Vyskakující stránka
Napsal: 20 dub 2019 22:28
Dobrý večer, už nějakou dobu mám problém při zapnutí PC.
Samovolně při startu se spustí internetový prohlížeč se stránkou obsahující různe reklamy, dnes to byl dokonce pornografický materiál.
dávám logy z FRST.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.04.2019 01
Ran by mojko (20-04-2019 23:05:17)
Running from C:\Users\mojko\OneDrive\Plocha
Windows 10 Pro Version 1803 17134.706 (X64) (2018-08-12 14:20:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-488830516-3087435467-1000753162-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-488830516-3087435467-1000753162-503 - Limited - Disabled)
Guest (S-1-5-21-488830516-3087435467-1000753162-501 - Limited - Disabled)
mojko (S-1-5-21-488830516-3087435467-1000753162-1001 - Administrator - Enabled) => C:\Users\mojko
WDAGUtilityAccount (S-1-5-21-488830516-3087435467-1000753162-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Brotherhood 1.03 (HKLM-x32\...\Assassins Creed - Brotherhood_is1) (Version: - )
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bioshock Infinite verze v1.1.25.5165 (HKLM-x32\...\Bioshock Infinite_is1) (Version: v1.1.25.5165 - (R.G.Danik1B9))
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dishonored - Game of the Year Edition (HKLM-x32\...\Dishonored - Game of the Year Edition_is1) (Version: - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden
Fallout 4 Complete Pack (HKLM-x32\...\Fallout 4 Complete Pack_is1) (Version: 1.7 - Bethesda Softworks)
GIMP 2.10.4 (HKLM\...\GIMP-2_is1) (Version: 2.10.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HP DeskJet 4530 series Nápověda (HKLM-x32\...\{6533E793-4E8D-4C7C-B287-4115DA1F40E3}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kingdoms and Castles Grand Buildings (HKLM-x32\...\Kingdoms and Castles Grand Buildings_is1) (Version: - )
Little Nightmares - Fox mask (HKLM-x32\...\1828170949_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Hideaway (HKLM-x32\...\1675156362_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Scarecrow sack (HKLM-x32\...\1268928435_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Tengu mask (HKLM-x32\...\1611302854_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - The Depths (HKLM-x32\...\1863057712_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - The Residence (HKLM-x32\...\1185734803_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Upside-down teapot (HKLM-x32\...\1352220891_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares (HKLM-x32\...\1433377508_is1) (Version: 1.0.43.1 - GOG.com)
Microsoft OneDrive (HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{756E195A-CB58-4B99-917F-0DDA0D881204}) (Version: 1.0.4.0 - Mojang)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Movavi Video Editor 14 Plus (x64) (HKLM\...\Movavi Video Editor 14 Plus (x64)) (Version: 14.5.0 - Movavi)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Ori and The Blind Forest - Definitive Edition (HKLM-x32\...\1384944984_is1) (Version: 2.0.0.2 - GOG.com)
Origin (HKLM-x32\...\Origin) (Version: 10.5.36.23506 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.94 - NVIDIA Corporation) Hidden
Papers, Please (HKLM-x32\...\Papers, Please_is1) (Version: - )
Prey (HKLM-x32\...\{ED1E7C2D-2BD8-4000-AD10-837ABB6A478F}_is1) (Version: - Bethesda Softworks)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Skype verze 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{93AB5884-7DE1-4F7E-881D-0AA548DD32E5}) (Version: 40.11.1122.1796 - HP Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{BC36C273-E8B5-4673-826C-13D8CA9458F6}) (Version: 40.11.1122.1796 - HP Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-488830516-3087435467-1000753162-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-08-12 19:45 - 2018-08-12 19:45 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed III:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed Unity:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Avalanche Studios:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Battlefield 1:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\BeamNG.drive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\CPY_SAVES:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\EA Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Fax:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Flower:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Klei:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Mirrors Edge Catalyst:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\My Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Rockstar Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Shadow of the Tomb Raider:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\StarCraft II:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Ubisoft:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\WB Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-08-12 14:56 - 2019-01-04 15:36 - 000000825 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mojko\OneDrive\Plocha\wallpaper\923008.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{41C405C2-0CCE-4260-BB67-78D45005528B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A6AE7618-23BF-457D-881E-B5CE6C2DEC0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E0EA4EB-63D3-4C6A-B1FF-A7DFFE645B81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9FAD99A5-D3D4-4D06-A90D-438A49156F2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4A2BE45-B956-4249-8043-02380225B4B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{600A3DAD-831F-4E9E-8C30-8B3BB8C0EAA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7FBF9637-3E56-464E-B05E-9D61BD037235}] => (Allow) C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A7C434DF-60AC-413E-A43E-9B2B67FF7FD0}] => (Allow) C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C5A8B7CF-9945-420C-B06C-19B3638C1693}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{151FD0DF-1C3E-4F46-BE7A-C366EE035F2A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [TCP Query User{4A905F54-9F7F-45EC-958A-A039405CB872}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [UDP Query User{76B2458E-1C2D-4DD2-8FBA-3846C337E183}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [TCP Query User{C8242197-060D-48B6-B250-4488D0F880ED}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{C6644D46-B35A-4D9A-B8A8-EE42C0722226}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [{88863386-3C9B-4569-90F4-80A2B8931728}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7D7BB168-1AF4-4398-A2FC-FF0340194B2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{73E6AD70-8CE2-404E-BC0D-8B386971B913}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [UDP Query User{97E8F56B-AC28-4F67-A8AE-4C677169D237}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [TCP Query User{46900934-BF72-49F4-893C-BB16896A203A}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [UDP Query User{01CC2A8E-4802-4021-BA95-1EB78055A6BC}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [TCP Query User{6C85634A-6C0A-42CA-9D19-34ABA0F4EEB0}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{7684144C-3AC9-489B-B072-93F906A72C06}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D4E19200-BBC8-42A5-A6BC-1050A17E00EE}D:\games\starcraft ii\support\sc2editor.exe] => (Allow) D:\games\starcraft ii\support\sc2editor.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{D5C4AE6C-3540-4A97-AA4F-CA4388D2FC58}D:\games\starcraft ii\support\sc2editor.exe] => (Allow) D:\games\starcraft ii\support\sc2editor.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{9DEEFEDB-E60E-47E9-8BF5-E415AB625B16}D:\games\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\games\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{B3830F29-E001-44AA-A73A-478C16235999}D:\games\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\games\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{8EAC5D8B-4E5B-4F18-BB5D-6F091AA06B8B}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{508640BB-E1EE-4A88-9BEC-CB242F290461}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{384E4CE7-7DB5-44A8-8A31-AEAE691680AC}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [{81E40E46-25AB-4180-9446-CC79674A82FE}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [TCP Query User{4CD6E5E0-9B8E-40CF-9F81-3F38747EC6E7}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{B33AA652-8201-4E63-84EE-82B96F29D1D6}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [{F76497B9-0A79-40A4-92A2-1436EFF6ECA5}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{1119F732-7E49-496C-B8C2-C16A3845E1BA}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{E61F3FDF-D7C8-43D0-9D20-F1F86F750D85}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{BD36437A-882E-49C7-ADFE-E62404A965AB}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{57D82849-6B0B-4447-AE64-21104729F864}] => (Allow) D:\Games\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{C97EBF01-6074-4E82-9F69-D3759969301C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{2279D176-215D-442C-9794-2B37E0AFDAD9}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [UDP Query User{3809BB5B-A0F9-4FC0-B3EC-029412B820E5}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [TCP Query User{7DAF7868-216C-435D-A3BB-0CCC4000A6F5}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [UDP Query User{6FF3E752-F569-4B14-BA41-7BEBD5C63C32}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [TCP Query User{B5C5DA34-C97B-44A5-BD09-C86B81AE6B35}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [UDP Query User{A9F0F0A6-0B3C-40F4-A0EC-974CD6AD1DD5}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [{FAAB2F4E-0DC9-4A13-82C1-7F04DE66AFC2}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{FEEBD061-1D32-4DDC-84A9-1D5FA8450064}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{84501E9F-55EB-4783-8040-8D79C7F693E4}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{A03D240A-C624-487F-8575-4A59608272A4}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{90488850-E521-4F17-8135-81D8EC8CCB01}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{363B3245-ACC2-456E-85AD-F6A3A5D3767E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18ABCD4D-8174-4095-9F25-27CE0C221C4A}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{AAD0DADC-9871-4621-95FF-E596D357A93C}] => (Allow) LPort=5357
FirewallRules: [{957D4225-9C62-486C-AF48-35271C86C7AC}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{14BBCB4F-3894-43A1-AD80-BED0BB7C8253}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1FA35AC1-E3AF-4F00-9C5D-1950DEC9E348}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D9822B67-8122-4DA8-ADC6-E6BF744F1BDC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{43F7AD49-67D7-43C4-B432-087EA72414CC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E2F751FC-1B1E-4317-AD56-684FC83A3118}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{F1E5FFE4-BC3E-4465-A3F6-E9BD404A5E1B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [TCP Query User{C587A408-2DAE-411F-90DF-949FDBD03470}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{8000F599-D4E0-4997-87F4-ADFA5F51013F}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{C36C9337-3A1A-4278-A33A-D13AB39E8522}D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [UDP Query User{7EB847A7-FB41-4C82-825B-48879FE0B670}D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [TCP Query User{FD53F35F-029F-46E1-A710-0CE98629D0B8}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [UDP Query User{4EABC687-2D8D-4FF2-BF40-C96231E156EE}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [TCP Query User{397E56F6-50A1-4D41-B368-425AEFB0D344}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{83D241CD-78F8-452F-9200-9AAF6657FD28}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{06189B38-3AE5-4D4C-843E-463735E36BDA}D:\games\assassins creed - brotherhood\acbsp.exe] => (Allow) D:\games\assassins creed - brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{DCA13E2C-D431-4B01-8619-24155976BB2B}D:\games\assassins creed - brotherhood\acbsp.exe] => (Allow) D:\games\assassins creed - brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{4349B2D4-9654-4756-9FB3-A667AA5B7CAC}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{3DFE1328-4071-4D20-A4A0-1B7DEF455723}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F5304ADA-D16F-40BD-A909-20C901BE3F33}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{6971210A-3040-4CE6-B545-7B9D1F50184F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{62895721-30E4-4921-9B2B-532B8B0B0E45}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{BB8119E2-E007-4369-809B-90B221758CDD}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{43559B02-E1FE-40C8-9D5F-3047F7992690}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{5ABD9258-BB07-4D26-A9A3-7015A456E2B6}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{D083DE7B-927D-4276-9AD8-9FAE8272360D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B4264688-430B-4CFF-A3D3-DA939E7739A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{73480E4E-7775-40AA-94AF-2AF467426656}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C2DC316E-6DFC-433A-A4A2-8683330F9A97}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{4A2A6B21-79B5-485D-8F08-6604A4169FB2}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{416E10BC-44BF-401E-8C13-9E75BBC7548D}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [TCP Query User{8EEEAB2D-D741-4EE1-8131-29446FD22D56}D:\games\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{0556E93E-F0E3-47D3-B659-07E9A91D7F77}D:\games\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{52DE904C-A5CB-435F-8E38-C09E3B7E45EF}D:\games\godot engine\godot_v3.1-stable_win64.exe] => (Allow) D:\games\godot engine\godot_v3.1-stable_win64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [UDP Query User{A7032EFF-4786-4CCD-90B7-001592677B3F}D:\games\godot engine\godot_v3.1-stable_win64.exe] => (Allow) D:\games\godot engine\godot_v3.1-stable_win64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [TCP Query User{525E9D48-2CC1-464F-8DFC-3505EE0DAE53}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [UDP Query User{F5E85EC0-4F79-4411-87A3-D63CD543A0D9}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [{A2A6B19B-BDF9-49C5-A800-661F610E5477}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{525933A2-98BD-447E-9959-DC0EA4F9406F}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{B50D890E-92ED-4174-A4D6-F0DB273F5AB0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E0E1AFA-D1DF-4AC3-A591-CECA92F54291}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{861D6157-CF55-4ED1-9948-AAB10C53AAC8}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{19DEC2B2-0FED-49AB-BD2F-872AD2548949}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{85605A5D-F9D7-4BFE-A2EE-9BFEAC823D8C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{0DB7129D-9D28-4376-8646-7DD8D8A5CEE3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{6D0D8231-136C-46A8-86B4-B91BAC4720A8}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{2EBF16F2-6A3C-4056-8721-AE5F2D8650FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4800FC86-CDAE-40CE-9AC8-B4CAAB543EB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2E220E5E-23E9-422F-976B-29ADA47D25FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B8FE358-C29C-4A21-9C90-539B2D12A84C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
01-04-2019 23:16:48 Instalační služba modulů systému Windows
05-04-2019 13:04:49 Windows Update
10-04-2019 18:05:03 Windows Update
19-04-2019 12:12:15 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/19/2019 11:11:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 3108
Čas spuštění: 01d4f6f457e9627b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe
ID hlášení: e331d12f-4375-482a-8bd6-d167d9ee00f9
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (04/19/2019 08:55:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1080
Čas spuštění: 01d4f69687b1c611
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe
ID hlášení: 862947d7-195e-40af-b2b2-1854be5d04fc
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (04/14/2019 04:31:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1e2c
Čas spuštění: 01d4f2ce7adbac9a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe
ID hlášení: 3104fe00-c797-4245-843f-4aeb34fb6c56
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (04/12/2019 10:44:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: fc8
Čas spuštění: 01d4f14988daaf0d
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe
ID hlášení: 7356694e-fd03-40e6-b055-e4bc484c506e
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (04/10/2019 07:03:33 PM) (Source: ESENT) (EventID: 553) (User: )
Description: SettingSyncHost (7304,P,98) {3DC47919-E944-4ECD-B733-A0F12257424D}: Failed looking up restore-map entry for database C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032.
Error: (04/10/2019 07:03:33 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (7304,P,98) {3DC47919-E944-4ECD-B733-A0F12257424D}: Pokus o otevření souboru C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (04/10/2019 07:03:23 PM) (Source: ESENT) (EventID: 553) (User: )
Description: SettingSyncHost (7304,P,98) {EE425ADD-6386-463F-B69F-1044F75A1795}: Failed looking up restore-map entry for database C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032.
Error: (04/10/2019 07:03:23 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (7304,P,98) {EE425ADD-6386-463F-B69F-1044F75A1795}: Pokus o otevření souboru C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (04/20/2019 10:53:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:52:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:52:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:52:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:52:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:51:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 07:05:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DMT7107)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/20/2019 07:05:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DMT7107)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-04-03 17:02:38.313
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BD3D2381-0383-497B-AAF1-60926853B39F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-04-02 00:54:17.239
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8E73B0DF-62F6-41AD-9701-18505315E0BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 44%
Total physical RAM: 8135.29 MB
Available physical RAM: 4495.95 MB
Total Virtual: 10951.29 MB
Available Virtual: 6965.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:167.13 GB) (Free:97.71 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:121.06 GB) NTFS
\\?\Volume{0f4796b3-1dbe-4604-af63-5482cc792c8b}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{e8b04dcb-fe4b-4d7a-b06e-b11bc5931d6b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B1651AD0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.04.2019 01
Ran by mojko (administrator) on DESKTOP-DMT7107 (System manufacturer System Product Name) (20-04-2019 23:04:26)
Running from C:\Users\mojko\OneDrive\Plocha
Loaded Profiles: mojko (Available Profiles: mojko)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mojko\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mojko\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\FileCoAuth.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [HP DeskJet 4530 series (NET)] => C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [mojko] => explorer.exe hxxp://dipladoks.org <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01D482EB-C39B-466F-9C0B-0E9A9B333183} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D8419D2-DD91-463B-B3A1-FE98C5FA7D36} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {143A6F5C-2197-4177-8FC6-25DBC057C1AD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D3A2E6B-E229-4E79-AD9C-7CF8DA89440F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EE679C3-BDEC-4364-B78A-8FE88BBE8438} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe (Hewlett Packard -> HP Inc.)
Task: {20EB538D-DBB2-47E5-A3FD-BE8E6C475106} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36C868AC-05B8-42E8-A6A9-7A65D2D27B90} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40724DFE-532B-4B47-B333-DF84F1A43D21} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CF9AC85-01F4-4135-85CB-57B06D991509} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D7B0577-2E05-4535-898E-0F8D6A36E7C4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5B06DC8-55BB-417F-A63F-F601CF9B102B} - System32\Tasks\mojko => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v mojko /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION
Task: {B7529406-FB5A-4915-9BEC-68829953878E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {C561E2AA-238A-4EA6-8093-FFDB298A5DB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DBD0BCA1-B80F-4571-8974-96C2F22F0A63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {ED9A8DD8-954B-46D6-AB67-78723E97335F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F38CF806-1534-4233-90AD-D26F1CABD2D4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBC20847-8AAD-4EB8-89AF-4C2C846146A2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF0B7606-B0BA-4C51-B660-5511CDB25661} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84fc45a9-6178-453d-b7af-bf0ffa0bebef}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__180812
SearchScopes: HKU\S-1-5-21-488830516-3087435467-1000753162-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__180812&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?hl=cs
CHR StartupUrls: Default -> "hxxps://www.google.cz/?hl=cs"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default [2019-04-20]
CHR Extension: (Prezentace) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-12]
CHR Extension: (Dokumenty) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-12]
CHR Extension: (Disk Google) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-12]
CHR Extension: (Tabulky) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-12]
CHR Extension: (AdBlock) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-12]
CHR Extension: (Gmail) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-07] (BattlEye Innovations e.K. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2019-02-14] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476264 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6992f55a2cc4b209\nvlddmkm.sys [20371952 2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [52664 2017-11-07] (NVIDIA Corporation -> Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 UsbserFilt; C:\Windows\System32\drivers\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [333792 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 23:03 - 2019-04-20 23:04 - 000000000 ____D C:\FRST
2019-04-20 22:52 - 2019-04-20 22:52 - 000000000 ___HD C:\OneDriveTemp
2019-04-20 11:02 - 2019-04-20 11:02 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-04-13 22:00 - 2019-04-13 22:00 - 000000000 ___RD C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents
2019-04-13 22:00 - 2019-04-13 22:00 - 000000000 ____D C:\Users\mojko\OneDrive\Dokumenty\Fax
2019-04-12 17:59 - 2019-04-12 17:59 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-10 18:07 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 18:07 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-04-10 18:07 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-10 18:07 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 18:06 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-04-10 18:06 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-04-10 18:06 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-10 18:06 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-10 18:06 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-04-10 18:06 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-10 18:06 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-10 18:06 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-10 18:06 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-10 18:06 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-04-10 18:06 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-04-10 18:06 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-10 18:06 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-10 18:06 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-04-10 18:06 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-04-10 18:06 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-04-10 18:06 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-10 18:06 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-10 18:06 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-04-10 18:06 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-10 18:06 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-10 18:06 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-04-10 18:06 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-04-10 18:06 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-04-10 18:06 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-04-10 18:06 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-04-10 18:06 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-10 18:06 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-04-10 18:06 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-04-10 18:06 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-04-10 18:06 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-10 18:06 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-04-10 18:06 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-10 18:06 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-04-10 18:06 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-04-10 18:06 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-04-10 18:06 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-04-10 18:06 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-04-10 18:06 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-04-10 18:06 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-04-10 18:06 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 18:06 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-10 18:06 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-04-10 18:06 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-10 18:06 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-04-10 18:06 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 18:06 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-04-10 18:06 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-04-10 18:06 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-04-10 18:06 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-04-10 18:06 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-10 18:06 - 2019-04-02 08:22 - 000001312 _____ C:\Windows\system32\tcbres.wim
2019-04-10 18:06 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-04-10 18:06 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-04-10 18:06 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-04-10 18:06 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-04-10 18:06 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-10 18:06 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-04-10 18:06 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 18:06 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 18:06 - 2019-03-14 16:55 - 001786680 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 001626928 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 001038136 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-04-10 18:06 - 2019-03-14 16:52 - 001424696 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000954160 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000830264 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000827704 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2019-04-10 18:06 - 2019-03-14 16:52 - 000825144 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000749880 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000670008 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000164664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2019-04-10 18:06 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-10 18:06 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\appinfoext.dll
2019-04-10 18:06 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2019-04-10 18:06 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-04-10 18:06 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-04-10 18:06 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\RpcPing.exe
2019-04-10 18:06 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2019-04-10 18:06 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2019-04-10 18:06 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2019-04-10 18:06 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2019-04-10 18:06 - 2019-03-14 16:29 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2019-04-10 18:06 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-04-10 18:06 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-04-10 18:06 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2019-04-10 18:06 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcPing.exe
2019-04-10 18:06 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 18:06 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2019-04-10 18:06 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2019-04-10 18:06 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-04-10 18:06 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-04-10 18:06 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-04-10 18:06 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-04-10 18:06 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpr.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-04-10 18:06 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-04-10 18:06 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-10 18:06 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-04-10 18:06 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-04-10 18:06 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-04-10 18:06 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-04-10 18:06 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-04-10 18:06 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-04-10 18:06 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-04-10 18:06 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 18:06 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-10 18:06 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcmapi.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2019-04-10 18:06 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-04-10 18:06 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\negoexts.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-04-10 18:06 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-04-10 18:06 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-04-10 18:06 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-04-10 18:06 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-04-10 18:06 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-04-10 18:06 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\fcon.dll
2019-04-10 18:06 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-10 18:06 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2019-04-10 18:06 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-04-10 18:06 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\wcmapi.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 18:06 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-04-10 18:06 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\negoexts.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2019-04-10 18:06 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\ShellCommonCommonProxyStub.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-04-10 18:06 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-04-10 18:06 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-04-10 18:06 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-04-10 18:06 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-04-08 02:11 - 2019-04-08 02:11 - 000010650 _____ C:\Users\mojko\AppData\Local\recently-used.xbel
2019-03-31 19:53 - 2019-04-03 22:03 - 000000000 ____D C:\Users\mojko\AppData\Roaming\Origin
2019-03-31 19:02 - 2019-03-31 19:02 - 000000000 ____D C:\Users\mojko\OneDrive\Dokumenty\EA Games
2019-03-31 19:02 - 2019-03-31 19:02 - 000000000 ____D C:\Users\mojko\AppData\Local\EA Games
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 23:00 - 2018-08-12 16:18 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-20 22:57 - 2018-08-12 16:24 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-20 22:57 - 2018-08-12 14:59 - 000715034 _____ C:\Windows\system32\perfh005.dat
2019-04-20 22:57 - 2018-08-12 14:59 - 000144328 _____ C:\Windows\system32\perfc005.dat
2019-04-20 22:57 - 2018-08-12 14:55 - 000000000 ____D C:\Windows\INF
2019-04-20 22:52 - 2018-08-12 18:52 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-20 22:52 - 2018-08-12 18:20 - 000000000 ___RD C:\Users\mojko\OneDrive
2019-04-20 22:52 - 2018-08-12 14:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-20 22:51 - 2018-08-12 16:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-20 22:51 - 2018-08-12 16:18 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-20 19:05 - 2018-08-12 14:53 - 000524288 _____ C:\Windows\system32\config\BBI
2019-04-20 18:45 - 2018-08-12 19:03 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 18:43 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-04-20 18:45 - 2018-08-12 18:35 - 000003398 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-20 18:45 - 2018-08-12 18:35 - 000003174 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-20 18:45 - 2018-08-12 18:21 - 000002858 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-488830516-3087435467-1000753162-1001
2019-04-20 18:43 - 2018-08-12 16:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-20 11:02 - 2018-08-12 19:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-04-20 11:02 - 2018-08-12 16:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-04-20 10:17 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\AppReadiness
2019-04-20 01:16 - 2018-08-12 20:09 - 000000000 ____D C:\Users\mojko\AppData\Roaming\vlc
2019-04-19 23:10 - 2019-03-19 21:03 - 000000000 ____D C:\Users\mojko\AppData\LocalLow\uTorrent
2019-04-19 23:10 - 2018-08-12 22:07 - 000000000 ____D C:\Users\mojko\AppData\Roaming\uTorrent
2019-04-19 23:04 - 2018-08-12 14:56 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-19 21:04 - 2018-09-18 16:21 - 000000000 ____D C:\Users\mojko\AppData\Local\Ubisoft Game Launcher
2019-04-17 22:09 - 2018-08-12 18:43 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-04-16 20:27 - 2018-08-13 16:30 - 000000000 ____D C:\Users\mojko\AppData\Local\Battle.net
2019-04-16 19:10 - 2018-08-13 16:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-04-12 18:02 - 2018-08-12 18:15 - 000002361 _____ C:\Users\mojko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-12 17:59 - 2018-08-12 18:43 - 000476264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-11 20:04 - 2018-08-12 18:35 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 18:32 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\system32\NDF
2019-04-10 18:52 - 2018-08-12 16:18 - 000270024 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\TextInput
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\bcastdvr
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-10 18:09 - 2018-08-12 14:53 - 000000000 ____D C:\Windows\CbsTemp
2019-04-10 18:06 - 2018-08-12 18:27 - 000000000 ____D C:\Windows\system32\MRT
2019-04-10 18:05 - 2018-08-12 18:27 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-09 00:10 - 2018-08-22 20:13 - 000000000 ____D C:\Users\mojko\AppData\Local\CrashDumps
2019-04-08 15:24 - 2018-08-20 16:25 - 000000000 ____D C:\Users\mojko\AppData\Roaming\.minecraft
2019-04-08 02:22 - 2019-03-15 16:14 - 000003584 _____ C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-04-08 02:12 - 2018-08-18 15:17 - 000000000 ____D C:\Users\mojko\AppData\Local\babl-0.1
2019-04-05 13:05 - 2018-11-16 00:48 - 000000000 ____D C:\Program Files\rempl
2019-04-04 02:51 - 2018-08-12 19:44 - 000000000 ____D C:\ProgramData\Origin
2019-04-03 17:44 - 2018-08-12 19:47 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-04-03 17:43 - 2018-08-12 19:45 - 000000000 ____D C:\Program Files (x86)\Origin
2019-04-03 17:43 - 2018-08-12 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-02 19:00 - 2018-08-12 19:03 - 002769264 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-04-02 19:00 - 2018-08-12 19:03 - 002149232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-04-02 19:00 - 2018-08-12 19:03 - 001322864 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2019-04-02 17:25 - 2018-08-12 19:03 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-04-01 19:51 - 2018-08-12 14:58 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-08-12 14:58 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-31 22:28 - 2018-09-11 21:27 - 000000000 ____D C:\Users\mojko\AppData\Local\gtk-2.0
2019-03-31 22:00 - 2018-08-12 16:18 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-03-31 21:50 - 2018-08-12 18:28 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-03-30 13:40 - 2018-08-12 18:52 - 000000000 ____D C:\Program Files\WinRAR
2019-03-29 02:17 - 2018-08-12 18:52 - 000000000 ____D C:\Users\mojko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-29 02:17 - 2018-08-12 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
==================== Files in the root of some directories =======
2019-03-15 16:14 - 2019-04-08 02:22 - 000003584 _____ () C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-04-08 02:11 - 2019-04-08 02:11 - 000010650 _____ () C:\Users\mojko\AppData\Local\recently-used.xbel
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2018-08-12 16:18
==================== End of FRST.txt ============================
Samovolně při startu se spustí internetový prohlížeč se stránkou obsahující různe reklamy, dnes to byl dokonce pornografický materiál.
dávám logy z FRST.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.04.2019 01
Ran by mojko (20-04-2019 23:05:17)
Running from C:\Users\mojko\OneDrive\Plocha
Windows 10 Pro Version 1803 17134.706 (X64) (2018-08-12 14:20:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-488830516-3087435467-1000753162-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-488830516-3087435467-1000753162-503 - Limited - Disabled)
Guest (S-1-5-21-488830516-3087435467-1000753162-501 - Limited - Disabled)
mojko (S-1-5-21-488830516-3087435467-1000753162-1001 - Administrator - Enabled) => C:\Users\mojko
WDAGUtilityAccount (S-1-5-21-488830516-3087435467-1000753162-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Brotherhood 1.03 (HKLM-x32\...\Assassins Creed - Brotherhood_is1) (Version: - )
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bioshock Infinite verze v1.1.25.5165 (HKLM-x32\...\Bioshock Infinite_is1) (Version: v1.1.25.5165 - (R.G.Danik1B9))
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dishonored - Game of the Year Edition (HKLM-x32\...\Dishonored - Game of the Year Edition_is1) (Version: - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden
Fallout 4 Complete Pack (HKLM-x32\...\Fallout 4 Complete Pack_is1) (Version: 1.7 - Bethesda Softworks)
GIMP 2.10.4 (HKLM\...\GIMP-2_is1) (Version: 2.10.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HP DeskJet 4530 series Nápověda (HKLM-x32\...\{6533E793-4E8D-4C7C-B287-4115DA1F40E3}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kingdoms and Castles Grand Buildings (HKLM-x32\...\Kingdoms and Castles Grand Buildings_is1) (Version: - )
Little Nightmares - Fox mask (HKLM-x32\...\1828170949_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Hideaway (HKLM-x32\...\1675156362_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Scarecrow sack (HKLM-x32\...\1268928435_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Tengu mask (HKLM-x32\...\1611302854_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - The Depths (HKLM-x32\...\1863057712_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - The Residence (HKLM-x32\...\1185734803_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Upside-down teapot (HKLM-x32\...\1352220891_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares (HKLM-x32\...\1433377508_is1) (Version: 1.0.43.1 - GOG.com)
Microsoft OneDrive (HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{756E195A-CB58-4B99-917F-0DDA0D881204}) (Version: 1.0.4.0 - Mojang)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Movavi Video Editor 14 Plus (x64) (HKLM\...\Movavi Video Editor 14 Plus (x64)) (Version: 14.5.0 - Movavi)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Ori and The Blind Forest - Definitive Edition (HKLM-x32\...\1384944984_is1) (Version: 2.0.0.2 - GOG.com)
Origin (HKLM-x32\...\Origin) (Version: 10.5.36.23506 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.94 - NVIDIA Corporation) Hidden
Papers, Please (HKLM-x32\...\Papers, Please_is1) (Version: - )
Prey (HKLM-x32\...\{ED1E7C2D-2BD8-4000-AD10-837ABB6A478F}_is1) (Version: - Bethesda Softworks)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Skype verze 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{93AB5884-7DE1-4F7E-881D-0AA548DD32E5}) (Version: 40.11.1122.1796 - HP Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{BC36C273-E8B5-4673-826C-13D8CA9458F6}) (Version: 40.11.1122.1796 - HP Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-488830516-3087435467-1000753162-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-08-12 19:45 - 2018-08-12 19:45 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed III:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed Unity:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Avalanche Studios:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Battlefield 1:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\BeamNG.drive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\CPY_SAVES:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\EA Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Fax:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Flower:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Klei:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Mirrors Edge Catalyst:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\My Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Rockstar Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Shadow of the Tomb Raider:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\StarCraft II:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Ubisoft:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\WB Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-08-12 14:56 - 2019-01-04 15:36 - 000000825 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mojko\OneDrive\Plocha\wallpaper\923008.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{41C405C2-0CCE-4260-BB67-78D45005528B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A6AE7618-23BF-457D-881E-B5CE6C2DEC0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E0EA4EB-63D3-4C6A-B1FF-A7DFFE645B81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9FAD99A5-D3D4-4D06-A90D-438A49156F2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4A2BE45-B956-4249-8043-02380225B4B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{600A3DAD-831F-4E9E-8C30-8B3BB8C0EAA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7FBF9637-3E56-464E-B05E-9D61BD037235}] => (Allow) C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A7C434DF-60AC-413E-A43E-9B2B67FF7FD0}] => (Allow) C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C5A8B7CF-9945-420C-B06C-19B3638C1693}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{151FD0DF-1C3E-4F46-BE7A-C366EE035F2A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [TCP Query User{4A905F54-9F7F-45EC-958A-A039405CB872}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [UDP Query User{76B2458E-1C2D-4DD2-8FBA-3846C337E183}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [TCP Query User{C8242197-060D-48B6-B250-4488D0F880ED}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{C6644D46-B35A-4D9A-B8A8-EE42C0722226}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [{88863386-3C9B-4569-90F4-80A2B8931728}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7D7BB168-1AF4-4398-A2FC-FF0340194B2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{73E6AD70-8CE2-404E-BC0D-8B386971B913}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [UDP Query User{97E8F56B-AC28-4F67-A8AE-4C677169D237}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [TCP Query User{46900934-BF72-49F4-893C-BB16896A203A}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [UDP Query User{01CC2A8E-4802-4021-BA95-1EB78055A6BC}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [TCP Query User{6C85634A-6C0A-42CA-9D19-34ABA0F4EEB0}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{7684144C-3AC9-489B-B072-93F906A72C06}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D4E19200-BBC8-42A5-A6BC-1050A17E00EE}D:\games\starcraft ii\support\sc2editor.exe] => (Allow) D:\games\starcraft ii\support\sc2editor.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{D5C4AE6C-3540-4A97-AA4F-CA4388D2FC58}D:\games\starcraft ii\support\sc2editor.exe] => (Allow) D:\games\starcraft ii\support\sc2editor.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{9DEEFEDB-E60E-47E9-8BF5-E415AB625B16}D:\games\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\games\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{B3830F29-E001-44AA-A73A-478C16235999}D:\games\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\games\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{8EAC5D8B-4E5B-4F18-BB5D-6F091AA06B8B}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{508640BB-E1EE-4A88-9BEC-CB242F290461}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{384E4CE7-7DB5-44A8-8A31-AEAE691680AC}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [{81E40E46-25AB-4180-9446-CC79674A82FE}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [TCP Query User{4CD6E5E0-9B8E-40CF-9F81-3F38747EC6E7}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{B33AA652-8201-4E63-84EE-82B96F29D1D6}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [{F76497B9-0A79-40A4-92A2-1436EFF6ECA5}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{1119F732-7E49-496C-B8C2-C16A3845E1BA}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{E61F3FDF-D7C8-43D0-9D20-F1F86F750D85}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{BD36437A-882E-49C7-ADFE-E62404A965AB}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{57D82849-6B0B-4447-AE64-21104729F864}] => (Allow) D:\Games\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{C97EBF01-6074-4E82-9F69-D3759969301C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{2279D176-215D-442C-9794-2B37E0AFDAD9}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [UDP Query User{3809BB5B-A0F9-4FC0-B3EC-029412B820E5}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [TCP Query User{7DAF7868-216C-435D-A3BB-0CCC4000A6F5}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [UDP Query User{6FF3E752-F569-4B14-BA41-7BEBD5C63C32}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [TCP Query User{B5C5DA34-C97B-44A5-BD09-C86B81AE6B35}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [UDP Query User{A9F0F0A6-0B3C-40F4-A0EC-974CD6AD1DD5}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [{FAAB2F4E-0DC9-4A13-82C1-7F04DE66AFC2}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{FEEBD061-1D32-4DDC-84A9-1D5FA8450064}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{84501E9F-55EB-4783-8040-8D79C7F693E4}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{A03D240A-C624-487F-8575-4A59608272A4}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{90488850-E521-4F17-8135-81D8EC8CCB01}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{363B3245-ACC2-456E-85AD-F6A3A5D3767E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18ABCD4D-8174-4095-9F25-27CE0C221C4A}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{AAD0DADC-9871-4621-95FF-E596D357A93C}] => (Allow) LPort=5357
FirewallRules: [{957D4225-9C62-486C-AF48-35271C86C7AC}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{14BBCB4F-3894-43A1-AD80-BED0BB7C8253}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1FA35AC1-E3AF-4F00-9C5D-1950DEC9E348}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D9822B67-8122-4DA8-ADC6-E6BF744F1BDC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{43F7AD49-67D7-43C4-B432-087EA72414CC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E2F751FC-1B1E-4317-AD56-684FC83A3118}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{F1E5FFE4-BC3E-4465-A3F6-E9BD404A5E1B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [TCP Query User{C587A408-2DAE-411F-90DF-949FDBD03470}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{8000F599-D4E0-4997-87F4-ADFA5F51013F}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{C36C9337-3A1A-4278-A33A-D13AB39E8522}D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [UDP Query User{7EB847A7-FB41-4C82-825B-48879FE0B670}D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [TCP Query User{FD53F35F-029F-46E1-A710-0CE98629D0B8}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [UDP Query User{4EABC687-2D8D-4FF2-BF40-C96231E156EE}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [TCP Query User{397E56F6-50A1-4D41-B368-425AEFB0D344}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{83D241CD-78F8-452F-9200-9AAF6657FD28}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{06189B38-3AE5-4D4C-843E-463735E36BDA}D:\games\assassins creed - brotherhood\acbsp.exe] => (Allow) D:\games\assassins creed - brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{DCA13E2C-D431-4B01-8619-24155976BB2B}D:\games\assassins creed - brotherhood\acbsp.exe] => (Allow) D:\games\assassins creed - brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{4349B2D4-9654-4756-9FB3-A667AA5B7CAC}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{3DFE1328-4071-4D20-A4A0-1B7DEF455723}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F5304ADA-D16F-40BD-A909-20C901BE3F33}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{6971210A-3040-4CE6-B545-7B9D1F50184F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{62895721-30E4-4921-9B2B-532B8B0B0E45}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{BB8119E2-E007-4369-809B-90B221758CDD}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{43559B02-E1FE-40C8-9D5F-3047F7992690}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{5ABD9258-BB07-4D26-A9A3-7015A456E2B6}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{D083DE7B-927D-4276-9AD8-9FAE8272360D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B4264688-430B-4CFF-A3D3-DA939E7739A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{73480E4E-7775-40AA-94AF-2AF467426656}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C2DC316E-6DFC-433A-A4A2-8683330F9A97}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{4A2A6B21-79B5-485D-8F08-6604A4169FB2}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{416E10BC-44BF-401E-8C13-9E75BBC7548D}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [TCP Query User{8EEEAB2D-D741-4EE1-8131-29446FD22D56}D:\games\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{0556E93E-F0E3-47D3-B659-07E9A91D7F77}D:\games\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{52DE904C-A5CB-435F-8E38-C09E3B7E45EF}D:\games\godot engine\godot_v3.1-stable_win64.exe] => (Allow) D:\games\godot engine\godot_v3.1-stable_win64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [UDP Query User{A7032EFF-4786-4CCD-90B7-001592677B3F}D:\games\godot engine\godot_v3.1-stable_win64.exe] => (Allow) D:\games\godot engine\godot_v3.1-stable_win64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [TCP Query User{525E9D48-2CC1-464F-8DFC-3505EE0DAE53}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [UDP Query User{F5E85EC0-4F79-4411-87A3-D63CD543A0D9}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [{A2A6B19B-BDF9-49C5-A800-661F610E5477}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{525933A2-98BD-447E-9959-DC0EA4F9406F}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{B50D890E-92ED-4174-A4D6-F0DB273F5AB0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E0E1AFA-D1DF-4AC3-A591-CECA92F54291}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{861D6157-CF55-4ED1-9948-AAB10C53AAC8}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{19DEC2B2-0FED-49AB-BD2F-872AD2548949}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{85605A5D-F9D7-4BFE-A2EE-9BFEAC823D8C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{0DB7129D-9D28-4376-8646-7DD8D8A5CEE3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{6D0D8231-136C-46A8-86B4-B91BAC4720A8}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{2EBF16F2-6A3C-4056-8721-AE5F2D8650FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4800FC86-CDAE-40CE-9AC8-B4CAAB543EB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2E220E5E-23E9-422F-976B-29ADA47D25FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B8FE358-C29C-4A21-9C90-539B2D12A84C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
01-04-2019 23:16:48 Instalační služba modulů systému Windows
05-04-2019 13:04:49 Windows Update
10-04-2019 18:05:03 Windows Update
19-04-2019 12:12:15 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/19/2019 11:11:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 3108
Čas spuštění: 01d4f6f457e9627b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe
ID hlášení: e331d12f-4375-482a-8bd6-d167d9ee00f9
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (04/19/2019 08:55:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1080
Čas spuštění: 01d4f69687b1c611
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe
ID hlášení: 862947d7-195e-40af-b2b2-1854be5d04fc
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (04/14/2019 04:31:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1e2c
Čas spuštění: 01d4f2ce7adbac9a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe
ID hlášení: 3104fe00-c797-4245-843f-4aeb34fb6c56
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (04/12/2019 10:44:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: fc8
Čas spuštění: 01d4f14988daaf0d
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe
ID hlášení: 7356694e-fd03-40e6-b055-e4bc484c506e
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (04/10/2019 07:03:33 PM) (Source: ESENT) (EventID: 553) (User: )
Description: SettingSyncHost (7304,P,98) {3DC47919-E944-4ECD-B733-A0F12257424D}: Failed looking up restore-map entry for database C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032.
Error: (04/10/2019 07:03:33 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (7304,P,98) {3DC47919-E944-4ECD-B733-A0F12257424D}: Pokus o otevření souboru C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (04/10/2019 07:03:23 PM) (Source: ESENT) (EventID: 553) (User: )
Description: SettingSyncHost (7304,P,98) {EE425ADD-6386-463F-B69F-1044F75A1795}: Failed looking up restore-map entry for database C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032.
Error: (04/10/2019 07:03:23 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (7304,P,98) {EE425ADD-6386-463F-B69F-1044F75A1795}: Pokus o otevření souboru C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (04/20/2019 10:53:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:52:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:52:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:52:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:52:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 10:51:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/20/2019 07:05:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DMT7107)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/20/2019 07:05:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DMT7107)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-04-03 17:02:38.313
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BD3D2381-0383-497B-AAF1-60926853B39F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-04-02 00:54:17.239
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8E73B0DF-62F6-41AD-9701-18505315E0BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 44%
Total physical RAM: 8135.29 MB
Available physical RAM: 4495.95 MB
Total Virtual: 10951.29 MB
Available Virtual: 6965.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:167.13 GB) (Free:97.71 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:121.06 GB) NTFS
\\?\Volume{0f4796b3-1dbe-4604-af63-5482cc792c8b}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{e8b04dcb-fe4b-4d7a-b06e-b11bc5931d6b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B1651AD0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.04.2019 01
Ran by mojko (administrator) on DESKTOP-DMT7107 (System manufacturer System Product Name) (20-04-2019 23:04:26)
Running from C:\Users\mojko\OneDrive\Plocha
Loaded Profiles: mojko (Available Profiles: mojko)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mojko\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mojko\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\FileCoAuth.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [HP DeskJet 4530 series (NET)] => C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [mojko] => explorer.exe hxxp://dipladoks.org <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01D482EB-C39B-466F-9C0B-0E9A9B333183} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D8419D2-DD91-463B-B3A1-FE98C5FA7D36} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {143A6F5C-2197-4177-8FC6-25DBC057C1AD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D3A2E6B-E229-4E79-AD9C-7CF8DA89440F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EE679C3-BDEC-4364-B78A-8FE88BBE8438} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe (Hewlett Packard -> HP Inc.)
Task: {20EB538D-DBB2-47E5-A3FD-BE8E6C475106} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36C868AC-05B8-42E8-A6A9-7A65D2D27B90} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40724DFE-532B-4B47-B333-DF84F1A43D21} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CF9AC85-01F4-4135-85CB-57B06D991509} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D7B0577-2E05-4535-898E-0F8D6A36E7C4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5B06DC8-55BB-417F-A63F-F601CF9B102B} - System32\Tasks\mojko => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v mojko /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION
Task: {B7529406-FB5A-4915-9BEC-68829953878E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {C561E2AA-238A-4EA6-8093-FFDB298A5DB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DBD0BCA1-B80F-4571-8974-96C2F22F0A63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {ED9A8DD8-954B-46D6-AB67-78723E97335F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F38CF806-1534-4233-90AD-D26F1CABD2D4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBC20847-8AAD-4EB8-89AF-4C2C846146A2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF0B7606-B0BA-4C51-B660-5511CDB25661} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84fc45a9-6178-453d-b7af-bf0ffa0bebef}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__180812
SearchScopes: HKU\S-1-5-21-488830516-3087435467-1000753162-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__180812&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?hl=cs
CHR StartupUrls: Default -> "hxxps://www.google.cz/?hl=cs"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default [2019-04-20]
CHR Extension: (Prezentace) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-12]
CHR Extension: (Dokumenty) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-12]
CHR Extension: (Disk Google) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-12]
CHR Extension: (Tabulky) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-12]
CHR Extension: (AdBlock) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-12]
CHR Extension: (Gmail) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-07] (BattlEye Innovations e.K. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2019-02-14] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476264 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6992f55a2cc4b209\nvlddmkm.sys [20371952 2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [52664 2017-11-07] (NVIDIA Corporation -> Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 UsbserFilt; C:\Windows\System32\drivers\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [333792 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 23:03 - 2019-04-20 23:04 - 000000000 ____D C:\FRST
2019-04-20 22:52 - 2019-04-20 22:52 - 000000000 ___HD C:\OneDriveTemp
2019-04-20 11:02 - 2019-04-20 11:02 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-04-13 22:00 - 2019-04-13 22:00 - 000000000 ___RD C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents
2019-04-13 22:00 - 2019-04-13 22:00 - 000000000 ____D C:\Users\mojko\OneDrive\Dokumenty\Fax
2019-04-12 17:59 - 2019-04-12 17:59 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-10 18:07 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 18:07 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-04-10 18:07 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-10 18:07 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 18:06 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-04-10 18:06 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-04-10 18:06 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-10 18:06 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-10 18:06 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-04-10 18:06 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-10 18:06 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-10 18:06 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-10 18:06 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-10 18:06 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-04-10 18:06 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-04-10 18:06 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-10 18:06 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-10 18:06 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-04-10 18:06 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-04-10 18:06 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-04-10 18:06 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-10 18:06 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-10 18:06 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-04-10 18:06 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-10 18:06 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-10 18:06 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-04-10 18:06 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-04-10 18:06 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-04-10 18:06 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-04-10 18:06 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-04-10 18:06 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-10 18:06 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-04-10 18:06 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-04-10 18:06 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-04-10 18:06 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-10 18:06 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-04-10 18:06 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-10 18:06 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-04-10 18:06 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-04-10 18:06 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-04-10 18:06 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-04-10 18:06 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-04-10 18:06 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-04-10 18:06 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-04-10 18:06 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 18:06 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-10 18:06 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-04-10 18:06 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-10 18:06 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-04-10 18:06 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 18:06 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-04-10 18:06 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-04-10 18:06 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-04-10 18:06 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-04-10 18:06 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-10 18:06 - 2019-04-02 08:22 - 000001312 _____ C:\Windows\system32\tcbres.wim
2019-04-10 18:06 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-04-10 18:06 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-04-10 18:06 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-04-10 18:06 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-04-10 18:06 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-10 18:06 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-04-10 18:06 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 18:06 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 18:06 - 2019-03-14 16:55 - 001786680 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 001626928 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 001038136 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-04-10 18:06 - 2019-03-14 16:52 - 001424696 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000954160 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000830264 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000827704 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2019-04-10 18:06 - 2019-03-14 16:52 - 000825144 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000749880 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000670008 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000164664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2019-04-10 18:06 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-10 18:06 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\appinfoext.dll
2019-04-10 18:06 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2019-04-10 18:06 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-04-10 18:06 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-04-10 18:06 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\RpcPing.exe
2019-04-10 18:06 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2019-04-10 18:06 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2019-04-10 18:06 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2019-04-10 18:06 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2019-04-10 18:06 - 2019-03-14 16:29 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2019-04-10 18:06 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-04-10 18:06 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-04-10 18:06 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2019-04-10 18:06 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcPing.exe
2019-04-10 18:06 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 18:06 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2019-04-10 18:06 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2019-04-10 18:06 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-04-10 18:06 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-04-10 18:06 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-04-10 18:06 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-04-10 18:06 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpr.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-04-10 18:06 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-04-10 18:06 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-10 18:06 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-04-10 18:06 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-04-10 18:06 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-04-10 18:06 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-04-10 18:06 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-04-10 18:06 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-04-10 18:06 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-04-10 18:06 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 18:06 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-10 18:06 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcmapi.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2019-04-10 18:06 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-04-10 18:06 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\negoexts.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-04-10 18:06 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-04-10 18:06 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-04-10 18:06 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-04-10 18:06 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-04-10 18:06 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-04-10 18:06 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\fcon.dll
2019-04-10 18:06 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-10 18:06 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2019-04-10 18:06 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-04-10 18:06 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\wcmapi.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 18:06 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-04-10 18:06 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\negoexts.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2019-04-10 18:06 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\ShellCommonCommonProxyStub.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-04-10 18:06 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-04-10 18:06 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-04-10 18:06 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-04-10 18:06 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-04-08 02:11 - 2019-04-08 02:11 - 000010650 _____ C:\Users\mojko\AppData\Local\recently-used.xbel
2019-03-31 19:53 - 2019-04-03 22:03 - 000000000 ____D C:\Users\mojko\AppData\Roaming\Origin
2019-03-31 19:02 - 2019-03-31 19:02 - 000000000 ____D C:\Users\mojko\OneDrive\Dokumenty\EA Games
2019-03-31 19:02 - 2019-03-31 19:02 - 000000000 ____D C:\Users\mojko\AppData\Local\EA Games
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 23:00 - 2018-08-12 16:18 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-20 22:57 - 2018-08-12 16:24 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-20 22:57 - 2018-08-12 14:59 - 000715034 _____ C:\Windows\system32\perfh005.dat
2019-04-20 22:57 - 2018-08-12 14:59 - 000144328 _____ C:\Windows\system32\perfc005.dat
2019-04-20 22:57 - 2018-08-12 14:55 - 000000000 ____D C:\Windows\INF
2019-04-20 22:52 - 2018-08-12 18:52 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-20 22:52 - 2018-08-12 18:20 - 000000000 ___RD C:\Users\mojko\OneDrive
2019-04-20 22:52 - 2018-08-12 14:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-20 22:51 - 2018-08-12 16:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-20 22:51 - 2018-08-12 16:18 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-20 19:05 - 2018-08-12 14:53 - 000524288 _____ C:\Windows\system32\config\BBI
2019-04-20 18:45 - 2018-08-12 19:03 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 18:43 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-04-20 18:45 - 2018-08-12 18:35 - 000003398 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-20 18:45 - 2018-08-12 18:35 - 000003174 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-20 18:45 - 2018-08-12 18:21 - 000002858 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-488830516-3087435467-1000753162-1001
2019-04-20 18:43 - 2018-08-12 16:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-20 11:02 - 2018-08-12 19:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-04-20 11:02 - 2018-08-12 16:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-04-20 10:17 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\AppReadiness
2019-04-20 01:16 - 2018-08-12 20:09 - 000000000 ____D C:\Users\mojko\AppData\Roaming\vlc
2019-04-19 23:10 - 2019-03-19 21:03 - 000000000 ____D C:\Users\mojko\AppData\LocalLow\uTorrent
2019-04-19 23:10 - 2018-08-12 22:07 - 000000000 ____D C:\Users\mojko\AppData\Roaming\uTorrent
2019-04-19 23:04 - 2018-08-12 14:56 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-19 21:04 - 2018-09-18 16:21 - 000000000 ____D C:\Users\mojko\AppData\Local\Ubisoft Game Launcher
2019-04-17 22:09 - 2018-08-12 18:43 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-04-16 20:27 - 2018-08-13 16:30 - 000000000 ____D C:\Users\mojko\AppData\Local\Battle.net
2019-04-16 19:10 - 2018-08-13 16:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-04-12 18:02 - 2018-08-12 18:15 - 000002361 _____ C:\Users\mojko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-12 17:59 - 2018-08-12 18:43 - 000476264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-11 20:04 - 2018-08-12 18:35 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 18:32 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\system32\NDF
2019-04-10 18:52 - 2018-08-12 16:18 - 000270024 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\TextInput
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\bcastdvr
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-10 18:09 - 2018-08-12 14:53 - 000000000 ____D C:\Windows\CbsTemp
2019-04-10 18:06 - 2018-08-12 18:27 - 000000000 ____D C:\Windows\system32\MRT
2019-04-10 18:05 - 2018-08-12 18:27 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-09 00:10 - 2018-08-22 20:13 - 000000000 ____D C:\Users\mojko\AppData\Local\CrashDumps
2019-04-08 15:24 - 2018-08-20 16:25 - 000000000 ____D C:\Users\mojko\AppData\Roaming\.minecraft
2019-04-08 02:22 - 2019-03-15 16:14 - 000003584 _____ C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-04-08 02:12 - 2018-08-18 15:17 - 000000000 ____D C:\Users\mojko\AppData\Local\babl-0.1
2019-04-05 13:05 - 2018-11-16 00:48 - 000000000 ____D C:\Program Files\rempl
2019-04-04 02:51 - 2018-08-12 19:44 - 000000000 ____D C:\ProgramData\Origin
2019-04-03 17:44 - 2018-08-12 19:47 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-04-03 17:43 - 2018-08-12 19:45 - 000000000 ____D C:\Program Files (x86)\Origin
2019-04-03 17:43 - 2018-08-12 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-02 19:00 - 2018-08-12 19:03 - 002769264 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-04-02 19:00 - 2018-08-12 19:03 - 002149232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-04-02 19:00 - 2018-08-12 19:03 - 001322864 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2019-04-02 17:25 - 2018-08-12 19:03 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-04-01 19:51 - 2018-08-12 14:58 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-08-12 14:58 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-31 22:28 - 2018-09-11 21:27 - 000000000 ____D C:\Users\mojko\AppData\Local\gtk-2.0
2019-03-31 22:00 - 2018-08-12 16:18 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-03-31 21:50 - 2018-08-12 18:28 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-03-30 13:40 - 2018-08-12 18:52 - 000000000 ____D C:\Program Files\WinRAR
2019-03-29 02:17 - 2018-08-12 18:52 - 000000000 ____D C:\Users\mojko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-29 02:17 - 2018-08-12 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
==================== Files in the root of some directories =======
2019-03-15 16:14 - 2019-04-08 02:22 - 000003584 _____ () C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-04-08 02:11 - 2019-04-08 02:11 - 000010650 _____ () C:\Users\mojko\AppData\Local\recently-used.xbel
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2018-08-12 16:18
==================== End of FRST.txt ============================