Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.03.2019 01
Ran by mokok (administrator) on LAPTOP-FN4JFKFJ (10-03-2019 12:07:34)
Running from C:\Users\mokok\Downloads
Loaded Profiles: mokok (Available Profiles: mokok)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxCUIService.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxEM.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxext.exe
(SweetLabs Inc. -> SweetLabs, Inc) C:\Users\mokok\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Károly Pados -> Károly Pados) [File not signed] C:\Program Files (x86)\TinyWall\TinyWall.exe
(GOLD CLICK LIMITED -> Gold Click Ltd) C:\Program Files (x86)\ProxyGate\PGNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18399520 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1514784 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1514784 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1514784 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [TinyWall Controller] => C:\Program Files (x86)\TinyWall\TinyWall.exe [698296 2016-03-10] (Károly Pados -> Károly Pados) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3144480 2019-02-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\Run: [uTorrent] => C:\Users\mokok\AppData\Roaming\uTorrent\uTorrent.exe [1908920 2019-01-15] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\Run: [Discord] => C:\Users\mokok\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\Run: [EpicGamesLauncher] => C:\Users\mokok\Desktop\GEJMZ\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35195280 2019-02-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\Run: [MinerGateGui] => C:\Program Files\MinerGate\minergate.exe [13791120 2018-11-14] (DICE ROLL SOLUTIONS LTD. -> )
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [1449472 2018-08-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\mokok\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\mokok\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\RunOnce: [Uninstall 19.002.0107.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mokok\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\amd64"
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\RunOnce: [Uninstall 19.002.0107.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mokok\AppData\Local\Microsoft\OneDrive\19.002.0107.0008"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\mokok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-12-03]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\mokok\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{b72b0c06-6568-419f-9e56-5cf6b1b9a23b}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D062618-A915 ... =CT3335818
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2603791042-1379248096-1629185330-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D06261 ... earchTerms}
SearchScopes: HKU\S-1-5-21-2603791042-1379248096-1629185330-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180626__yaie&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-11] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: hoky20ma.default
FF ProfilePath: C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default [2019-03-10]
FF Homepage: Mozilla\Firefox\Profiles\hoky20ma.default -> hxxp://www.bing.com/?pc=COSP&ptag=D062618-A915 ... =CT3335818
FF NewTab: Mozilla\Firefox\Profiles\hoky20ma.default -> hxxp://www.bing.com/?pc=COSP&ptag=D062618-A915 ... =CT3335818
FF HomepageOverride: Mozilla\Firefox\Profiles\hoky20ma.default -> Disabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\hoky20ma.default -> Disabled: nortonhomepage@symantec.com
FF Extension: (Windscribe VPN) - C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default\Extensions\@windscribeff.xpi [2019-03-09]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default\Extensions\abb-acer@amazon.com.xpi [2018-11-20] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (AdBlocker Ultimate) - C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default\Extensions\adblockultimate@adblockultimate.net.xpi [2019-02-06]
FF Extension: (Norton Password Manager) - C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default\Extensions\idsafe@norton.com.xpi [2019-02-27]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2019-01-31]
FF Extension: (Norton Home Page) - C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default\Extensions\nortonhomepage@symantec.com.xpi [2018-09-20] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2018-10-12] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default\Extensions\nortonsafeweb@symantec.com.xpi [2019-01-08]
FF Extension: (Mozilla Partner Defaults) - C:\Users\mokok\AppData\Roaming\Mozilla\Firefox\Profiles\hoky20ma.default\Extensions\partnerdefaults@mozilla.com [2018-06-19] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2018-02-08] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2018-02-08] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2018-02-08] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-25] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-25] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.bing.com/?FORM=SLBRDF&PC=SL09"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=SLBRDF&PC=SL10&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}
CHR Profile: C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default [2019-02-14]
CHR Extension: (Slides) - C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-19]
CHR Extension: (Docs) - C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-19]
CHR Extension: (Google Drive) - C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-19]
CHR Extension: (YouTube) - C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-19]
CHR Extension: (Sheets) - C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-19]
CHR Extension: (Google Docs Offline) - C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-19]
CHR Extension: (Gmail) - C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-19]
CHR Extension: (Chrome Media Router) - C:\Users\mokok\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-19]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [347024 2017-06-02] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7252656 2018-09-16] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-02-11] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [224912 2018-12-09] (Intel(R) Smart Sound Technology -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-06-06] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 pgt_svc; C:\Program Files (x86)\ProxyGate\MainService.exe [2285664 2017-02-22] (GOLD CLICK LIMITED -> Gold Click Ltd) <==== ATTENTION
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2017-08-11] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2017-08-11] (Acer Incorporated -> Acer Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TinyWall; C:\Program Files (x86)\TinyWall\TinyWall.exe [698296 2016-03-10] (Károly Pados -> Károly Pados) [File not signed]
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_e942cd33c58724ed\nvlddmkm.sys [20424640 2018-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2354016 2018-04-24] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-12] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [782304 2017-04-11] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-23] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-10 12:07 - 2019-03-10 12:09 - 000028435 _____ C:\Users\mokok\Downloads\FRST.txt
2019-03-10 12:07 - 2019-03-10 12:07 - 000000000 ____D C:\FRST
2019-03-10 12:04 - 2019-03-10 12:04 - 002434560 _____ (Farbar) C:\Users\mokok\Downloads\FRST64.exe
2019-03-10 00:42 - 2019-03-10 00:52 - 000000000 ____D C:\Users\mokok\AppData\Roaming\TinyWall
2019-03-10 00:41 - 2019-03-10 00:52 - 000000000 ____D C:\ProgramData\TinyWall
2019-03-10 00:41 - 2019-03-10 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TinyWall
2019-03-10 00:41 - 2019-03-10 00:42 - 005226496 _____ (COMODO) C:\Users\mokok\Downloads\cmd_fw_installer_10299_79.exe.part
2019-03-10 00:41 - 2019-03-10 00:42 - 000000653 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2019-03-10 00:41 - 2019-03-10 00:42 - 000000000 ____D C:\Program Files (x86)\TinyWall
2019-03-10 00:41 - 2019-03-10 00:41 - 000000000 _____ C:\Users\mokok\Downloads\cmd_fw_installer_10299_79.exe
2019-03-10 00:39 - 2019-03-10 00:40 - 001204224 _____ C:\Users\mokok\Downloads\TinyWallInstaller.msi
2019-03-09 23:54 - 2019-03-10 00:28 - 702066176 _____ C:\Users\mokok\Downloads\metasploitframework-latest.msi
2019-03-08 09:54 - 2019-03-08 09:54 - 000002563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-08 09:54 - 2019-03-08 09:54 - 000002557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-08 09:54 - 2019-03-08 09:54 - 000002534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-08 09:54 - 2019-03-08 09:54 - 000002529 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-08 09:54 - 2019-03-08 09:54 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-08 09:54 - 2019-03-08 09:54 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-08 09:54 - 2019-03-08 09:54 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-08 09:54 - 2019-03-08 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-02-23 15:03 - 2019-02-23 15:03 - 000000000 ____D C:\Users\mokok\AppData\Local\TeamViewer
2019-02-23 14:58 - 2019-03-04 11:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-23 14:58 - 2019-03-02 18:59 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-02-23 14:58 - 2019-03-02 18:59 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-02-23 14:58 - 2019-02-23 14:58 - 000000000 ____D C:\Users\mokok\AppData\Roaming\TeamViewer
2019-02-23 14:56 - 2019-02-23 14:57 - 022660568 _____ (TeamViewer GmbH) C:\Users\mokok\Downloads\TeamViewer_Setup.exe
2019-02-14 05:33 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-02-14 05:21 - 2019-02-14 05:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2019-02-14 05:21 - 2019-02-14 05:21 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2019-02-13 14:27 - 2019-02-13 14:27 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-02-13 14:25 - 2019-02-26 21:49 - 000001203 _____ C:\Users\Public\Desktop\Apex Legends.lnk
2019-02-13 14:25 - 2019-02-13 14:27 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-02-13 14:25 - 2019-02-13 14:25 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-02-13 14:25 - 2019-02-13 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-02-13 14:23 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2019-02-13 14:23 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2019-02-13 14:23 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2019-02-13 14:23 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2019-02-13 14:23 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2019-02-13 14:23 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2019-02-13 14:23 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2019-02-13 14:23 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2019-02-13 14:23 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2019-02-13 14:23 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2019-02-13 14:23 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2019-02-13 14:23 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2019-02-13 14:23 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2019-02-13 14:23 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2019-02-13 14:23 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2019-02-13 14:23 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2019-02-13 14:23 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2019-02-13 14:23 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2019-02-13 14:23 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2019-02-13 14:23 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2019-02-13 14:23 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2019-02-13 14:23 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2019-02-13 14:23 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2019-02-13 14:23 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2019-02-13 14:22 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2019-02-13 14:22 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2019-02-13 14:22 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2019-02-13 14:22 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2019-02-13 14:22 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2019-02-13 14:22 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2019-02-13 14:22 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2019-02-13 14:22 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2019-02-13 14:22 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2019-02-13 14:22 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2019-02-13 14:22 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2019-02-13 14:22 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2019-02-13 14:22 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2019-02-13 14:22 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2019-02-13 14:22 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2019-02-13 14:22 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2019-02-13 14:22 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2019-02-13 14:22 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2019-02-13 14:22 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2019-02-13 14:22 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2019-02-13 14:22 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2019-02-13 14:22 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2019-02-13 14:22 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2019-02-13 14:22 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2019-02-13 14:22 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2019-02-13 14:22 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2019-02-13 14:22 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2019-02-13 14:22 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2019-02-13 14:22 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2019-02-13 14:22 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2019-02-13 14:22 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2019-02-13 14:22 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2019-02-13 14:22 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2019-02-13 14:22 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2019-02-13 14:22 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2019-02-13 14:22 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2019-02-13 14:22 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2019-02-13 14:22 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2019-02-13 14:22 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2019-02-13 14:22 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2019-02-13 14:22 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2019-02-13 14:22 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2019-02-13 14:22 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2019-02-13 14:22 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2019-02-13 14:22 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2019-02-13 14:22 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2019-02-13 14:22 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2019-02-13 14:22 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2019-02-13 14:22 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2019-02-13 14:22 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2019-02-13 14:22 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2019-02-13 14:22 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2019-02-13 14:22 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2019-02-13 14:22 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2019-02-13 14:22 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2019-02-13 14:22 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2019-02-13 14:22 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2019-02-13 14:22 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2019-02-13 14:22 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2019-02-13 14:22 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2019-02-13 14:22 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2019-02-13 14:22 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2019-02-13 14:22 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2019-02-13 14:22 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2019-02-13 14:22 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2019-02-13 14:22 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2019-02-13 14:22 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2019-02-13 14:22 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2019-02-13 14:22 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2019-02-13 14:22 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2019-02-13 14:22 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2019-02-13 14:22 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2019-02-13 14:22 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2019-02-13 14:22 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2019-02-13 14:21 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2019-02-13 14:21 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2019-02-13 14:21 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2019-02-13 14:21 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2019-02-13 14:21 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2019-02-13 14:21 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2019-02-13 14:21 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2019-02-13 14:21 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2019-02-13 14:21 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2019-02-13 14:21 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2019-02-13 14:21 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2019-02-13 14:21 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2019-02-13 14:21 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2019-02-13 14:21 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2019-02-13 14:21 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2019-02-13 14:21 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2019-02-13 14:21 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2019-02-13 14:21 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2019-02-13 14:21 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2019-02-13 14:21 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2019-02-13 14:21 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2019-02-13 14:21 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2019-02-13 14:21 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2019-02-13 14:21 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2019-02-13 14:21 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2019-02-13 14:21 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2019-02-13 14:21 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2019-02-13 14:21 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2019-02-13 14:21 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2019-02-13 14:21 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2019-02-13 14:21 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2019-02-13 14:21 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2019-02-13 14:21 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2019-02-13 14:21 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2019-02-13 14:21 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2019-02-13 14:21 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2019-02-13 14:21 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2019-02-13 14:21 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2019-02-13 14:21 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2019-02-13 14:21 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2019-02-13 14:21 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2019-02-13 14:21 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2019-02-13 14:21 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2019-02-13 14:21 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2019-02-13 14:21 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2019-02-13 14:21 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2019-02-13 14:21 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2019-02-13 14:21 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2019-02-13 14:20 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2019-02-13 14:20 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2019-02-13 14:20 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2019-02-13 14:20 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2019-02-13 14:20 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2019-02-13 14:20 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2019-02-13 14:20 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2019-02-13 14:20 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2019-02-13 14:20 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2019-02-13 14:20 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2019-02-13 14:20 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2019-02-13 14:20 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2019-02-13 14:20 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2019-02-13 14:20 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2019-02-13 14:20 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2019-02-13 14:20 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2019-02-13 14:20 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2019-02-13 14:20 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2019-02-13 14:01 - 2019-03-10 11:48 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-02-13 13:47 - 2019-02-13 13:47 - 000001070 _____ C:\Users\Public\Desktop\Origin.lnk
2019-02-13 13:47 - 2019-02-13 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-02-13 13:46 - 2019-03-09 22:13 - 000000000 ____D C:\Program Files (x86)\Origin
2019-02-13 13:38 - 2019-02-13 13:38 - 000000000 ____D C:\Users\mokok\.QtWebEngineProcess
2019-02-13 13:38 - 2019-02-13 13:38 - 000000000 ____D C:\Users\mokok\.Origin
2019-02-13 13:37 - 2019-03-10 12:08 - 000000000 ____D C:\ProgramData\Origin
2019-02-13 13:37 - 2019-03-10 11:48 - 000000000 ____D C:\Users\mokok\AppData\Roaming\Origin
2019-02-13 13:37 - 2019-02-13 14:27 - 000000000 ____D C:\Users\mokok\AppData\Local\Origin
2019-02-13 13:35 - 2019-02-13 13:36 - 063392144 _____ (Electronic Arts) C:\Users\mokok\Downloads\OriginThinSetup.exe
2019-02-13 11:56 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-13 11:56 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-13 11:56 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 11:56 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-13 11:56 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-13 11:56 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-13 11:56 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-13 11:56 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-13 11:56 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-13 11:56 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-13 11:55 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-13 11:55 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-13 11:55 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-13 11:55 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-13 11:55 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-13 11:55 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-13 11:55 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-13 11:55 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-13 11:55 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-13 11:55 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-13 11:55 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-13 11:55 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-13 11:55 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-13 11:55 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-13 11:55 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-13 11:55 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-13 11:55 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-13 11:55 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-13 11:55 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-13 11:55 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-13 11:55 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-13 11:55 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-13 11:55 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-13 11:55 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-13 11:55 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-13 11:55 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-13 11:55 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-13 11:55 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-13 11:55 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-13 11:55 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-13 11:55 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-13 11:55 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 11:55 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-13 11:55 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-13 11:55 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-13 11:55 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-13 11:55 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-13 11:55 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-13 11:55 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-13 11:55 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-13 11:55 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-13 11:55 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-13 11:55 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-13 11:55 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-13 11:55 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-13 11:55 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-13 11:55 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-13 11:55 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-13 11:55 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-13 11:55 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-13 11:55 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-13 11:55 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-13 11:55 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-13 11:55 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-13 11:55 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 11:55 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-13 11:55 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-13 11:55 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 11:55 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-13 11:55 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 11:55 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-13 11:55 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-13 11:55 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-13 11:55 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-13 11:55 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-13 11:55 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-13 11:55 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-13 11:55 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-13 11:55 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-13 11:55 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-13 11:55 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-13 11:55 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-13 11:55 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-13 11:55 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-13 11:55 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-13 11:55 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-13 11:55 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-13 11:55 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-13 11:55 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-13 11:55 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-13 11:55 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-13 11:55 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-13 11:55 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-13 11:55 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-13 11:55 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-13 11:55 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-13 11:55 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-13 11:55 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-13 11:55 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-13 11:55 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-13 11:55 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-13 11:55 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-13 11:55 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-13 11:55 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-13 11:55 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-13 11:55 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-13 11:55 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-13 11:55 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 11:55 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-13 11:55 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-13 11:55 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-13 11:55 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-13 11:55 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-13 11:55 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-13 11:55 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-13 11:55 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-13 11:55 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-13 11:55 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-13 11:55 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-13 11:55 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 11:55 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-13 11:55 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-13 11:55 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-13 11:55 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-13 11:55 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 11:55 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-13 11:55 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-13 11:55 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-13 11:55 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-13 11:55 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 11:55 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-13 11:55 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-13 11:55 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-13 11:55 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 11:55 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-13 11:55 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 11:55 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-13 11:55 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-13 11:55 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 11:55 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-13 11:55 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-13 11:55 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-13 11:55 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-13 11:55 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-13 11:55 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-13 11:55 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-13 11:55 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-13 11:55 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-13 11:55 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-11 13:42 - 2019-02-11 13:42 - 000000000 ____D C:\Users\mokok\AppData\Roaming\Sun
2019-02-11 13:42 - 2019-02-11 13:42 - 000000000 ____D C:\Users\mokok\AppData\LocalLow\Sun
2019-02-11 13:41 - 2019-02-11 13:41 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-02-11 13:41 - 2019-02-11 13:41 - 000000000 ____D C:\ProgramData\Oracle
2019-02-11 13:41 - 2019-02-11 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-02-11 13:41 - 2019-02-11 13:41 - 000000000 ____D C:\Program Files (x86)\Java
2019-02-11 13:40 - 2019-02-11 13:40 - 001962336 _____ (Oracle Corporation) C:\Users\mokok\Downloads\JavaSetup8u201.exe
2019-02-10 14:05 - 2019-02-11 14:12 - 000000000 ____D C:\Users\mokok\AppData\Roaming\.minecraft
2019-02-10 13:54 - 2019-02-11 13:35 - 000000000 ____D C:\Program Files (x86)\GAMES
2019-02-09 09:21 - 2019-02-09 09:24 - 039333888 _____ C:\Users\mokok\Downloads\MinecraftInstaller.msi
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-10 12:08 - 2018-09-21 10:55 - 000000000 ____D C:\Program Files (x86)\ProxyGate
2019-03-10 11:59 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-10 11:56 - 2018-06-19 15:14 - 000000000 ____D C:\Users\mokok\AppData\LocalLow\Mozilla
2019-03-10 02:35 - 2018-07-25 12:16 - 000000000 ____D C:\Users\mokok\AppData\Local\Host App Service
2019-03-09 23:09 - 2018-07-25 12:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-09 22:12 - 2018-06-19 15:17 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-09 11:48 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-09 11:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-09 11:30 - 2018-07-25 12:33 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2603791042-1379248096-1629185330-1001
2019-03-09 11:30 - 2018-07-25 12:16 - 000002395 _____ C:\Users\mokok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-09 11:30 - 2018-06-19 15:14 - 000000000 ___RD C:\Users\mokok\OneDrive
2019-03-08 09:53 - 2018-02-08 00:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-05 13:48 - 2018-02-08 00:11 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-05 13:46 - 2018-06-19 15:09 - 000000000 __SHD C:\Users\mokok\IntelGraphicsProfiles
2019-03-04 12:34 - 2018-07-01 08:32 - 000000000 ____D C:\Users\mokok\AppData\Local\ElevatedDiagnostics
2019-03-04 11:34 - 2018-07-25 12:09 - 000399544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-04 11:33 - 2018-07-25 12:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-04 11:33 - 2018-02-08 00:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-04 11:33 - 2018-02-08 00:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-04 11:32 - 2018-04-11 22:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-03-01 15:14 - 2018-06-19 19:19 - 000000000 ____D C:\Program Files\rempl
2019-03-01 14:06 - 2018-02-08 00:38 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-28 15:04 - 2018-06-19 17:34 - 000000000 ____D C:\Users\mokok\AppData\Local\CrashDumps
2019-02-25 09:38 - 2018-08-23 16:10 - 000000000 ___RD C:\Users\mokok\Desktop\GEJMZ
2019-02-23 09:59 - 2018-07-25 12:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-18 15:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-18 11:42 - 2018-07-25 12:29 - 001686158 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-18 11:42 - 2018-04-12 16:50 - 000714368 _____ C:\WINDOWS\system32\perfh005.dat
2019-02-18 11:42 - 2018-04-12 16:50 - 000143598 _____ C:\WINDOWS\system32\perfc005.dat
2019-02-18 11:42 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-14 22:07 - 2018-11-26 13:01 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2019-02-14 22:07 - 2018-11-26 13:01 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2019-02-14 05:46 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-14 05:27 - 2018-08-15 21:14 - 000000000 ____D C:\Users\mokok\AppData\Local\LogMeIn Hamachi
2019-02-14 05:27 - 2018-06-26 18:04 - 000000000 ____D C:\Users\mokok\AppData\Roaming\uTorrent
2019-02-14 05:16 - 2018-12-25 21:11 - 000000000 ____D C:\Program Files\CCleaner
2019-02-13 23:02 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-13 23:02 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-13 23:02 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-13 23:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-13 23:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-13 23:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-13 14:27 - 2018-06-24 02:06 - 000000000 ____D C:\Users\mokok\AppData\Roaming\EasyAntiCheat
2019-02-13 13:38 - 2018-07-25 12:16 - 000000000 ____D C:\Users\mokok
2019-02-13 11:54 - 2018-06-19 19:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-13 11:51 - 2018-06-19 19:19 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-12 11:26 - 2019-02-05 17:52 - 000000000 ____D C:\Users\mokok\League of Legends
2019-02-09 17:49 - 2018-08-23 16:28 - 000000000 ____D C:\Users\mokok\AppData\Roaming\discord
2019-02-09 17:48 - 2018-12-25 21:30 - 000000000 ____D C:\Users\mokok\AppData\Local\minergate
2019-02-09 10:33 - 2018-06-19 15:09 - 000000000 ____D C:\Users\mokok\AppData\Local\Packages
2019-02-09 09:34 - 2018-06-21 18:59 - 000000000 ____D C:\ProgramData\Packages
==================== Files in the root of some directories =======
2018-09-21 10:55 - 2018-09-21 10:55 - 000000000 _____ () C:\Users\mokok\AppData\Roaming\FC29FA0894FE.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-25 12:09
==================== End of FRST.txt ===========================
Windows 10 Home Version 1803 17134.590 (X64) (2018-07-25 11:34:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2603791042-1379248096-1629185330-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2603791042-1379248096-1629185330-503 - Limited - Disabled)
Guest (S-1-5-21-2603791042-1379248096-1629185330-501 - Limited - Disabled)
mokok (S-1-5-21-2603791042-1379248096-1629185330-1001 - Administrator - Enabled) => C:\Users\mokok
WDAGUtilityAccount (S-1-5-21-2603791042-1379248096-1629185330-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.)
7.Days.To.Die.Alpha.v16.4.Repack verze 16.4 (HKLM-x32\...\{51DAD3E8-EBB0-462B-8E49-B1EC586239EC}}_is1) (Version: 16.4 - Ali213.net)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{8B441B85-0AFA-4EB3-A756-A47453481D2D}) (Version: 3.1.18240.4 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3015 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3004 - Acer Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.4 - Electronic Arts, Inc.)
App Explorer (HKU\S-1-5-19\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATTENTION
App Explorer (HKU\S-1-5-20\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATTENTION
App Explorer (HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\Host App Service) (Version: 0.273.2.988 - SweetLabs) <==== ATTENTION
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Discord (HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\Discord) (Version: 0.0.304 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D0D32569-4680-490A-905C-5117CEAAB3EF}) (Version: 0.8.8.76 - Dolby Laboratories, Inc.)
Epic Games Launcher (HKLM-x32\...\{E7B62E3F-0F70-4119-89A2-28DE1C3873CC}) (Version: 1.1.163.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Facebook Gameroom 1.21.6907.27509 (HKLM-x32\...\{E34773A0-158F-4322-8849-2C13BBCD6C68}) (Version: 1.21.6907.27509 - Facebook)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4749 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1713.2 - Intel Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Just Cause 3 (HKLM-x32\...\{513624C8-A6E3-44FA-A449-5C2BDAA72CC4}_is1) (Version: - Avalanche Studios)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LogMeIn Hamachi (HKLM-x32\...\{1945856D-A68E-43D3-846D-F8DFDE4A69F7}) (Version: 2.2.0.630 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.630 - LogMeIn, Inc.)
Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11328.20146 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MinerGate (HKLM-x32\...\MinerGate) (Version: 1.2 - Minergate Inc)
Mozilla Firefox 65.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-US)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.35.22222 - Electronic Arts, Inc.)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10434 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.312 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.0.0.6 - GOG.com)
TeamSpeak 3 Client (HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer)
TinyWall (HKLM-x32\...\{20E767BE-FE75-4429-8722-A5D75AC2FCA6}) (Version: 2.1.8.0 - Károly Pados)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A7B60FC9-A750-43C7-B7EC-892CD09147C7}) (Version: 1.18.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.60 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2603791042-1379248096-1629185330-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxDTCM.dll [2017-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {066EC9D4-1DD9-4C3B-BEF5-E76C13760B0A} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe (Acer Incorporated -> Acer Incorporated)
Task: {06F3B6B5-DFEC-421B-8847-ECB365E1A9A1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {087D22BD-AEC2-4594-82E6-44132F7C2A1E} - System32\Tasks\App Explorer => C:\Users\mokok\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {13FAC17F-43A3-400F-8DA1-32890B9CD004} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe (Acer Incorporated -> )
Task: {1C442360-38D8-4E5D-8C51-D175D50071FD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D1ED78E-9456-437A-8D5A-83ACBFB94D58} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe (Acer Incorporated -> TODO: <Company name>)
Task: {206B2272-35FA-46B3-AC29-44C588F19131} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {22276BBC-D62A-4F85-84F7-6E9D579BE421} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3022F748-8A8F-4739-91CA-4B2B2463A2D8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {336889FD-37C1-4AAF-8465-CA4AC9FD1F6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {4685AA29-EDF8-4353-9E85-60AAC633C6CD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47013A2B-A7AB-4EAB-AEEF-82B9379A498C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe (Acer Incorporated -> )
Task: {4EBD02D6-B63B-4F01-A1AD-102FDC534C8E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {5C4C338B-A3F5-4F6D-839C-4C76A17B5317} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5CB95F35-813C-4208-BAA9-5FB6FA4C931B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {82C32214-32AC-49A5-AC69-AF6A259E2258} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {8991B6CD-05CD-44B9-B134-F5A6184EA3BA} - System32\Tasks\PicstreamAgent => C:\Program [Argument = Files (x86)\Acer\AOP Framework\uwplauncher.exe AcerIncorporated.6245439DEEE9E_48frkmn4z8aw4!abPhoto]
Task: {92234368-142B-406A-AE72-F2EA061E83F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {93222F86-B322-43D4-843A-286C9F5EE3F2} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe (Acer Incorporated -> Acer Incorporated)
Task: {987DA074-5D33-4442-A095-A79B4F375AF1} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A43D4053-CE29-47AD-B798-020AB3467AB2} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe (Acer Incorporated -> Acer)
Task: {A45094F0-07A5-4D6B-9926-E22495F7E0FD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A4D78D01-B396-4CE2-BBBA-ABBD2DA61171} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated -> Acer Incorporated)
Task: {ACB3854B-3194-4C9B-931A-A46E947CFE29} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe (Acer Incorporated -> )
Task: {AD26CB61-6348-4ABE-96C5-2488B0AE89C0} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe (Acer Incorporated -> )
Task: {B13371EA-CE13-4538-8791-E6ECA5957CC4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B166E236-57C0-4749-844A-E1FC6484F9B9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B94B514A-0556-489B-9531-6B3AACAF3030} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {BA289C1C-F394-4FF2-962A-D720D87AA66D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C2038D93-24C7-481E-A54F-7E20C9563B1A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C5EF1523-270E-4D46-BF00-8A54465FA0FE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C5FED6E6-8F07-48C8-BAEB-6E86C4C5034F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CB0B97C9-64BE-4728-A0EE-4154190CC84E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CE29E75E-1BEF-4EA4-AF76-02C231053EA7} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> )
Task: {D1EDB02A-6241-44E4-A830-77F1D9AA0992} - System32\Tasks\MonitorAcerPortal => C:\ProgramData\acer\Acer Portal\monitorPortal.exe (Acer Incorporated -> )
Task: {DAD72D87-96D4-40B7-A734-252A4E1E95B7} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe (Acer Incorporated -> Acer Incorporated)
Task: {DAE63387-A0CE-4CB3-878C-967E2D6D82AA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DF5ACDEC-7BBF-4730-BA64-4847FE4C40E5} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E4182C9B-D62E-4384-94C2-9AD01CEF98F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {E714E904-E1D0-4D9A-99A3-B8F0D14F3A44} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F272F9E0-A343-4E9B-A5BD-F3CD48CA66B1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F961D870-DCEA-4516-8467-BD4B24D04D2E} - System32\Tasks\AcerCloud => C:\ProgramData\acer\Acer Portal\launchPortal.exe (Acer Incorporated -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-03-10 22:33 - 2016-03-10 22:33 - 000698296 _____ (Károly Pados -> Károly Pados) [File not signed] C:\Program Files (x86)\TinyWall\TinyWall.exe
2019-03-10 00:42 - 2019-03-10 00:42 - 001456640 _____ (Károly Pados) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\TinyWall\edc24886b2adc5a6a752b06f8eaedc9f\TinyWall.ni.exe
2019-03-10 00:42 - 2019-03-10 00:42 - 000134144 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Interop.NetFwTypeLib\2e7ad39504853f3203b9a28c09225b5c\Interop.NetFwTypeLib.ni.dll
2019-02-13 13:46 - 2019-02-13 13:45 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-02-13 13:46 - 2019-02-13 13:45 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-02-13 13:46 - 2019-02-13 13:45 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-02-13 13:46 - 2019-02-13 13:45 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-02-13 13:46 - 2019-02-13 13:45 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-02-13 13:46 - 2019-02-13 13:45 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-13 13:46 - 2019-02-13 13:45 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-02-13 13:46 - 2019-02-13 13:45 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mokok\Pictures\12291850_10153841482569756_8018391163630604992_o.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2603791042-1379248096-1629185330-1001\...\StartupApproved\Run: => "MinerGateGui"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{26B0571F-43E2-4734-8118-0945D606C85C}] => (Allow) C:\Program Files (x86)\TinyWall\TinyWall.exe (Károly Pados -> Károly Pados) [File not signed]
FirewallRules: [{C1A9D66D-C5C5-4BE7-B845-9E36294D7154}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ADF62CFA-655B-436B-8B59-D7A5E3E1B5AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{34760134-755E-45F7-B4F8-A516F937B8F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{369DC85B-2601-46D9-933A-963A88042375}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B8BE184A-8754-434D-8EE5-1DFEBC4E1037}] => (Allow) C:\WINDOWS\SysWOW64\WWAHost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C883EFEB-CEB2-444C-ADDB-2D1A3D1E9581}] => (Allow) C:\WINDOWS\SysWOW64\WWAHost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{56103652-D9A4-4412-BCC7-AB0F3C466BEF}] => (Allow) C:\WINDOWS\SysWOW64\WWAHost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D28CB207-2878-46B0-A531-F396844AEBFA}] => (Allow) C:\WINDOWS\SysWOW64\WWAHost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{13B05FE3-EFB9-4DE1-A9B9-C9C783EB6D96}] => (Allow) C:\WINDOWS\system32\WWAHost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DFF7490C-5CE1-4210-811D-DF7EF99829D5}] => (Allow) C:\WINDOWS\system32\WWAHost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4B2C3A88-9ABB-4B63-BBB3-17FFE6FAFD1D}] => (Allow) C:\WINDOWS\system32\WWAHost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{454BE82A-0F88-497E-9CCF-135F775D3542}] => (Allow) C:\WINDOWS\system32\WWAHost.exe (Microsoft Windows -> Microsoft Corporation)
==================== Restore Points =========================
23-02-2019 14:44:32 Naplánovaný kontrolní bod
01-03-2019 15:12:09 Windows Update
08-03-2019 16:06:31 Naplánovaný kontrolní bod
10-03-2019 00:40:33 Installed TinyWall
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/08/2019 09:35:36 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (4012,U,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1907.
Error: (03/08/2019 09:35:36 PM) (Source: ESENT) (EventID: 494) (User: )
Description: taskhostw (4012,U,98) WebCacheLocal: Obnovení databáze selhalo a došlo k chybě -1216, protože se zjistily odkazy na databázi C:\Users\mokok\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat, která už není dostupná. Databáze se před odebráním (nebo případným přesunutím nebo přejmenováním) nepřevedla do stavu čistého vypnutí. Databázový stroj nepovolí dokončení obnovení pro tuto instanci, dokud se znovu nevytvoří instance chybějící databáze. Pokud už databáze skutečně není dostupná a už se nevyžaduje, získáte pokyny týkající se odstranění této chyby ve znalostní bázi Microsoft Knowledge Base nebo po kliknutí na odkaz Další informace na konci této zprávy.
Error: (03/08/2019 09:35:35 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (4012,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\mokok\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (03/08/2019 09:35:24 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (4012,U,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1907.
Error: (03/08/2019 09:35:23 PM) (Source: ESENT) (EventID: 494) (User: )
Description: taskhostw (4012,U,98) WebCacheLocal: Obnovení databáze selhalo a došlo k chybě -1216, protože se zjistily odkazy na databázi C:\Users\mokok\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat, která už není dostupná. Databáze se před odebráním (nebo případným přesunutím nebo přejmenováním) nepřevedla do stavu čistého vypnutí. Databázový stroj nepovolí dokončení obnovení pro tuto instanci, dokud se znovu nevytvoří instance chybějící databáze. Pokud už databáze skutečně není dostupná a už se nevyžaduje, získáte pokyny týkající se odstranění této chyby ve znalostní bázi Microsoft Knowledge Base nebo po kliknutí na odkaz Další informace na konci této zprávy.
Error: (03/08/2019 09:35:19 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (4012,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\mokok\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (03/08/2019 05:34:08 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (4012,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\mokok\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (03/04/2019 11:23:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2019.18114.17710.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 3448
Čas spuštění: 01d4cf703f13416a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: ee772e80-8a22-4cd3-850d-8ae36b57de2e
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe
ID aplikace související s balíčkem s chybou: App
System errors:
=============
Error: (03/10/2019 12:14:40 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FN4JFKFJ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-FN4JFKFJ\mokok (SID: S-1-5-21-2603791042-1379248096-1629185330-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/10/2019 12:14:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/10/2019 12:14:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (03/10/2019 04:27:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/10/2019 04:21:40 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FN4JFKFJ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli LAPTOP-FN4JFKFJ\mokok (SID: S-1-5-21-2603791042-1379248096-1629185330-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/10/2019 03:36:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/10/2019 02:16:09 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FN4JFKFJ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli LAPTOP-FN4JFKFJ\mokok (SID: S-1-5-21-2603791042-1379248096-1629185330-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/10/2019 01:50:38 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FN4JFKFJ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli LAPTOP-FN4JFKFJ\mokok (SID: S-1-5-21-2603791042-1379248096-1629185330-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-03-10 03:26:54.877
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: TrojanDropper:PowerShell/Ploty.C
ID: 2147725065
Závažnost: Vážné
Kategorie: Trojský program rozesílající soubory
Cesta: containerfile:_C:\Users\mokok\Downloads\metasploitframework-latest.msi; file:_C:\Users\mokok\Downloads\metasploitframework-latest.msi->Project.cab->fil2EC023056D011686C54A500FAA07AF59->embedded/lib/ruby/gems/2.5.0/gems/rex-powershell-0.1.79/data/templates/to_mem_pshreflection.ps1.template
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: LAPTOP-FN4JFKFJ\mokok
Název procesu: Unknown
Verze podpisu: AV: 1.289.795.0, AS: 1.289.795.0, NIS: 1.289.795.0
Verze modulu: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-10 03:26:54.876
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Exploit:Win32/Pdfjsc.DB
ID: 2147631006
Závažnost: Vážné
Kategorie: Zneužití
Cesta: containerfile:_C:\Users\mokok\Downloads\metasploitframework-latest.msi; file:_C:\Users\mokok\Downloads\metasploitframework-latest.msi->Project.cab->fil2EC023056D011686C54A500FAA07AF59->embedded/framework/modules/exploits/windows/fileformat/adobe_collectemailinfo.rb
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: LAPTOP-FN4JFKFJ\mokok
Název procesu: Unknown
Verze podpisu: AV: 1.289.795.0, AS: 1.289.795.0, NIS: 1.289.795.0
Verze modulu: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-10 03:26:54.876
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Exploit:Win32/CVE-2012-1889.AH
ID: 2147661230
Závažnost: Vážné
Kategorie: Zneužití
Cesta: containerfile:_C:\Users\mokok\Downloads\metasploitframework-latest.msi; file:_C:\Users\mokok\Downloads\metasploitframework-latest.msi->Project.cab->fil2EC023056D011686C54A500FAA07AF59->embedded/framework/modules/exploits/windows/browser/msxml_get_definition_code_exec.rb
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: LAPTOP-FN4JFKFJ\mokok
Název procesu: Unknown
Verze podpisu: AV: 1.289.795.0, AS: 1.289.795.0, NIS: 1.289.795.0
Verze modulu: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-10 03:26:54.875
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Exploit:Win32/CVE-2010-1885!rfn
ID: 2147723225
Závažnost: Vážné
Kategorie: Zneužití
Cesta: containerfile:_C:\Users\mokok\Downloads\metasploitframework-latest.msi; file:_C:\Users\mokok\Downloads\metasploitframework-latest.msi->Project.cab->fil2EC023056D011686C54A500FAA07AF59->embedded/framework/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: LAPTOP-FN4JFKFJ\mokok
Název procesu: Unknown
Verze podpisu: AV: 1.289.795.0, AS: 1.289.795.0, NIS: 1.289.795.0
Verze modulu: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-10 03:26:54.874
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Exploit:JS/MS09002.C
ID: 2147628052
Závažnost: Vážné
Kategorie: Zneužití
Cesta: containerfile:_C:\Users\mokok\Downloads\metasploitframework-latest.msi; file:_C:\Users\mokok\Downloads\metasploitframework-latest.msi->Project.cab->fil2EC023056D011686C54A500FAA07AF59->embedded/framework/modules/exploits/windows/browser/ms09_043_owc_msdso.rb
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Uživatel
Uživatel: LAPTOP-FN4JFKFJ\mokok
Název procesu: Unknown
Verze podpisu: AV: 1.289.795.0, AS: 1.289.795.0, NIS: 1.289.795.0
Verze modulu: AM: 1.1.15700.9, NIS: 1.1.15700.9
Date: 2019-03-08 09:44:21.196
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.289.690.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.9
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. Date: 2019-03-04 11:44:29.043
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.289.403.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.9
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. Date: 2019-02-28 15:13:10.678
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.289.106.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15700.9
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. ==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 75%
Total physical RAM: 8075.6 MB
Available physical RAM: 2009.04 MB
Total Virtual: 19395.96 MB
Available Virtual: 9697.68 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:414.46 GB) NTFS
\\?\Volume{e3f39bbc-3747-429d-bc70-48fc431074a4}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.59 GB) NTFS
\\?\Volume{7836e446-505d-4529-836c-26df94cf6d2f}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 40CFF666)
Partition: GPT.
==================== End of Addition.txt ============================
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: 
Informácie o nej nájdete tu: >> 
Přispějete na provoz fóra?