C8A9-4573-A1A1-2CB6E843983B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{EDE0EE72-BB97-4EE6-8692-E368F20698EE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{7EE021DF-85E5-4FF4-8EC9-2785D26885C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{3FA0FF20-700F-4084-A46B-219C363A608C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{255530CB-C916-497C-AB0F-71E5CA48CF14}C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive)
FirewallRules: [UDP Query User{8FEA55EE-AEB1-4DEC-88E8-5B5EB3CC2727}C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive)
FirewallRules: [TCP Query User{CB9FB2F9-D058-4E40-8994-9C14002AED76}D:\games\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe] => (Allow) D:\games\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{197C800F-56BB-48E1-A774-A7FA1DAA7153}D:\games\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe] => (Allow) D:\games\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{480BF1BB-B841-483D-BBC1-706B906EA8FC}] => (Block) D:\games\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{AE30442E-0406-46B9-8E6B-48857A0B9C0D}] => (Block) D:\games\kingdom come deliverance the amorous adventures of bold sir hans capon\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{23F53AD7-EAD8-4A67-BFCB-869E65506669}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1E8D43D2-0A80-402C-8DD4-483CADD7C6F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2489A887-39D8-4492-84E1-7F18B5E116E4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{F361708B-FE61-4C16-877A-193106B5C9FE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{34B3A32C-67B7-4211-A0C4-C5F811B18803}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{83B69BD5-A468-4C2F-81D7-F3260375DCA3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{57C140BE-1CC5-4D88-82A3-C1F0F9AE3C47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C5D1CB9C-0C5E-4430-8140-3FCD734FDA7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{200678E2-49EF-43D1-95D8-024186F92C2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F699BE74-9871-482C-99B3-AE2A227E76B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{49888083-4502-4B05-B2AF-A5EC22686522}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> )

==================== Restore Points =========================

27-02-2019 20:20:33 JRT Pre-Junkware Removal
02-03-2019 21:24:48 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2019 04:21:17 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Windows Audio Device Graph Isolation.

Program: Windows Audio Device Graph Isolation
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (03/04/2019 04:21:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17763.292, časové razítko: 0xa0a39b52
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.292, časové razítko: 0xb51bba8e
Kód výjimky: 0xc000001d
Posun chyby: 0x0000000000055549
ID chybujícího procesu: 0x141c
Čas spuštění chybující aplikace: 0x01d4d29de92c9fc3
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: e4bc45a6-c0a3-4470-8fa5-0be0450dc3a0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/04/2019 04:21:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17763.292, časové razítko: 0xa0a39b52
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x141c
Čas spuštění chybující aplikace: 0x01d4d29de92c9fc3
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: b855fb18-66cb-497f-8147-087795e4772e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2019 05:01:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/03/2019 04:59:58 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Windows Audio Device Graph Isolation.

Program: Windows Audio Device Graph Isolation
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (03/03/2019 04:59:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17763.292, časové razítko: 0xa0a39b52
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.292, časové razítko: 0xb51bba8e
Kód výjimky: 0xc000001d
Posun chyby: 0x0000000000055549
ID chybujícího procesu: 0x11d8
Čas spuštění chybující aplikace: 0x01d4d1da268001d7
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 22dde791-bc33-42f6-9388-1784ae0b7ebf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2019 04:59:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17763.292, časové razítko: 0xa0a39b52
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x11d8
Čas spuštění chybující aplikace: 0x01d4d1da268001d7
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: e29395b1-dde1-4fbd-8a8d-101dac245861
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2019 04:42:48 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Windows Audio Device Graph Isolation.

Program: Windows Audio Device Graph Isolation
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0


System errors:
=============
Error: (03/04/2019 08:23:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-452CQVQ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-452CQVQ\Nighters (SID: S-1-5-21-3387105439-1097537418-4165403734-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 04:25:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-452CQVQ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-452CQVQ\Nighters (SID: S-1-5-21-3387105439-1097537418-4165403734-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 04:23:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 04:23:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 04:23:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 04:23:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 04:21:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-452CQVQ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-452CQVQ\Nighters (SID: S-1-5-21-3387105439-1097537418-4165403734-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2019 08:10:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-452CQVQ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-452CQVQ\Nighters (SID: S-1-5-21-3387105439-1097537418-4165403734-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-02-23 22:23:13.699
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/GameHack
ID: 2147712662
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Crack\InstallApp.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-452CQVQ\Nighters
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.287.613.0, AS: 1.287.613.0, NIS: 1.287.613.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-23 22:23:03.070
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/GameHack
ID: 2147712662
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Crack\InstallApp.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-452CQVQ\Nighters
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.287.613.0, AS: 1.287.613.0, NIS: 1.287.613.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-23 22:22:53.801
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/GameHack
ID: 2147712662
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Crack\InstallApp.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-452CQVQ\Nighters
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.287.613.0, AS: 1.287.613.0, NIS: 1.287.613.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-23 21:48:49.293
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/GameHack
ID: 2147712662
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Crack\InstallApp.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-452CQVQ\Nighters
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.287.613.0, AS: 1.287.613.0, NIS: 1.287.613.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-23 21:48:05.191
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bluteal.B!rfn
ID: 2147727314
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_D:\Stažené soubory\FH31809.rar; file:_D:\Stažené soubory\FH31809.rar->CODEX\WinStore.Love.Auth.dll; webfile:_D:\Stažené soubory\FH31809.rar|about:internet|pid:1320,ProcessStart:131954205685589899
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.287.613.0, AS: 1.287.613.0, NIS: 1.287.613.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-01-13 16:03:34.086
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2864.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80240438
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-03-02 21:34:55.447
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-02 21:34:55.445
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-02 21:34:55.440
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-02 21:34:55.438
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-24 19:20:50.987
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-24 16:23:39.274
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-24 16:23:39.272
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-24 16:23:39.267
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
Percentage of memory in use: 17%
Total physical RAM: 16311.73 MB
Available physical RAM: 13449.77 MB
Total Virtual: 17527.73 MB
Available Virtual: 12557.62 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.16 GB) (Free:264.89 GB) NTFS
Drive d: (HDD) (Fixed) (Total:931.5 GB) (Free:761.13 GB) NTFS

\\?\Volume{c9202895-b71b-468d-b06c-9d2e42a5faff}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{99280fe3-4b71-4906-9103-68393e220152}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39523
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative

Příspěvekod jaro3 » 04 bře 2019 21:30

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\S-1-5-21-3387105439-1097537418-4165403734-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3387105439-1097537418-4165403734-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Nighters\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Nighters\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Nighters\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {BB327AC2-3F3D-4F7C-B674-EBC4FF80FB8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E364CB63-2787-49F1-A4A9-2144EEA37CC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Systém Windows kvůli této chybě ukončil program Windows Audio Device Graph Isolation.
Program: Windows Audio Device Graph Isolation
Soubor:
Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Windows Defender:
===================================
Date: 2019-02-23 22:23:13.699
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/GameHack
ID: 2147712662
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Crack\InstallApp.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-452CQVQ\Nighters
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.287.613.0, AS: 1.287.613.0, NIS: 1.287.613.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-23 21:48:05.191
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bluteal.B!rfn
ID: 2147727314
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_D:\Stažené soubory\FH31809.rar; file:_D:\Stažené soubory\FH31809.rar->CODEX\WinStore.Love.Auth.dll; webfile:_D:\Stažené soubory\FH31809.rar|about:internet|pid:1320,ProcessStart:131954205685589899
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.287.613.0, AS: 1.287.613.0, NIS: 1.287.613.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.1570

Date: 2019-03-02 21:34:55.447
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


Je to tato stránka:
http://static.adsnative.com/
https://www.virustotal.com/cs/url/1dff4 ... 551730315/
? Je bezpečná.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Zkus aktualizovat Eset.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Nighters
Level 2.5
Level 2.5
Příspěvky: 253
Registrován: červen 14
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative

Příspěvekod Nighters » 04 bře 2019 23:09

Eset se aktualizuje každý den.

Ano je to ta stránka, akorát mě se ta stránka neotevírá (nevyskakuje mi okno), jen se mi zobrazí dole vpravo malý obdélníček - eset zpráva, že bylo zabráněno v otevření stránky. Když kliknu na link v tvém příspěvku, stránka nenačte neboť mám Ublock Origin, který stránku nezobrazí.

Tvá citace - našlo to dva viry - byl to crack na jednu hru, hru a crack už jsem vymazal, problém se objevil s vyskakováním až po nějaké době. Dnes mi Eset nic chybovou hlášku o přerušení stránky nezobrazil.



Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by peter (04-03-2019 23:07:19) Run:1
Running from C:\Users\Nighters\Desktop
Loaded Profiles: peter & Nighters (Available Profiles: peter & Nighters)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\S-1-5-21-3387105439-1097537418-4165403734-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3387105439-1097537418-4165403734-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Nighters\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Nighters\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Nighters\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {BB327AC2-3F3D-4F7C-B674-EBC4FF80FB8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E364CB63-2787-49F1-A4A9-2144EEA37CC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-3387105439-1097537418-4165403734-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3387105439-1097537418-4165403734-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-3387105439-1097537418-4165403734-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB327AC2-3F3D-4F7C-B674-EBC4FF80FB8D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB327AC2-3F3D-4F7C-B674-EBC4FF80FB8D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E364CB63-2787-49F1-A4A9-2144EEA37CC7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E364CB63-2787-49F1-A4A9-2144EEA37CC7}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26508921 B
Java, Flash, Steam htmlcache => 131939 B
Windows/system/drivers => 30798 B
Edge => 0 B
Chrome => 5421066 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4594 B
LocalService => 0 B
NetworkService => 2278 B
NetworkService => 0 B
peter => 196655 B
Nighters => 2514785 B

RecycleBin => 0 B
EmptyTemp: => 42.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:07:39 ====
Naposledy upravil(a) Nighters dne 04 bře 2019 23:22, celkem upraveno 4 x.

Nighters
Level 2.5
Level 2.5
Příspěvky: 253
Registrován: červen 14
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative

Příspěvekod Nighters » 04 bře 2019 23:10

----------------------------------------------------------------------------
CrystalDiskInfo 8.0.0 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 17763] (x64)
Date : 2019/03/04 23:10:25

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- WDC WD10EZEX-08WN4A0
- Samsung SSD 860 EVO M.2 500GB
- Asmedia 106x SATA Controller [SCSI]
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD10EZEX-08WN4A0 : 1000,2 GB [0/0/0, pd1] - wd
(2) Samsung SSD 860 EVO M.2 500GB : 500,1 GB [1/0/0, pd1] - sg

----------------------------------------------------------------------------
(1) WDC WD10EZEX-08WN4A0
----------------------------------------------------------------------------
Model : WDC WD10EZEX-08WN4A0
Firmware : 02.01A02
Serial Number : WD-WCC6Y3KFYRP7
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 447 hod.
Power On Count : 86 krát
Temperature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 174 173 _21 0000000008FC Čas na roztočení ploten
04 100 100 __0 0000000000C7 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 100 100 __0 0000000001BF Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 253 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 000000000056 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000000D Počet vypnutí disku
C1 200 200 __0 0000000002F5 Počet cyklů načítání/vymazání
C2 111 106 __0 000000000020 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4336 5933 4B46 5952 5037
020: 0000 0000 0000 3032 2E30 3141 3032 5744 4320 5744
030: 3130 455A 4558 2D30 3857 4E34 4130 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0006 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0D00
070: 0000 0000 0000 0000 0000 001F 9D0E 0006 004C 0040
080: 07FE 001F 346B 7D09 6123 3449 BC09 6123 203F 8038
090: 8038 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE2
110: 1043 77CC 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 55A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 AE AD FC 08 00 00 00 00 00 04 32 00 64 64 C7
020: 00 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 64 64 BF 01 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 FD 00 00 00 00 00
060: 00 00 0C 32 00 64 64 56 00 00 00 00 00 00 C0 32
070: 00 C8 C8 0D 00 00 00 00 00 00 C1 32 00 C8 C8 F5
080: 02 00 00 00 00 00 C2 22 00 6F 6A 20 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 80 00 9C 27 01 7B
170: 03 00 01 00 02 6A 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 59

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 80 00 9C 27 01 7B
170: 03 00 01 00 02 6A 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 66

----------------------------------------------------------------------------
(2) Samsung SSD 860 EVO M.2 500GB
----------------------------------------------------------------------------
Model : Samsung SSD 860 EVO M.2 500GB
Firmware : RVT22B6Q
Serial Number : S414NB0KA01555Z
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version :
Minor Version : ACS-4 Revision 5
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 447 hod.
Power On Count : 89 krát
Host Writes : 1217 GB
Wear Level Count : 3
Temperature : 37 C (98 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM, DevSleep
APM Level : ----
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
05 100 100 _10 000000000000 Reallocated Sector Count
09 _99 _99 __0 0000000001BF Power-on Hours
0C _99 _99 __0 000000000059 Power-on Count
B1 _99 _99 __0 000000000003 Wear Leveling Count
B3 100 100 _10 000000000000 Used Reserved Block Count (Total)
B5 100 100 _10 000000000000 Program Fail Count (Total)
B6 100 100 _10 000000000000 Erase Fail Count (Total)
B7 100 100 _10 000000000000 Runtime Bad Block (Total)
BB 100 100 __0 000000000000 Uncorrectable Error Count
BE _63 _46 __0 000000000025 Airflow Temperature
C3 200 200 __0 000000000000 ECC Error Rate
C7 100 100 __0 000000000000 CRC Error Count
EB _99 _99 __0 00000000000B POR Recovery Count
F1 _99 _99 __0 0000982494AD Total LBA Written

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5334 3134 4E42 304B 4130 3135 3535 5A20 2020 2020
020: 0000 0000 0000 5256 5432 3242 3651 5361 6D73 756E
030: 6720 5353 4420 3836 3020 4556 4F20 4D2E 3220 3530
040: 3047 4220 2020 2020 2020 2020 2020 8001 4001 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4F30
070: 0000 0000 0000 0000 0000 001F 850E 00C6 016C 0060
080: 09FC 005E 746B 7D01 4163 7469 BC01 4163 207F 0002
090: 0004 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0008 4000 0000 5002 538E
110: 4091 4B88 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0007 0001
170: 2020 2020 2020 2020 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0C00 0000 0000 0000 0000
240: 0000 0000 0000 4000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E4A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 33 00 64 64 00 00 00 00 00 00 00 09 32
010: 00 63 63 BF 01 00 00 00 00 00 0C 32 00 63 63 59
020: 00 00 00 00 00 00 B1 13 00 63 63 03 00 00 00 00
030: 00 00 B3 13 00 64 64 00 00 00 00 00 00 00 B5 32
040: 00 64 64 00 00 00 00 00 00 00 B6 32 00 64 64 00
050: 00 00 00 00 00 00 B7 13 00 64 64 00 00 00 00 00
060: 00 00 BB 32 00 64 64 00 00 00 00 00 00 00 BE 32
070: 00 3F 2E 25 00 00 00 00 00 00 C3 1A 00 C8 C8 00
080: 00 00 00 00 00 00 C7 3E 00 64 64 00 00 00 00 00
090: 00 00 EB 12 00 63 63 0B 00 00 00 00 00 00 F1 32
0A0: 00 63 63 AD 94 24 98 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53
170: 03 00 01 00 02 55 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 0A 00 00 00 00 00 00 00 00 00 00 09 00
010: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
020: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
030: 00 00 B3 0A 00 00 00 00 00 00 00 00 00 00 B5 0A
040: 00 00 00 00 00 00 00 00 00 00 B6 0A 00 00 00 00
050: 00 00 00 00 00 00 B7 0A 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BE 00
070: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
080: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
090: 00 00 EB 00 00 00 00 00 00 00 00 00 00 00 F1 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4E

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39523
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative

Příspěvekod jaro3 » 05 bře 2019 19:33

(1) WDC WD10EZEX-08WN4A0
Power On Hours : 447 hod.
0000000008FC Čas na roztočení ploten
ten disk je poměrně nový , údaj o čase by měl být na nule , jinak OK..

Sleduj a dej vědět. V Esetu se dá ten web dát do vyjímek.Nebo i v Ublock Origin.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Nighters
Level 2.5
Level 2.5
Příspěvky: 253
Registrován: červen 14
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative

Příspěvekod Nighters » 05 bře 2019 21:29

OK, děkuji

Nighters
Level 2.5
Level 2.5
Příspěvky: 253
Registrován: červen 14
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative

Příspěvekod Nighters » 06 bře 2019 21:50

Tak už jsem asi přišel na to proč mě to chce otevírat na stránku http://static.adsnative.com/ protože mě tam přesměrovává rozšíření: https://www.eff.org/https-everywhere

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10639
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž

Re: Eset předchází k otevření static.adsnative  Vyřešeno

Příspěvekod Orcus » 07 bře 2019 08:37

Potom doplnek odinstaluj nebo povol adresu. Vice tu toho nevymyslime. :)

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 8 hostů