Solved Get rid of the hit.gemius.pl PUP

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Welcome to our Community
Wanting to join the rest of our members? Feel free to sign up today.
Sign up
Status
Not open for further replies.

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
If you have a partition on the same machine that has xp on it, then check the HDD


Download HD Tune and save the file.
Install HD Tune and restart it after installation.
Then go to the tab Error Scan , select the hard drive you want to check and press Start .
The check can be quite time consuming take depends on the size of the hard drive check.
Take a screen shot of the result and save it.
Upload it to IMGUR for us. Post the link here.



Do Not tick the quick scan!!
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
You could try a restore point, if not factory reset. My guess is there was just some sort of corruption. Perhaps a bad update.
 

bbdra

PCHF Member
PCHF Member
May 9, 2019
57
3
29
I found that i can't make restore point fix. The system sais that it don't find any of them. Is there any way how to solve this situation without losing my installed programs?
 

bbdra

PCHF Member
PCHF Member
May 9, 2019
57
3
29
Maybe we could try fix this corrupted file in CMD e:\boot\resources\custom\bootres.dll I noticed that same file is on windows Cd too
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
We can see if we can restore the machine using FRST.

Boot in the Recovery Environment

  • To enter the Recovery Environment with Windows Vista and Windows 7, follow the instructions below:
  • Restart the computer
  • Once you've seen your BIOS splashscreen (the computer manufacturer logo), tap the F8 key repeatedly until the Advanced Boot Options menu appears
  • Use the arrow keys to select Repair your computer, and press on Enter
  • Select your keyboard layout (US, French, etc.) and click on Next
  • Click on Command Prompt to open the command prompt
    Note: If you can't access the Recovery Environment using the F8 method above, you'll need to create a Windows installation or repair media. It can be made on the computer itself or another one running the same version of Windows as the one you plan to use it on. For more information, check out this tutorial on SevenForums.
    • To enter the Recovery Environment with Windows 8 or Windows 8.1, follow the instructions in this tutorial on EightForums
    • Note: If you can't access the Recovery Environment using the method above, you'll need to create a Windows installation or repair media. It can be made on the computer itself or another one running the same version of Windows as the one you plan to use it on.
      • To enter the Recovery Environment with Windows 10, follow the instructions in this tutorial on TenForums
      • Note: If you can't access the Recovery Environment using the method above, you'll need to create a Windows installation or repair media. It can be made on the computer itself or another one running the same version of Windows as the one you plan to use it on. For more information, check out this tutorial on TenForums
      • After any of these actions is performed, all user sessions are signed off and the Boot Options menu is displayed. The PC will restart into the WinRE and the selected feature is launched.
      • On the boot options, select Troubleshooting > Advanced Options > Command prompt.
Once in the command prompt

  • Plug your USB Flash Drive in the infected computer
  • In the command prompt, type notepad and press on Enter
  • Notepad will open. Click on the File menu and select Open
  • Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad
  • In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe and press on Enter
  • Note: Replace the letter e with the drive letter of your USB Flash Drive
  • FRST will open
  • Click on Yes to accept the disclaimer
  • First press the Scan button.
  • These actions will produce a log, Please copy and paste them in your reply
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
Neither of these drives represent what you tested with HDD tune. From post 62

The drive that your windows 10 is installed on seems to be failing, and this is where your issue lies....


Drive c: () (Fixed) (Total:446.59 GB) (Free:155.22 GB) NTFS
Drive e: (Místní disk) (Fixed) (Total:1863.02 GB) (Free:1253.03 GB) NTFS
 
  • Like
Reactions: gus

bbdra

PCHF Member
PCHF Member
May 9, 2019
57
3
29
well the letter of my drives are changing depends on which system you are logged on. The system disk of windows 10 have letter c: , but if I logged win xp it changes to two separate disks d: (system) and f: Application and data store. For easy remembering disk with capacity 500gb are Win 10 and disk with capacity 1,6T are win xp
 

bbdra

PCHF Member
PCHF Member
May 9, 2019
57
3
29
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by SYSTEM on MININT-D68SVJF (20-07-2019 18:42:28)
Running from C:\
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074088 2015-09-03] (Heidi Computers Ltd -> The Eraser Project)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2018-11-22] (Power Software Limited -> Power Software Ltd)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\PcPinpoint\pcp_winsm_mon_x64.exe <==== ATTENTION
HKU\Administrator\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\Administrator\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\Administrátor\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\Administrátor\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
HKLM\...\Drivers32: [vidc.mjpg] => bdmjpeg64.dll
HKLM\...\Drivers32: [vidc.mpeg] => bdmpegv64.dll
HKLM\...\Drivers32: [msacm.bdmpeg] => bdmpega64.acm
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0281EC11-8D7D-4E1A-BCCD-B89905B381D9} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> No File <==== ATTENTION
Task: {03FF134D-CA60-4122-8A0F-C9B9D0395221} - \Microsoft\Windows\Shell\IndexerAutomaticMaintenance -> No File <==== ATTENTION
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - \Microsoft\Windows\DeviceDirectoryClient\HandleCommand -> No File <==== ATTENTION
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - \Microsoft\Windows\Management\Provisioning\Cellular -> No File <==== ATTENTION
Task: {06CD9C3F-0F07-4D0A-BA5F-70E74EBE29EB} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck -> No File <==== ATTENTION
Task: {082F918C-DDF2-4A7B-9015-D95D1AD4C8B1} - \Microsoft\Windows\WOF\WIM-Hash-Validation -> No File <==== ATTENTION
Task: {09131E27-3793-4B1E-A11E-77D3EAC118D1} - \Microsoft\Windows\CertificateServicesClient\KeyPreGenTask -> No File <==== ATTENTION
Task: {093D1547-3FA6-415D-80C9-A02705522E5B} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> No File <==== ATTENTION
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates -> No File <==== ATTENTION
Task: {0BAF3FD2-708A-4879-B0C4-3A4FFA40D0F9} - \Microsoft\Windows\Servicing\StartComponentCleanup -> No File <==== ATTENTION
Task: {0BCF67FD-8BF9-4B8F-8E26-96E31D366980} - \Microsoft\Windows\Time Synchronization\SynchronizeTime -> No File <==== ATTENTION
Task: {0DD6A4AB-0D4D-4056-AE90-80146577A283} - \Microsoft\Windows\Windows Error Reporting\QueueReporting -> No File <==== ATTENTION
Task: {0E55C40D-83F8-4F39-838C-C1D3707EA86A} - \Microsoft\Windows\DUSM\dusmtask -> No File <==== ATTENTION
Task: {148277C5-7CB9-4CA4-B43E-B4CAFFED25FD} - \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser -> No File <==== ATTENTION
Task: {15D6B667-231C-44B6-9ECA-FC6CBE9799C8} - \Microsoft\Windows\Plug and Play\Device Install Reboot Required -> No File <==== ATTENTION
Task: {169699EF-AB65-47C0-986B-2EC5646D72D3} - \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization -> No File <==== ATTENTION
Task: {175463A3-4AF2-4959-8504-C36C4397C393} - \Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck -> No File <==== ATTENTION
Task: {17ED3499-746C-44BD-BB51-CEDC7C0B2369} - \Microsoft\Windows\SettingSync\BackgroundUploadTask -> No File <==== ATTENTION
Task: {1AB431C4-69F1-471D-957B-3B72B7281954} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> No File <==== ATTENTION
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - \Microsoft\Windows\Chkdsk\SyspartRepair -> No File <==== ATTENTION
Task: {1E64C557-EFB2-4731-A6BD-E1A150737856} - \Microsoft\Windows\Chkdsk\ProactiveScan -> No File <==== ATTENTION
Task: {20969B1A-5020-4B14-AB52-E3B56BC62F52} - \Microsoft\Windows\UPnP\UPnPHostConfig -> No File <==== ATTENTION
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - \microsoft\windows\applicationdata\appuriverifierinstall -> No File <==== ATTENTION
Task: {22644FCC-1F83-474C-9B55-8B685A3124DC} - \Microsoft\Windows\SystemRestore\SR -> No File <==== ATTENTION
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> No File <==== ATTENTION
Task: {24355F38-7895-4BF8-B106-BC1CABFD687B} - \Microsoft\Windows\User Profile Service\HiveUploadTask -> No File <==== ATTENTION
Task: {2888017B-E225-446F-9CE0-4BCE14A0B6D4} - \Microsoft\Windows\Task Manager\Interactive -> No File <==== ATTENTION
Task: {29177F6C-2B49-4106-A305-310828EF6591} - \Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup -> No File <==== ATTENTION
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - \Microsoft\Windows\EDP\EDP App Launch Task -> No File <==== ATTENTION
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - \Microsoft\Windows\UNP\RunUpdateNotificationMgr -> No File <==== ATTENTION
Task: {2A8E888F-BDAD-4D62-AD61-91C17F997E46} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader -> No File <==== ATTENTION
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {2CEF0869-1D33-4792-8B09-C3305C4D2542} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - \Microsoft\Windows\PushToInstall\Registration -> No File <==== ATTENTION
Task: {2E02CB3F-0DA1-45BB-84B1-68D5918A1F2F} - \Microsoft\Windows\PI\Secure-Boot-Update -> No File <==== ATTENTION
Task: {2E2E003A-9792-4956-8F12-92797F584AB8} - \Microsoft\Windows\License Manager\TempSignedLicenseExchange -> No File <==== ATTENTION
Task: {2E2F9ADD-000F-4459-B074-DB62A7324E8D} - \Microsoft\Windows\Subscription\EnableLicenseAcquisition -> No File <==== ATTENTION
Task: {2E31DFB9-8310-49C4-BDA7-21A43DAE7C5B} - \Microsoft\Windows\UpdateOrchestrator\Schedule Retry Scan -> No File <==== ATTENTION
Task: {33DD25E2-6C53-482B-8124-EB0C9DA48E66} - \Microsoft\Windows\CertificateServicesClient\SystemTask -> No File <==== ATTENTION
Task: {384C03EF-202E-4F12-A8A9-B0CC37ACCFB6} - \Microsoft\Windows\WOF\WIM-Hash-Management -> No File <==== ATTENTION
Task: {38C5F6EA-207C-46AE-B1CD-B030C8488753} - \Microsoft\Windows\TPM\Tpm-Maintenance -> No File <==== ATTENTION
Task: {3C1365A1-11E1-4629-9B25-7D6A932E6B60} - \Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization -> No File <==== ATTENTION
Task: {3DE3B809-D51F-4AB4-8BC1-7B16EB841A6C} - \Microsoft\Windows\LanguageComponentsInstaller\Uninstallation -> No File <==== ATTENTION
Task: {3DF7C0CB-9E09-4E11-9E51-8B65EA1C5D71} - \Microsoft\VisualStudio\Updates\BackgroundDownload -> No File <==== ATTENTION
Task: {407E1879-1F5E-42B2-BA7F-53BCEF433805} - \Microsoft\Windows\Location\Notifications -> No File <==== ATTENTION
Task: {40A08B09-749B-45B3-BA00-3E385CB26436} - \Tweaking.com - Windows Repair Tray Icon -> No File <==== ATTENTION
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates -> No File <==== ATTENTION
Task: {4603E70B-3E65-4C4C-B393-948D2B372CEA} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {46098CF5-9C4F-4E6F-9D54-FBE450A63903} - \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery -> No File <==== ATTENTION
Task: {4643E492-39A9-4B92-BC87-18F7979402C1} - \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 -> No File <==== ATTENTION
Task: {46C74893-02E4-4543-A891-2E21BC38784F} - \Microsoft\Windows\SettingSync\NetworkStateChangeTask -> No File <==== ATTENTION
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - \Microsoft\Windows\UpdateOrchestrator\Schedule Scan -> No File <==== ATTENTION
Task: {494093B3-2D2F-4AB7-A7D1-F0985173570E} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> No File <==== ATTENTION
Task: {4A282A38-85CA-4200-9F9E-642E113854D2} - \Microsoft\Windows\FileHistory\File History (maintenance mode) -> No File <==== ATTENTION
Task: {4BBFDF0C-BAD3-4721-AE72-4D81A1A2A816} - \CreateExplorerShellUnelevatedTask -> No File <==== ATTENTION
Task: {4CB53382-6FBB-4666-B563-0ABC6429D301} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange -> No File <==== ATTENTION
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - \Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh -> No File <==== ATTENTION
Task: {536E4522-B726-480C-9063-126E74EEA4A4} - \Microsoft\Windows\Maps\MapsUpdateTask -> No File <==== ATTENTION
Task: {53FD2AB0-0831-432D-AF7D-D6A0345E9E47} - \Microsoft\Windows\AppID\PolicyConverter -> No File <==== ATTENTION
Task: {540BF055-998A-4241-BD36-7C03F350F6B6} - \Microsoft\Windows\Shell\FamilySafetyMonitor -> No File <==== ATTENTION
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - \Microsoft\Windows\InstallService\ScanForUpdates -> No File <==== ATTENTION
Task: {5577DFD9-D345-462E-839D-1529C910F446} - \Microsoft\Windows\NetTrace\GatherNetworkInfo -> No File <==== ATTENTION
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange -> No File <==== ATTENTION
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - \Microsoft\Windows\Shell\FamilySafetyRefreshTask -> No File <==== ATTENTION
Task: {582FC1AC-F302-46B4-A283-5462926E5AB5} - \Microsoft\Windows\Subscription\LicenseAcquisition -> No File <==== ATTENTION
Task: {5BE358DF-C2F0-43BC-BA5A-77E36BF54A02} - \Microsoft\Windows\DiskFootprint\Diagnostics -> No File <==== ATTENTION
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task -> No File <==== ATTENTION
Task: {60C269FF-448A-4F10-886E-2C70F5086A5F} - \Microsoft\Windows\Sysmain\ResPriStaticDbSync -> No File <==== ATTENTION
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - \Microsoft\Windows\USB\Usb-Notifications -> No File <==== ATTENTION
Task: {62573B62-C559-4528-9136-AA80E1ABCD40} - \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 -> No File <==== ATTENTION
Task: {62C592A4-C898-4D94-AA29-5B1B73BCBE09} - \Microsoft\Windows\Work Folders\Work Folders Maintenance Work -> No File <==== ATTENTION
Task: {653517C9-1558-4788-9897-F37CF1DD9ADA} - \Microsoft\Windows\CertificateServicesClient\UserTask -> No File <==== ATTENTION
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - \Microsoft\Windows\InstallService\SmartRetry -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {6BA7DA55-83E0-42BD-990C-914FF5B4DF28} - \Microsoft\Windows\Application Experience\StartupAppTask -> No File <==== ATTENTION
Task: {6BFE7106-601B-4B34-8F8E-87B9A0DA6ACE} - \Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice -> No File <==== ATTENTION
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - \microsoft\windows\applicationdata\appuriverifierdaily -> No File <==== ATTENTION
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {70F5BB3C-CB79-4AC9-BF62-3482392FB06B} - \Microsoft\Windows\Plug and Play\Device Install Group Policy -> No File <==== ATTENTION
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - \Microsoft\XblGameSave\XblGameSaveTask -> No File <==== ATTENTION
Task: {749AC711-AA62-4D1D-B314-EF1C97E1CA56} - \Microsoft\Windows\ApplicationData\DsSvcCleanup -> No File <==== ATTENTION
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - \Microsoft\Windows\PushToInstall\LoginCheck -> No File <==== ATTENTION
Task: {75522E26-6BE6-4F53-A0FA-14470ECAACAB} - \Microsoft\Windows\Clip\License Validation -> No File <==== ATTENTION
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - \Microsoft\Windows\InstallService\ScanForUpdatesAsUser -> No File <==== ATTENTION
Task: {7B20F25B-903B-41BF-982F-1D66CEB52B79} - \Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic -> No File <==== ATTENTION
Task: {7B5B959F-60A4-4590-A767-0399FBA31002} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> No File <==== ATTENTION
Task: {7E0ACAA5-25A0-4D9B-A7F3-ABA971E470DD} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) -> No File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - \Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession -> No File <==== ATTENTION
Task: {7F027B74-0D75-40B0-B70E-6CA92E8C2AE7} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {7F94CFB6-E6CC-4B72-AA4F-0B89DA392363} - \Microsoft\Windows\CloudExperienceHost\CreateObjectTask -> No File <==== ATTENTION
Task: {805FCD48-5B6D-4A6E-A838-4FB241EBDD9A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {810EDDAA-1D4C-48DC-8841-81C201FD9ABF} - \ASUS Patch for VIA Audio -> No File <==== ATTENTION
Task: {81B9F3A6-412D-4004-910A-A48F7860B28C} - \Microsoft\Windows\Time Zone\SynchronizeTimeZone -> No File <==== ATTENTION
Task: {83795B87-BDC9-4F80-A96D-48ED113712D9} - \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical -> No File <==== ATTENTION
Task: {8641A7FD-7448-4659-B507-C96422A27A2C} - \Microsoft\Windows\Time Synchronization\ForceSynchronizeTime -> No File <==== ATTENTION
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - \Microsoft\Windows\SharedPC\Account Cleanup -> No File <==== ATTENTION
Task: {8E7BB9A3-956E-4C6A-AE87-4F175197704F} - \Microsoft\Windows\NlaSvc\WiFiTask -> No File <==== ATTENTION
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - \Microsoft\Windows\DirectX\DXGIAdapterCache -> No File <==== ATTENTION
Task: {8F8909FB-5096-4755-A2FF-DBF6E0C2B4E8} - \Microsoft\Windows\Multimedia\SystemSoundsService -> No File <==== ATTENTION
Task: {8FA79FF9-D7B2-4269-A201-30869AA78975} - \Microsoft\Windows\DiskCleanup\SilentCleanup -> No File <==== ATTENTION
Task: {908F9503-D38F-4136-A58B-23CF5653F9EC} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask -> No File <==== ATTENTION
Task: {919A7A4D-46EC-445A-8A38-6A2A5030E473} - \Microsoft\Windows\ApplicationData\CleanupTemporaryState -> No File <==== ATTENTION
Task: {931758D8-2EC2-4EAE-B3BA-A98DAEC67332} - \Microsoft\Windows\Maps\MapsToastTask -> No File <==== ATTENTION
Task: {94C0F2F9-98DF-415E-BDC9-AAFF75D5EF69} - \Microsoft\Windows\Workplace Join\Automatic-Device-Join -> No File <==== ATTENTION
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - \Microsoft\Windows\Feedback\Siuf\DmClient -> No File <==== ATTENTION
Task: {97054B94-92B5-45FA-91E8-80A9FC2DD07E} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam -> No File <==== ATTENTION
Task: {97C366EA-CF77-4DCD-8F43-0FA59B097EBD} - \Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents -> No File <==== ATTENTION
Task: {9855F24C-596B-48C3-BC07-6D0163E87EFD} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {99CF4EDB-B7AC-4350-A476-E70719E361CA} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor -> No File <==== ATTENTION
Task: {9A8929AD-2087-4317-8DFB-0484502B0597} - \Microsoft\Windows\Diagnosis\Scheduled -> No File <==== ATTENTION
Task: {9BD44F9F-0C01-4F78-9644-4C7596CD1E0A} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange -> No File <==== ATTENTION
Task: {9C4F4ACB-5122-40E1-9D7E-99555BC2F2C1} - \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical -> No File <==== ATTENTION
Task: {A0286930-1503-4DF2-8E47-3F5DEBFF4835} - \Microsoft\Windows\Defrag\ScheduledDefrag -> No File <==== ATTENTION
Task: {A19CD75C-08C3-42D5-9EB4-AE76B91A5550} - \Microsoft\Windows\Location\WindowsActionDialog -> No File <==== ATTENTION
Task: {A258C0E4-378E-491D-8A8C-2DDD9FD3EF6E} - \Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers -> No File <==== ATTENTION
Task: {A2E97D0A-9C58-44AB-89DC-55128ACA73C4} - \Microsoft\Windows\AppID\EDP Policy Manager -> No File <==== ATTENTION
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - \Microsoft\Windows\Speech\SpeechModelDownloadTask -> No File <==== ATTENTION
Task: {A3293304-CFB0-4256-B5C6-8497F4570410} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> No File <==== ATTENTION
Task: {A55D27EA-BB9A-43FB-98F5-442EB0CCCB46} - \Microsoft\Windows\LanguageComponentsInstaller\Installation -> No File <==== ATTENTION
Task: {A5F68519-8790-4CBB-B6BC-519A707C8012} - \Microsoft\Windows\Ras\MobilityManager -> No File <==== ATTENTION
Task: {A6CF7EE1-5B0D-489C-BCDD-924464E5478F} - \OneDrive Standalone Update Task-S-1-5-21-3472240800-3569865723-1055443696-500 -> No File <==== ATTENTION
Task: {ABAA1591-ED70-41A1-B750-A4BB478C956D} - \Microsoft\Windows\Autochk\Proxy -> No File <==== ATTENTION
Task: {ACB86CF6-3B03-47F7-8568-31D6CF5EBBE1} - \Microsoft\Windows\Device Setup\Metadata Refresh -> No File <==== ATTENTION
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - \Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand -> No File <==== ATTENTION
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - \Microsoft\Windows\DiskFootprint\StorageSense -> No File <==== ATTENTION
Task: {B2D1D0E5-4670-4493-9360-C9DD0E832A9D} - \Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask -> No File <==== ATTENTION
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - \Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask -> No File <==== ATTENTION
Task: {B662BDCC-DC6E-4D44-9F36-E686FEFF2253} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {B6D53096-86AD-4A04-A373-8078902904A3} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {B7155950-E9D7-46BB-9E75-66715B371441} - \CCleaner Update -> No File <==== ATTENTION
Task: {B76ECE88-27B3-4CEC-9B37-1314B4602CAA} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 -> No File <==== ATTENTION
Task: {BAD28112-46B7-4AED-88A1-B7D6CA9BB997} - \Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate -> No File <==== ATTENTION
Task: {BF5269B0-5CDF-4DE3-9654-F545D0FDD30C} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {C1E4DC7E-B724-4494-B496-3BBAC9E6689C} - \Uninstaller_SkipUac_Administrátor -> No File <==== ATTENTION
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - \Microsoft\Windows\Speech\HeadsetButtonPress -> No File <==== ATTENTION
Task: {C4788CC7-729E-4661-86E8-9172BAF9A456} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon -> No File <==== ATTENTION
Task: {C48D50E5-71A9-48D8-B7C1-3DA9AECBDEC3} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {CB7576FC-46D5-4830-89D9-DE1C82925B77} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask -> No File <==== ATTENTION
Task: {CB7F3B8F-F794-47DD-A8D2-AD8051F45A55} - \Microsoft\Windows\WwanSvc\NotificationTask -> No File <==== ATTENTION
Task: {CC6222A2-54BC-4A41-9F1A-701BAF4A2510} - \Microsoft\Windows\Maintenance\WinSAT -> No File <==== ATTENTION
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange -> No File <==== ATTENTION
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - \Microsoft\Windows\EDP\StorageCardEncryption Task -> No File <==== ATTENTION
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - \Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources -> No File <==== ATTENTION
Task: {D298452B-86C5-448E-8DE4-714AC46907BE} - \Microsoft\Windows\WDI\ResolutionHost -> No File <==== ATTENTION
Task: {D8436F3C-DDFE-4877-A05C-2337758E98E9} - \Microsoft\Windows\TPM\Tpm-HASCertRetr -> No File <==== ATTENTION
Task: {D9AA84D1-FDCD-4CDC-936C-8383B01EBC8F} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> No File <==== ATTENTION
Task: {DA0729FA-C19D-4E77-9443-D2C0CA797830} - \Microsoft\Windows\PI\Sqm-Tasks -> No File <==== ATTENTION
Task: {DA45E807-ADBA-4363-A5E5-5C7D6D25C208} - \Microsoft\Windows\rempl\shell -> No File <==== ATTENTION
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged -> No File <==== ATTENTION
Task: {E0862994-9083-482D-A921-27B4860FFA21} - \Microsoft\Windows\Printing\EduPrintProv -> No File <==== ATTENTION
Task: {E0D2D6F9-DCB3-48BD-8B64-E286549AEC88} - \MEGA\MEGAsync Update Task S-1-5-21-3472240800-3569865723-1055443696-1001 -> No File <==== ATTENTION
Task: {E12F9027-DCC6-4A21-8FE9-A60C3D6DF24D} - \Microsoft\Windows\WindowsUpdate\Scheduled Start -> No File <==== ATTENTION
Task: {E3A2431F-C155-4B2C-80F2-79F33342ADF2} - \Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures -> No File <==== ATTENTION
Task: {E55B6924-6C0B-4016-885A-9ECC8FABA3C7} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {E5AD57C0-9BC8-41F6-A364-B5CEA243AE82} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {E82177E3-E19A-4321-84F6-90AA57815013} - \Microsoft\Windows\Application Experience\ProgramDataUpdater -> No File <==== ATTENTION
Task: {E8218786-CAA3-43A9-B692-B13018A107B0} - \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan -> No File <==== ATTENTION
Task: {E8411C63-4393-40B6-9A25-7D31CD4897BE} - \Microsoft\Windows\WCM\WiFiTask -> No File <==== ATTENTION
Task: {E907704E-6225-4B0A-A428-3ECE7F8277BE} - \Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask -> No File <==== ATTENTION
Task: {E9474EE3-C9D7-4FA3-9B3E-353E37D5814D} - \Microsoft\Windows\Management\Provisioning\Logon -> No File <==== ATTENTION
Task: {EA3F0B00-15AD-40F2-873B-AB4342B0E3BD} - \Microsoft\Windows\Wininet\CacheTask -> No File <==== ATTENTION
Task: {EA82D63F-DE14-472E-A312-9E3F343F7A5E} - \OneDrive Standalone Update Task-S-1-5-21-3472240800-3569865723-1055443696-1001 -> No File <==== ATTENTION
Task: {EACFFD3A-531B-4E26-AA1E-81E754029A42} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback -> No File <==== ATTENTION
Task: {ECE83A70-4155-4FBE-A2B7-F5F2C46351B3} - \Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization -> No File <==== ATTENTION
Task: {EDB3D1C3-0FEB-4F11-B965-9F99878BDA5F} - \Microsoft\Windows\Registry\RegIdleBackup -> No File <==== ATTENTION
Task: {EE263E86-FF16-45EE-94C8-2327B81F98CE} - \Microsoft\Windows\Workplace Join\Recovery-Check -> No File <==== ATTENTION
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - \Microsoft\Windows\Device Information\Device -> No File <==== ATTENTION
Task: {F01143ED-564D-4031-84D1-5E32FBE209DB} - \Microsoft\Windows\SpacePort\SpaceAgentTask -> No File <==== ATTENTION
Task: {F0216E35-B3E1-44CD-8CB9-BC7D6F3D091B} - \Microsoft\Windows\WaaSMedic\PerformRemediation -> No File <==== ATTENTION
Task: {F084544B-322F-4CED-B874-EC696339C19E} - \Microsoft\Windows\SpacePort\SpaceManagerTask -> No File <==== ATTENTION
Task: {F540ACA1-6E03-4862-A4D0-705ED09AD763} - \Microsoft\Windows\Sysmain\HybridDriveCacheRebalance -> No File <==== ATTENTION
Task: {F7A9BB5E-F2C3-4799-9D33-18C67933FFB1} - \Microsoft\Windows\RecoveryEnvironment\VerifyWinRE -> No File <==== ATTENTION
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - \Microsoft\Windows\EDP\EDP Auth Task -> No File <==== ATTENTION
Task: {FBA557C2-0C46-4054-B48C-7C0A5E39F457} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {FC394201-D90B-4BC1-937D-33E76519B4D4} - \Microsoft\Windows\Shell\CreateObjectTask -> No File <==== ATTENTION
Task: {FC6624A6-0F35-4662-984C-10DA2C09A1D8} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork -> No File <==== ATTENTION
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh -> No File <==== ATTENTION
Task: {FF395E0A-9066-4D38-A596-43F67C3F45EA} - \Microsoft\Windows\Sysmain\WsSwapAssessmentTask -> No File <==== ATTENTION
Task: {FFD04064-2E64-4928-BB96-DE918F7DC39B} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd -> Disc Soft Ltd)
S2 Everything; C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools)
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation -> Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S2 AVP19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe" -r [X]
S3 Browser; %SystemRoot%\System32\browser.dll [X]
S2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [X]
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [X]
S3 klvssbridge64_19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe" [X]
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [X]
S2 VIAKaraokeService; %SystemRoot%\system32\viakaraokesrv.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-12] (Microsoft Corporation)
S1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [254464 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2018-04-12] (Microsoft Corporation)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [101888 2018-08-31] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [93696 2019-03-06] (Microsoft Corporation)
S1 cdrom; C:\Windows\System32\drivers\cdrom.sys [159744 2018-06-15] (Microsoft Corporation)
S2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-03-14] (Microsoft Corporation)
S1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [141312 2018-06-15] (Microsoft Corporation)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2018-08-31] (Disc Soft Ltd -> Disc Soft Ltd)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [358912 2019-03-06] (Microsoft Corporation)
S1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [55808 2018-04-12] (Microsoft Corporation)
S1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2018-04-12] (Microsoft Corporation)
S1 HWiNFO; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-08-18] (Martin Malik - REALiX -> REALiX(tm))
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-08-18] (Martin Malik - REALiX -> REALiX(tm))
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [85504 2018-04-12] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [214528 2018-04-12] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S3 irda; C:\Windows\system32\drivers\irda.sys [119808 2018-04-12] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [19968 2018-04-12] (Microsoft Corporation)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [197464 2019-05-29] (Kaspersky Lab -> AO Kaspersky Lab)
S2 lltdio; C:\Windows\System32\drivers\lltdio.sys [65024 2018-04-12] (Microsoft Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [130048 2019-04-02] (Microsoft Corporation)
S2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [43008 2018-12-08] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [42496 2018-04-12] (Microsoft Corporation)
S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [75776 2018-08-31] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [144384 2018-06-08] (Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [116736 2019-03-06] (Microsoft Corporation)
S1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [31232 2019-03-06] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [11776 2018-04-12] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [32256 2018-06-08] (Microsoft Corporation)
S2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [84480 2018-04-12] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [528896 2019-03-14] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [53760 2018-04-12] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [128512 2018-04-12] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [193536 2018-11-09] (Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [193536 2018-11-09] (Microsoft Corporation)
S2 Ndu; C:\Windows\System32\drivers\Ndu.sys [128000 2018-04-12] (Microsoft Corporation)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [310272 2019-04-02] (Microsoft Corporation)
S1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [73216 2019-03-06] (Microsoft Corporation)
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [726528 2019-07-04] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [49152 2018-04-12] (Microsoft Corporation)
S3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [27136 2018-04-12] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [182784 2019-03-14] (Microsoft Corporation)
S2 rspndr; C:\Windows\System32\drivers\rspndr.sys [81920 2018-04-12] (Microsoft Corporation)
S1 SCDEmu; no ImagePath
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [43008 2018-04-12] (Microsoft Corporation)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [736256 2019-03-06] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [266752 2019-03-06] (Microsoft Corporation)
S2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [82432 2019-03-14] (Microsoft Corporation)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [51712 2018-04-12] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [63488 2018-04-12] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\drivers\tunnel.sys [119296 2018-04-12] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [128512 2018-04-12] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [324608 2019-03-06] (Microsoft Corporation)
S2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [81920 2019-01-01] (Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [81920 2019-01-01] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [787968 2019-05-17] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2019-05-17] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [125440 2018-04-12] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\drivers\WudfRd.sys [264192 2018-04-12] (Microsoft Corporation)
S3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [264192 2018-04-12] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [264192 2018-04-12] (Microsoft Corporation)
S3 1394ohci; \SystemRoot\System32\drivers\1394ohci.sys [X]
S0 3ware; System32\drivers\3ware.sys [X]
S0 ACPI; System32\drivers\ACPI.sys [X]
S3 AcpiDev; \SystemRoot\System32\drivers\AcpiDev.sys [X]
S3 acpipagr; \SystemRoot\System32\drivers\acpipagr.sys [X]
S3 AcpiPmi; \SystemRoot\System32\drivers\acpipmi.sys [X]
S3 acpitime; \SystemRoot\System32\drivers\acpitime.sys [X]
S0 ADP80XX; System32\drivers\ADP80XX.SYS [X]
S0 amdide64; System32\drivers\amdide64.sys [X]
S3 AmdK8; \SystemRoot\System32\drivers\amdk8.sys [X]
S3 AmdPPM; \SystemRoot\System32\drivers\amdppm.sys [X]
S0 amdsata; System32\drivers\amdsata.sys [X]
S0 amdsbs; System32\drivers\amdsbs.sys [X]
S0 amdxata; System32\drivers\amdxata.sys [X]
S0 arcsas; System32\drivers\arcsas.sys [X]
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S3 bcmfn2; \SystemRoot\System32\drivers\bcmfn2.sys [X]
S3 BthHFEnum; \SystemRoot\System32\drivers\bthhfenum.sys [X]
S3 BTHMODEM; \SystemRoot\System32\drivers\bthmodem.sys [X]
S0 bttflt; System32\drivers\bttflt.sys [X]
S3 buttonconverter; \SystemRoot\System32\drivers\buttonconverter.sys [X]
S3 CAD; \SystemRoot\System32\drivers\CAD.sys [X]
S3 CapImg; \SystemRoot\System32\drivers\capimg.sys [X]
S0 cht4iscsi; System32\drivers\cht4sx64.sys [X]
S3 cht4vbd; \SystemRoot\System32\drivers\cht4vx64.sys [X]
S3 circlass; \SystemRoot\System32\drivers\circlass.sys [X]
S3 CmBatt; \SystemRoot\System32\drivers\CmBatt.sys [X]
S3 CMUACWO; \SystemRoot\system32\DRIVERS\CMUACWO.sys [X]
S0 cm_km; system32\DRIVERS\cm_km.sys [X]
S0 Disk; System32\drivers\disk.sys [X]
S3 dmvsc; \SystemRoot\System32\drivers\dmvsc.sys [X]
S3 drmkaud; \SystemRoot\System32\drivers\drmkaud.sys [X]
S0 ebdrv; System32\drivers\evbda.sys [X]
S0 EhStorTcgDrv; System32\drivers\EhStorTcgDrv.sys [X]
S3 ErrDev; \SystemRoot\System32\drivers\errdev.sys [X]
S3 fdc; \SystemRoot\System32\drivers\fdc.sys [X]
S3 flpydisk; \SystemRoot\System32\drivers\flpydisk.sys [X]
S3 gencounter; \SystemRoot\System32\drivers\vmgencounter.sys [X]
S3 genericusbfn; \SystemRoot\System32\drivers\genericusbfn.sys [X]
S3 HdAudAddService; \SystemRoot\System32\drivers\HdAudio.sys [X]
S3 HidBatt; \SystemRoot\System32\drivers\HidBatt.sys [X]
S3 HidBth; \SystemRoot\System32\drivers\hidbth.sys [X]
S3 hidi2c; \SystemRoot\System32\drivers\hidi2c.sys [X]
S3 hidinterrupt; \SystemRoot\System32\drivers\hidinterrupt.sys [X]
S3 HidIr; \SystemRoot\System32\drivers\hidir.sys [X]
S0 HpSAMD; System32\drivers\HpSAMD.sys [X]
S4 hvcrash; \SystemRoot\System32\drivers\hvcrash.sys [X]
S3 hyperkbd; \SystemRoot\System32\drivers\hyperkbd.sys [X]
S3 HyperVideo; \SystemRoot\System32\drivers\HyperVideo.sys [X]
S3 i8042prt; \SystemRoot\System32\drivers\i8042prt.sys [X]
S3 iagpio; \SystemRoot\System32\drivers\iagpio.sys [X]
S3 iai2c; \SystemRoot\System32\drivers\iai2c.sys [X]
S3 iaLPSS2i_GPIO2; \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys [X]
S3 iaLPSS2i_GPIO2_BXT_P; \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [X]
S3 iaLPSS2i_I2C; \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys [X]
S3 iaLPSS2i_I2C_BXT_P; \SystemRoot\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [X]
S3 iaLPSSi_GPIO; \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys [X]
S3 iaLPSSi_I2C; \SystemRoot\System32\drivers\iaLPSSi_I2C.sys [X]
S0 iaStorAVC; System32\drivers\iaStorAVC.sys [X]
S0 iaStorV; System32\drivers\iaStorV.sys [X]
S3 ibbus; \SystemRoot\System32\drivers\ibbus.sys [X]
S0 intelide; System32\drivers\intelide.sys [X]
S0 intelpep; System32\drivers\intelpep.sys [X]
S3 intelppm; \SystemRoot\System32\drivers\intelppm.sys [X]
S3 IPMIDRV; \SystemRoot\System32\drivers\IPMIDrv.sys [X]
S0 isapnp; System32\drivers\isapnp.sys [X]
S3 iScsiPrt; \SystemRoot\System32\drivers\msiscsi.sys [X]
S0 ItSas35i; System32\drivers\ItSas35i.sys [X]
S3 IUProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [X]
S3 IURegistryFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [X]
S3 kdnic; \SystemRoot\System32\drivers\kdnic.sys [X]
S0 klbackupdisk; system32\DRIVERS\klbackupdisk.sys [X]
S1 klbackupflt; system32\DRIVERS\klbackupflt.sys [X]
S1 kldisk; \SystemRoot\system32\DRIVERS\kldisk.sys [X]
S0 klelam; system32\DRIVERS\klelam.sys [X]
S3 klflt; \SystemRoot\system32\DRIVERS\klflt.sys [X]
S1 KLHK; \SystemRoot\System32\drivers\klhk.sys [X]
S1 KLIF; system32\DRIVERS\klif.sys [X]
S1 klim6; \SystemRoot\system32\DRIVERS\klim6.sys [X]
S3 klkbdflt; \SystemRoot\system32\DRIVERS\klkbdflt.sys [X]
S3 klmouflt; \SystemRoot\system32\DRIVERS\klmouflt.sys [X]
S1 klpd; system32\DRIVERS\klpd.sys [X]
S3 klpnpflt; \SystemRoot\system32\DRIVERS\klpnpflt.sys [X]
S0 klupd_klif_arkmon; System32\Drivers\klupd_klif_arkmon.sys [X]
S3 klupd_klif_kimul; System32\Drivers\klupd_klif_kimul.sys [X]
S3 klupd_klif_klark; System32\Drivers\klupd_klif_klark.sys [X]
S0 klupd_klif_klbg; System32\Drivers\klupd_klif_klbg.sys [X]
S3 klupd_klif_mark; System32\Drivers\klupd_klif_mark.sys [X]
S4 klwfp; \SystemRoot\system32\DRIVERS\klwfp.sys [X]
S1 klwtp; \SystemRoot\system32\DRIVERS\klwtp.sys [X]
S1 kneps; \SystemRoot\system32\DRIVERS\kneps.sys [X]
S0 LSI_SAS; System32\drivers\lsi_sas.sys [X]
S0 LSI_SAS2i; System32\drivers\lsi_sas2i.sys [X]
S0 LSI_SAS3i; System32\drivers\lsi_sas3i.sys [X]
S0 LSI_SSS; System32\drivers\lsi_sss.sys [X]
S3 mausbhost; \SystemRoot\System32\drivers\mausbhost.sys [X]
S3 mausbip; \SystemRoot\System32\drivers\mausbip.sys [X]
S0 megasas; System32\drivers\megasas.sys [X]
S0 megasas2i; System32\drivers\MegaSas2i.sys [X]
S0 megasas35i; System32\drivers\megasas35i.sys [X]
S0 megasr; System32\drivers\megasr.sys [X]
S3 mlx4_bus; \SystemRoot\System32\drivers\mlx4_bus.sys [X]
S3 monitor; \SystemRoot\System32\drivers\monitor.sys [X]
S3 msgpiowin32; \SystemRoot\System32\drivers\msgpiowin32.sys [X]
S0 msisadrv; System32\drivers\msisadrv.sys [X]
S3 MTConfig; \SystemRoot\System32\drivers\MTConfig.sys [X]
S0 mvumis; System32\drivers\mvumis.sys [X]
S3 ndfltr; \SystemRoot\System32\drivers\ndfltr.sys [X]
S3 netvsc; \SystemRoot\System32\drivers\netvsc.sys [X]
S1 npsvctrig; \SystemRoot\System32\drivers\npsvctrig.sys [X]
S3 nvdimm; \SystemRoot\System32\drivers\nvdimm.sys [X]
S3 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S3 nvlddmkm; \SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [X]
S0 nvraid; System32\drivers\nvraid.sys [X]
S0 nvstor; System32\drivers\nvstor.sys [X]
S3 Parport; \SystemRoot\System32\drivers\parport.sys [X]
S0 pci; System32\drivers\pci.sys [X]
S0 pciide; System32\drivers\pciide.sys [X]
S0 pcmcia; System32\drivers\pcmcia.sys [X]
S0 percsas2i; System32\drivers\percsas2i.sys [X]
S0 percsas3i; System32\drivers\percsas3i.sys [X]
S3 pmem; \SystemRoot\System32\drivers\pmem.sys [X]
S3 PNPMEM; \SystemRoot\System32\drivers\pnpmem.sys [X]
S3 Processor; \SystemRoot\System32\drivers\processr.sys [X]
S3 rhproxy; \SystemRoot\System32\drivers\rhproxy.sys [X]
S3 rt640x64; \SystemRoot\System32\drivers\rt640x64.sys [X]
S3 s3cap; \SystemRoot\System32\drivers\vms3cap.sys [X]
S0 sbp2port; System32\drivers\sbp2port.sys [X]
S0 scmbus; System32\drivers\scmbus.sys [X]
S3 sdbus; \SystemRoot\System32\drivers\sdbus.sys [X]
S3 SDFRd; \SystemRoot\System32\drivers\SDFRd.sys [X]
S3 sdstor; \SystemRoot\System32\drivers\sdstor.sys [X]
S3 Serenum; \SystemRoot\System32\drivers\serenum.sys [X]
S3 Serial; \SystemRoot\System32\drivers\serial.sys [X]
S3 sermouse; \SystemRoot\System32\drivers\sermouse.sys [X]
S3 sfloppy; \SystemRoot\System32\drivers\sfloppy.sys [X]
S0 SiSRaid2; System32\drivers\SiSRaid2.sys [X]
S0 SiSRaid4; System32\drivers\sisraid4.sys [X]
S0 spaceport; System32\drivers\spaceport.sys [X]
S0 stexstor; System32\drivers\stexstor.sys [X]
S0 storahci; System32\drivers\storahci.sys [X]
S0 storflt; System32\drivers\vmstorfl.sys [X]
S0 stornvme; System32\drivers\stornvme.sys [X]
S0 storufs; System32\drivers\storufs.sys [X]
S0 storvsc; System32\drivers\storvsc.sys [X]
S3 Synth3dVsc; \SystemRoot\System32\drivers\Synth3dVsc.sys [X]
S3 terminpt; \SystemRoot\System32\drivers\terminpt.sys [X]
S3 TPM; \SystemRoot\System32\drivers\tpm.sys [X]
S3 TsUsbGD; \SystemRoot\System32\drivers\TsUsbGD.sys [X]
S3 UASPStor; \SystemRoot\System32\drivers\uaspstor.sys [X]
S3 UcmUcsi; \SystemRoot\System32\drivers\UcmUcsi.sys [X]
S3 UEFI; \SystemRoot\System32\drivers\UEFI.sys [X]
S3 UfxChipidea; \SystemRoot\System32\drivers\UfxChipidea.sys [X]
S3 ufxsynopsys; \SystemRoot\System32\drivers\ufxsynopsys.sys [X]
S3 UmPass; \SystemRoot\System32\drivers\umpass.sys [X]
S3 UrsChipidea; \SystemRoot\System32\drivers\urschipidea.sys [X]
S3 UrsSynopsys; \SystemRoot\System32\drivers\urssynopsys.sys [X]
S3 usbaudio2; \SystemRoot\System32\drivers\usbaudio2.sys [X]
S3 usbccgp; \SystemRoot\System32\drivers\usbccgp.sys [X]
S3 usbcir; \SystemRoot\System32\drivers\usbcir.sys [X]
S3 usbehci; \SystemRoot\System32\drivers\usbehci.sys [X]
S3 usbhub; \SystemRoot\System32\drivers\usbhub.sys [X]
S3 USBHUB3; \SystemRoot\System32\drivers\UsbHub3.sys [X]
S3 usbprint; \SystemRoot\System32\drivers\usbprint.sys [X]
S3 usbser; \SystemRoot\System32\drivers\usbser.sys [X]
S3 USBSTOR; \SystemRoot\System32\drivers\USBSTOR.SYS [X]
S3 usbuhci; \SystemRoot\System32\drivers\usbuhci.sys [X]
S3 USBXHCI; \SystemRoot\System32\drivers\USBXHCI.SYS [X]
S3 VASDeviceDrm; \SystemRoot\system32\drivers\vasdDev.sys [X]
S0 vdrvroot; System32\drivers\vdrvroot.sys [X]
S3 vhdmp; \SystemRoot\System32\drivers\vhdmp.sys [X]
S3 vhf; \SystemRoot\System32\drivers\vhf.sys [X]
S3 VIAHdAudAddService; \SystemRoot\system32\drivers\viahduaa.sys [X]
S0 vmbus; System32\drivers\vmbus.sys [X]
S3 VMBusHID; \SystemRoot\System32\drivers\VMBusHID.sys [X]
S3 vmgid; \SystemRoot\System32\drivers\vmgid.sys [X]
S0 volmgr; System32\drivers\volmgr.sys [X]
S0 volume; System32\drivers\volume.sys [X]
S3 vpci; \SystemRoot\System32\drivers\vpci.sys [X]
S0 vsmraid; System32\drivers\vsmraid.sys [X]
S0 VSTXRAID; System32\drivers\vstxraid.sys [X]
S3 WacomPen; \SystemRoot\System32\drivers\wacompen.sys [X]
S0 WindowsTrustedRTProxy; System32\drivers\WindowsTrustedRTProxy.sys [X]
S3 WinMad; \SystemRoot\System32\drivers\winmad.sys [X]
S3 WINUSB; \SystemRoot\System32\drivers\WinUSB.SYS [X]
S3 WinVerbs; \SystemRoot\System32\drivers\winverbs.sys [X]
S3 xboxgip; \SystemRoot\System32\drivers\xboxgip.sys [X]
S3 xinputhid; \SystemRoot\System32\drivers\xinputhid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-20 18:42 - 2019-07-20 18:42 - 000046136 _____ C:\FRST.txt
2019-07-20 17:34 - 2019-07-20 17:34 - 002095104 _____ (Farbar) C:\FRST64.exe
2019-07-18 21:45 - 2019-07-18 21:45 - 000000000 ___HD C:\$SysReset
2019-07-18 21:38 - 2019-07-18 21:47 - 000000000 _____ C:\Recovery.txt
2019-07-18 21:14 - 2019-07-18 21:14 - 000000000 ____D C:\$Windows.~BT
2019-07-15 14:59 - 2019-07-15 14:59 - 000000000 ____D C:\PCPinBackup
2019-07-15 14:49 - 2019-07-15 14:59 - 000000000 ____D C:\PCPinPoint
2019-07-14 12:16 - 2019-07-14 12:16 - 000019678 _____ C:\Users\Administrátor\Downloads\filterdrivers.zip
2019-07-14 11:20 - 2019-07-14 11:20 - 000005895 _____ C:\Users\Administrátor\Downloads\fixlist (1).txt
2019-07-14 03:53 - 2019-07-14 03:53 - 000000000 ____D C:\Users\Administrátor\AppData\Local\Everything
2019-07-14 03:05 - 2019-07-14 03:53 - 000000000 ____D C:\Users\Administrátor\AppData\Roaming\Everything
2019-07-14 03:05 - 2019-07-14 03:05 - 001604128 _____ () C:\Users\Administrátor\Downloads\Everything-1.4.1.935.x64-Setup.exe
2019-07-14 03:05 - 2019-07-14 03:05 - 000000000 ____D C:\Program Files\Everything
2019-07-14 02:51 - 2019-07-14 02:51 - 001537564 _____ C:\Users\Administrátor\Downloads\Everything-1.4.1.935.x64.zip
2019-07-13 21:08 - 2019-07-13 21:08 - 000137737 _____ C:\Users\Administrátor\Downloads\ShadowExplorer-0.9-portable.zip
2019-07-13 21:08 - 2019-07-13 21:08 - 000000000 ____D C:\Users\Administrátor\AppData\Roaming\www.shadowexplorer.com
2019-07-13 19:27 - 2019-07-13 19:27 - 000000000 ____D C:\RegBackup
2019-07-13 17:37 - 2019-07-13 17:38 - 038910664 _____ (Tweaking.com) C:\Users\Administrátor\Downloads\tweaking.com_windows_repair_aio_setup.exe
2019-07-11 13:57 - 2019-07-11 14:01 - 1241334695 _____ C:\Users\Administrátor\Downloads\smrtelna_lavina-(subzero)-cz-dabing-2005(HQ-DVDRip).mp4
2019-07-10 14:29 - 2019-07-10 14:33 - 1171731070 _____ C:\Users\Administrátor\Downloads\Posledni Plavba (1999)-krimidrama,D.Walsh,Ice-T,CZ dab,DTVMir,88'.avi
2019-07-09 21:11 - 2019-07-09 21:14 - 1029336720 _____ C:\Users\Administrátor\Downloads\Drsná pomsta 1995 nef tv cz.avi
2019-07-09 17:46 - 2019-07-09 17:46 - 000415689 __RST C:\QuickDiag_09_07_2019_18_46_33.txt
2019-07-09 17:30 - 2019-07-14 11:29 - 000000000 ____D C:\QuickDiag
2019-07-09 00:06 - 2019-07-20 18:42 - 000000000 ____D C:\FRST
2019-07-09 00:06 - 2019-07-09 00:06 - 001908496 _____ C:\Users\Administrátor\Downloads\FRST64(1).zip
2019-07-08 23:57 - 2019-07-08 23:57 - 000000927 _____ C:\Users\Public\Desktop\Exterminate It!.lnk
2019-07-08 22:55 - 2019-07-08 22:58 - 993102812 _____ C:\Users\Administrátor\Downloads\Demolice 1996 nef tv cz.avi
2019-07-08 22:50 - 2019-07-09 06:22 - 1387907307 _____ C:\Users\Administrátor\Downloads\House on Hooter Hill (2007).mp4
2019-07-08 12:26 - 2019-07-08 12:26 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-07 21:41 - 2019-07-07 22:25 - 796084224 _____ C:\Users\Administrátor\Downloads\Vampire in Vegas-horor- 2009-CZdub od Aecek.avi
2019-07-07 20:33 - 2019-07-07 20:39 - 000000000 ____D C:\Users\Administrátor\Downloads\web
2019-07-06 19:42 - 2019-07-06 19:42 - 063008316 _____ C:\Users\Administrátor\Downloads\Amoss - Rollpipe VIP [FREE TRACK] - labmaster1644.3.wav
2019-07-06 19:31 - 2019-07-06 19:31 - 078642396 _____ C:\Users\Administrátor\Downloads\Kyrist - Ill Skill VIP v4.1.wav
2019-07-06 19:25 - 2019-07-06 19:25 - 062022584 _____ C:\Users\Administrátor\Downloads\[FREE GIVE AWAY ALBUM BONUS TRACK]. Amoss - Fathoms - AT Master.wav
2019-07-06 13:05 - 2019-07-06 13:05 - 051880000 _____ C:\Users\Administrátor\Downloads\The Upbeats - SSxUB - Solitaire (Ulterior Motive Remix).wav
2019-07-05 22:18 - 2019-07-05 22:21 - 1028672588 _____ C:\Users\Administrátor\Downloads\Frankenweenie.Domaci.mazlicek.(2012) CZ Dabing.avi
2019-07-05 22:15 - 2019-07-05 22:18 - 862280444 _____ C:\Users\Administrátor\Downloads\Aladin 2019 (CZ titulky kino).mkv
2019-07-05 15:04 - 2019-07-05 15:04 - 048112830 _____ C:\Users\Administrátor\Downloads\Mikal - Dub Machine - Mastered.wav
2019-07-05 14:50 - 2019-07-05 14:50 - 051258604 _____ C:\Users\Administrátor\Downloads\DNB France - SIGNS - Ketama.wav
2019-07-04 22:33 - 2019-07-04 22:33 - 021974406 _____ C:\Users\Administrátor\Downloads\NEST075.zip
2019-07-03 17:30 - 2019-07-03 17:35 - 1727907473 _____ C:\Users\Administrátor\Downloads\DNB France - FRENCH PLATES 2017.zip
2019-07-03 17:13 - 2019-07-03 17:13 - 072622210 _____ C:\Users\Administrátor\Downloads\YouKnowRight-1991.zip
2019-06-29 21:22 - 2019-06-29 21:24 - 827447534 _____ C:\Users\Administrátor\Downloads\Devítky 2007 Cz Dab.avi
2019-06-29 21:02 - 2019-06-29 21:03 - 300669399 _____ C:\Users\Administrátor\Downloads\Scrat_Spaced Out (2016).mkv
2019-06-29 08:59 - 2019-07-09 12:03 - 000000000 ____D C:\ProgramData\ProductData
2019-06-28 19:18 - 2019-06-28 19:19 - 000000000 ____D C:\KRD2018_Data
2019-06-28 16:57 - 2019-06-28 16:57 - 000000000 ____D C:\Users\Administrátor\source
2019-06-28 16:56 - 2019-06-28 16:59 - 000000000 ____D C:\Users\Administrátor\Documents\Visual Studio 2019
2019-06-28 16:51 - 2019-06-28 17:00 - 000000000 ____D C:\Users\Administrátor\AppData\Roaming\Visual Studio Setup
2019-06-28 16:51 - 2019-06-28 16:51 - 000000000 ____D C:\Users\Administrátor\AppData\Roaming\vstelemetry
2019-06-28 16:51 - 2019-06-28 16:51 - 000000000 ____D C:\Users\Administrátor\AppData\Roaming\vs_installershell
2019-06-28 16:51 - 2019-06-28 16:51 - 000000000 ____D C:\Users\Administrátor\AppData\Local\ServiceHub
2019-06-28 16:50 - 2019-06-28 16:50 - 001339864 _____ (Microsoft Corporation) C:\Users\Administrátor\Downloads\vs_community__1429971524.1561737004.exe
2019-06-28 16:50 - 2019-06-28 16:50 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2019-06-28 16:33 - 2019-06-28 16:33 - 001447178 _____ (Igor Pavlov) C:\Users\Administrátor\Downloads\7z1900-x64.exe
2019-06-28 16:33 - 2019-06-28 16:33 - 000000000 ____D C:\Program Files\7-Zip
2019-06-28 16:22 - 2019-06-28 16:22 - 000000000 ____D C:\Users\Administrátor\Documents\Ashampoo Burning Studio FREE
2019-06-28 16:21 - 2019-06-28 16:21 - 000001380 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk
2019-06-28 16:21 - 2019-06-28 16:21 - 000000000 ____D C:\Users\Administrátor\AppData\Roaming\Ashampoo
2019-06-28 16:21 - 2019-06-28 16:21 - 000000000 ____D C:\ProgramData\Ashampoo
2019-06-28 16:19 - 2019-06-28 16:19 - 041877736 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Administrátor\Downloads\ashampoo_burning_studio_free_24045.exe
2019-06-28 16:09 - 2019-06-28 16:09 - 000000000 ____D C:\Temp
2019-06-28 16:08 - 2019-06-28 16:08 - 002284808 _____ C:\Users\Administrátor\Downloads\SH-222AB_SB01.exe
2019-06-28 15:07 - 2019-06-28 15:09 - 595562496 _____ C:\Users\Administrátor\Downloads\krd.iso
2019-06-27 23:32 - 2019-06-27 23:33 - 164432168 _____ (AO Kaspersky Lab) C:\Users\Administrátor\Downloads\Unconfirmed 205204.crdownload
2019-06-26 13:16 - 2019-06-26 13:16 - 000087651 _____ C:\Users\Administrátor\Downloads\20190531_2111935377_BU.pdf
2019-06-26 13:16 - 2019-06-26 13:16 - 000085026 _____ C:\Users\Administrátor\Downloads\20190430_2111935377_BU.pdf
2019-06-26 13:13 - 2019-06-26 13:13 - 000147541 _____ C:\Users\Administrátor\Downloads\20190225_2111935377_VP.pdf
2019-06-26 13:13 - 2019-06-26 13:13 - 000086990 _____ C:\Users\Administrátor\Downloads\20190329_2111935377_BU.pdf
2019-06-26 13:13 - 2019-06-26 13:13 - 000085180 _____ C:\Users\Administrátor\Downloads\20190131_2111935377_BU.pdf
2019-06-26 13:13 - 2019-06-26 13:13 - 000084487 _____ C:\Users\Administrátor\Downloads\20190228_2111935377_BU.pdf
2019-06-23 20:20 - 2019-06-23 20:22 - 627688916 _____ C:\Users\Administrátor\Downloads\12-opic.avi
2019-06-23 17:08 - 2019-06-23 17:14 - 1992179280 _____ C:\Users\Administrátor\Downloads\Kráľ rybár CZ.avi
2019-06-23 14:08 - 2019-06-23 14:11 - 1027718630 _____ C:\Users\Administrátor\Downloads\Krajina Přílivu (2005) CZ Dabing.avi
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 14:34 - 2018-11-11 14:40 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-14 14:28 - 2018-09-12 11:44 - 000000000 ____D C:\Users\Administrátor\AppData\Local\CrashDumps
2019-07-14 14:28 - 2018-08-17 20:53 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-07-14 14:28 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-14 11:24 - 2018-12-18 18:49 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-07-14 02:53 - 2019-03-04 02:10 - 000000000 ____D C:\Program Files\Recuva
2019-07-14 01:14 - 2018-09-08 10:31 - 000000000 ____D C:\Users\Administrátor\AppData\Roaming\vlc
2019-07-13 22:27 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-13 20:01 - 2018-08-17 20:48 - 000000000 ___RD C:\Users\Administrátor\OneDrive
2019-07-13 17:35 - 2018-08-17 20:46 - 000000000 ___HD C:\Users\Administrátor\MicrosoftEdgeBackups
2019-07-13 17:35 - 2018-08-17 20:46 - 000000000 ____D C:\Users\Administrátor\AppData\Local\Packages
2019-07-10 20:43 - 2018-08-17 20:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 20:43 - 2018-08-17 20:46 - 000000000 ___RD C:\Users\Administrátor\3D Objects
2019-07-09 17:09 - 2018-08-17 20:47 - 000000000 ____D C:\Users\Administrátor\AppData\Local\PlaceholderTileLogoFolder
2019-07-09 00:22 - 2018-09-11 21:44 - 000000000 ____D C:\Program Files\Exterminate It!
2019-07-06 22:50 - 2018-11-20 21:32 - 000000000 ____D C:\Users\Administrátor\Documents\VirtualDJ
2019-06-28 17:09 - 2019-04-19 18:23 - 000000000 ____D C:\Users\Administrátor\AppData\Roaming\Notepad++
2019-06-28 15:18 - 2018-09-30 11:57 - 000000000 ____D C:\Users\Administrátor\AppData\Local\ElevatedDiagnostics
2019-06-27 23:31 - 2018-12-19 01:32 - 016551279 _____ C:\Users\Administrátor\Downloads\Wireless_XP_071011 (2).zip
2019-06-24 21:34 - 2018-08-17 20:46 - 000000000 ____D C:\Users\Administrátor\AppData\Local\VirtualStore
2019-06-22 02:02 - 2018-11-16 19:05 - 000000000 ____D C:\Program Files\rempl
2019-06-21 01:59 - 2019-04-20 16:56 - 000091892 _____ C:\Users\Administrátor\Downloads\Interop Unlock.zip
==================== FLock ================
2019-07-14 14:35 C:\hiberfil.sys
==================== KnownDLLs (Whitelisted) =========================

==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2019-07-10 10:11] - [2019-06-13 12:42] - 004038688 _____ (Microsoft Corporation) A1D1CE7D323A357163A500CDC15EDA54
C:\Windows\SysWOW64\explorer.exe
[2019-07-10 10:11] - [2019-06-13 11:05] - 003700160 _____ (Microsoft Corporation) C49D363CF7EA19A49A5EDFE7E6696F8B
C:\Windows\System32\svchost.exe
[2019-02-12 21:04] - [2019-01-09 06:39] - 000085472 _____ (Microsoft Corporation) 0861726716C9610CE5F6BCF3F4858DA1
C:\Windows\SysWOW64\svchost.exe
[2019-02-12 21:04] - [2019-01-09 06:43] - 000071456 _____ (Microsoft Corporation) C01CB20D971C3262F1F856B4539DD27C
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2019-07-10 10:11] - [2019-07-04 05:20] - 001156608 _____ (Microsoft Corporation) CC8A1EECC46DE3CFF8F7ACF85207DDF7
C:\Windows\System32\dnsapi.dll
[2019-07-10 10:11] - [2019-07-04 05:56] - 000767536 _____ (Microsoft Corporation) 124A3479582C0AC5E8F079AFFC2FAF20
C:\Windows\SysWOW64\dnsapi.dll
[2019-07-10 10:11] - [2019-07-04 05:42] - 000573808 _____ (Microsoft Corporation) 7B90269656A0485A383D31E852940A42
C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

safeboot: Network => The system is configured to boot to Safe Mode <==== ATTENTION
==================== Association (Whitelisted) =============

==================== Restore Points =========================

==================== Memory info ===========================
Percentage of memory in use: 8%
Total physical RAM: 12287.3 MB
Available physical RAM: 11263.54 MB
Total Virtual: 12287.3 MB
Available Virtual: 11302.94 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:446.59 GB) (Free:187.23 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863.02 GB) (Free:1198.78 GB) NTFS
Drive e: (WIODOWS2 () (Removable) (Total:14.64 GB) (Free:6.24 GB) FAT32
Drive g: (CCCOMA_X64FRE_CS-CZ_DV9) (CDROM) (Total:4.26 GB) (Free:0 GB) UDF
Drive x: (Boot) (Fixed) (Total:0.49 GB) (Free:0.49 GB) NTFS
Drive y: (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 041FEEED)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 70AAB22D)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Protective MBR) (Size: 14.4 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of FRST.txt ============================
 

bbdra

PCHF Member
PCHF Member
May 9, 2019
57
3
29
but if I logged win xp it changes to two separate disks d: (system) and f: Application and data store
I explained it wrong d:isn't system but it contains these folders($recycle.bin,boot,recovery,recycler,system volume information) and some files(bootmgr,BOOTNCT,BOOTSECT.BAK,pagedile,recovery.txt) This disk d is reserved by the op system... The disk f: Contains data apps and windows 10
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
Maybe we could try fix this corrupted file in CMD e:\boot\resources\custom\bootres.dll I noticed that same file is on windows Cd too

What makes you think this file is corrupt? Also, are you able to boot into safemode?
 

bbdra

PCHF Member
PCHF Member
May 9, 2019
57
3
29
Zjištěná hlavní příčina:
---------------------------
Soubor e:\boot\resources\custom\bootres.dll, který je kritický pro spouštění, je poškozen.
Opravná akce: Oprava souboru
Výsledek: Chyba. Kód chyby = 0x2
Doba trvání = 2781 ms
---------------------------
SrtTrail.txt says
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
Run FRST as you did before, type bootres.dll into the FRST window, then click on search files. A notepad will be saved to the USB, post that here. We will replace the file.
 

bbdra

PCHF Member
PCHF Member
May 9, 2019
57
3
29
Does it matter if I ran Frst from windows10 system disk instead of usb before? I did it same now. Here is the search log: Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by SYSTEM (24-07-2019 20:01:20)
Running from C:\
Boot Mode: Recovery
================== Search Files: "bootres.dll" =============
C:\Windows\WinSxS\amd64_microsoft-windows-bootres_31bf3856ad364e35_10.0.17134.523_none_20dab6d2d7f51f7b\bootres.dll
[2019-01-09 00:14][2019-01-01 08:12] 000092688 _____ (Microsoft Corporation) 2E8C8DCF5BB4C5D8FA23A7AD531A4967
C:\Windows\WinSxS\amd64_microsoft-windows-bootres_31bf3856ad364e35_10.0.17134.1_none_249d4d7aeb1b3a8e\bootres.dll
[2018-04-12 00:34][2018-04-12 00:34] 000093088 _____ (Microsoft Corporation) A83DB67956A955C21BB00E471EDA9E2D
C:\Windows\Boot\Resources\bootres.dll
[2019-01-09 00:14][2019-01-01 08:12] 000092688 _____ (Microsoft Corporation) 2E8C8DCF5BB4C5D8FA23A7AD531A4967
X:\Windows\WinSxS\amd64_microsoft-windows-bootres_31bf3856ad364e35_10.0.17134.1_none_249d4d7aeb1b3a8e\bootres.dll
[2018-04-11 23:12][2018-04-11 23:12] 000093088 _____ (Microsoft Corporation) A83DB67956A955C21BB00E471EDA9E2D
X:\Windows\Boot\Resources\bootres.dll
[2018-04-11 23:12][2018-04-11 23:12] 000093088 _____ (Microsoft Corporation) A83DB67956A955C21BB00E471EDA9E2D

====== End of Search ======
 
Status
Not open for further replies.