Dvakrát ukradený účet Steam
Napsal: 22 črc 2019 10:54
Zdravím,
letos podruhé mi někdo ukradl účet na Steamu, potřebuji pomoc s tím, jak se to stalo, moc už na compu nehraju, nejsem si jistá, kdy k tomu došlo, naposledy jsem hrála asi v květnu.
Stáhla jsem si malwarebytes a malwerbytes adw cleaner a projela je, aktuální FRST níže.
Předem děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Katka (administrator) on LAPTOP-ILMEP1E6 (HP HP Pavilion Notebook) (22-07-2019 11:20:47)
Running from C:\Users\Katka\Downloads
Loaded Profiles: Katka (Available Profiles: defaultuser0 & Katka)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Express Vpn LLC -> ) C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVPN.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpnNotificationService.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Iain Patterson) [File not signed] C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP Inc. -> HP)
HKLM-x32\...\Run: [ExpressVpnNotificationService] => C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpnNotificationService.exe [773248 2019-03-21] (Express Vpn LLC -> ExpressVPN)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7592008 2019-03-14] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVPN.exe [799872 2019-03-21] (Express Vpn LLC -> ExpressVPN)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2017-12-22]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-06-13]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08442C7B-4ADB-449C-96F5-63E671344E23} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {09DD0D33-6133-44A6-B26E-D3513B44C17A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0CB27EDF-2273-4BAF-AE7A-31B2018A2B40} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {0CF74098-61EC-486C-BE08-90B4DA636F74} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F2B0386-F1AF-4669-9CB3-D3A17B937870} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {11AC67F5-2381-4941-8D3B-C0401367165E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)
Task: {12D4BFBB-330D-4BB8-9963-7FFEFD3D6D3D} - System32\Tasks\{E6FA35FB-C726-4A62-A64B-0B983B2DEC6A} => C:\windows\system32\pcalua.exe -a D:\Hry\Anno\Anno4.exe -d D:\Hry\Anno
Task: {12F6025D-B4DE-4DB5-A586-AA1B66B601E5} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {132A6084-C34E-4CE3-880B-1947C0C97E74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Restart => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {164046F5-AF05-4664-98DE-7690966AEB9F} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356008 2016-01-21] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {193AB150-7CD3-4ED4-BD08-787B47FEADA1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AA6A51D-5716-4E1A-96CE-8E54588D6525} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2017-09-22] () [File not signed]
Task: {1EB5F7DC-CF1D-426F-ABC7-E41956923099} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {21442B86-A133-4F66-AD77-FDAEA1083381} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {2D4C6965-AB05-4EB4-89A3-5C3A83C166F4} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30497576 2018-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {34167FEA-4790-4BE2-802B-7507E9394EBC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)
Task: {34ED2C15-5DB6-457A-B9E7-8B5E6D318561} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3B056D74-BDFE-4412-B429-319C2AC6B921} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\HP\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [29184 2016-08-29] (HP Inc.) [File not signed]
Task: {3D25901D-ACB8-4360-8ADB-4A03FE5862A5} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {52DA02D5-E647-4D25-AF92-666987529714} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)
Task: {53DFAC32-7EEF-4598-81B1-9053D97DFFC0} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-08-31] (Dropbox, Inc -> )
Task: {6B066064-63C9-480A-BB48-0000D6CB9CF7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
Task: {6E86D434-90B6-4CD7-80C5-76B302889961} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1392008 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {7474F262-A818-4333-838A-6AA9E1BAEBA5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {79AF99D1-7079-47C3-BD1F-430763C4A222} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7A1B6AEB-93E6-4B1A-BD6C-D06845770AEF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-13] (Adobe Inc. -> Adobe)
Task: {7F3D96E7-976D-40A0-9D1F-B6FF8432D018} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7FE8922C-ABF5-4366-AB5C-4851DCF1F4E8} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-07-28] (HP Inc. -> )
Task: {8005BECA-9F04-42F0-8029-1ACE2C3DB226} - System32\Tasks\HPCeeScheduleForKatka => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99392 2016-05-12] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {82D0C186-27A6-4C4E-946F-251406A1B621} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-04] (Google Inc -> Google Inc.)
Task: {8332FEF1-CDF8-407A-BAF1-6BCE017BF846} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8A9C61A9-D33C-4D56-B963-B168294F1810} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D231062-3781-4187-8A0B-22F9F70C4A8D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590704 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {904202B6-6BA7-4473-BD40-04C642ACA801} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {999E6C24-D546-45DB-85E4-A914EF8619CE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E83FB29-00EE-4DB3-9BC6-AF2135241508} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A467A2BF-0BCE-4B98-89B1-5747723A5975} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {AAABE4CC-BBC3-4F93-97A0-0FB59A0F719A} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1657880 2016-10-04] (HP Inc. -> HP Inc.)
Task: {AAEEAEA7-55A6-4A3B-8FA4-902CCEE4E3D6} - System32\Tasks\{A8C42E80-3BFB-4D5A-B765-E5B1504DB54C} => C:\windows\system32\pcalua.exe -a D:\Hry\Anno4.exe -d D:\Hry
Task: {AF73A7D4-84F0-45FA-B960-CCAB90373FDB} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2B7C191-B44A-464F-933C-86A6C7C02BDC} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C32318D8-38A9-4D1F-BA68-0BCF7AE36C7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {C8B4931B-3A18-472B-84F3-797923EA1351} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {D8D43D6F-D767-4DF2-AECB-DE69B0DC08C5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3728752 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DECE7FC7-17C9-45FF-BA69-3FDE9963DBC5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEE5E70A-D8DC-4108-82A6-288CF4253944} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648048 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1575D0A-B35E-4EAF-9AA4-AFC9F339B2EA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {E981844E-846B-4B79-BAC1-241BF16397F6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-13] (Adobe Inc. -> Adobe)
Task: {F5B6D126-A4E6-49CD-AFD2-119F83F25DE5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8B9DBD5-F9FC-41CD-B832-421525C1275B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-04] (Google Inc -> Google Inc.)
Task: {FE9F30EC-D9DA-4502-82F2-F121BD0D3180} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForKatka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{341d9250-66fa-4247-af55-71a5eb330741}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{566ebe3f-c46e-4c6b-847c-54e80ebbeed4}: [DhcpNameServer] 40.23.1.12
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {04B0B942-68B9-48EB-9999-E3C1BE93B2D6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {04B0B942-68B9-48EB-9999-E3C1BE93B2D6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2072171445-3948342329-90923121-1001 -> {04B0B942-68B9-48EB-9999-E3C1BE93B2D6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2072171445-3948342329-90923121-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10454__180527__yaie&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-10-12] (HP Inc. -> HP Inc.)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator\plugins\IEAddin\creator-ie-helper.dll [2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-10-12] (HP Inc. -> HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 5 -> C:\Program Files (x86)\PDF Architect 5\np-previewer.dll [2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://private.searchplanet.online/search/?category=web&s=59pr&q={searchTerms}
CHR DefaultSearchKeyword: Default -> TheSafe Search
CHR DefaultSuggestURL: Default -> hxxp://sug.searchplanet.online/search/index_sg.php?q={searchTerms}
CHR Profile: C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default [2019-07-22]
CHR Extension: (Prezentace) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (IBM Security Rapport) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-07-22]
CHR Extension: (YouTube) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-15]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Hudba Google Play) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-10-06]
CHR Extension: (Tabulky) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Avast Online Security) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-22]
CHR Extension: (TheSafe Search) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\himbhnomjioebmhjcglcehjabdcfjknh [2019-07-22]
CHR Extension: (Gaco) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkifijeoijjinpjckmlgedfhpeflakd [2018-07-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (MyTopMovies New Tab) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\odnihbmlbfmfjpgdbbmhdieojmdemnha [2019-07-22]
CHR Extension: (Gmail) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-07]
CHR HKU\S-1-5-21-2072171445-3948342329-90923121-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [423288 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10285680 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc -> Dropbox, Inc.)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-19] (Intel Corporation - pGFX -> Intel Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [368640 2019-03-21] (Iain Patterson) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-03-14] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-03-14] (GOG Sp. z o.o. -> GOG.com)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-07-28] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [356728 2019-06-12] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S4 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2832560 2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator\common\creator-ws.exe [874680 2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [1250592 2018-10-05] (pdfforge GmbH -> © pdfforge GmbH.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5274560 2019-04-15] (IBM -> IBM Corp.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7343496 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169112 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [549416 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030992 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-10-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387392 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2017-10-05] (Tages SA -> )
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-09-19] (Intel Corporation -> Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-07] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-07] (Disc Soft Ltd -> Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-09-19] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28160 2019-03-21] (ExprsVPN LLC -> )
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2017-10-05] (Tages SA -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 NVHDA; C:\WINDOWS\system32\drivers\nvhda64v.sys [218968 2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_da7d9a362931e747\nvlddmkm.sys [20177280 2018-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [503000 2019-04-15] (IBM -> IBM Corp.)
R1 RapportCerberus_1930415; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930415.sys [1659544 2019-04-03] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [727000 2019-04-15] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [463408 2019-04-15] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [766616 2019-04-15] (IBM -> IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-02-15] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-08-22] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2019-07-22] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2019-02-12] (ExprsVPN LLC -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-05-16] (HP Inc. -> HP)
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-22 11:20 - 2019-07-22 11:21 - 000044956 _____ C:\Users\Katka\Downloads\FRST.txt
2019-07-22 11:19 - 2019-07-22 11:20 - 000000000 ____D C:\FRST
2019-07-22 11:18 - 2019-07-22 11:18 - 002095104 _____ (Farbar) C:\Users\Katka\Downloads\FRST64.exe
2019-07-22 11:00 - 2019-07-22 11:00 - 000002330 _____ C:\Users\Katka\Desktop\AdwCleaner[C00].txt
2019-07-22 10:59 - 2019-07-22 10:59 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-07-22 10:59 - 2019-07-22 10:59 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-07-22 10:59 - 2019-07-22 10:59 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-07-22 10:59 - 2019-07-22 10:59 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-07-22 10:58 - 2019-07-22 10:59 - 000388016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-22 10:57 - 2019-07-22 10:58 - 000000000 ____D C:\AdwCleaner
2019-07-22 10:57 - 2019-07-22 10:57 - 007025360 _____ (Malwarebytes) C:\Users\Katka\Downloads\adwcleaner_7.3.exe
2019-07-22 10:48 - 2019-07-22 10:48 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-07-22 10:48 - 2019-07-22 10:48 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\Users\Katka\AppData\Local\mbamtray
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\Users\Katka\AppData\Local\mbam
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-22 10:48 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-22 10:48 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-22 10:46 - 2019-07-22 10:47 - 064688416 _____ (Malwarebytes ) C:\Users\Katka\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11654.exe
2019-07-09 19:45 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-09 19:45 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-09 19:45 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-09 19:45 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-09 19:45 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-09 19:45 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-09 19:45 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-09 19:45 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-09 19:45 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-09 19:45 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-09 19:45 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-09 19:45 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-09 19:45 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-09 19:45 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-09 19:45 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-09 19:45 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-09 19:45 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-09 19:45 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-09 19:45 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-09 19:45 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-09 19:45 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-09 19:45 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-09 19:45 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-09 19:45 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-09 19:45 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-09 19:45 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-09 19:45 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-09 19:45 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-09 19:45 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-09 19:45 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-09 19:45 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-09 19:45 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-09 19:45 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-09 19:45 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-09 19:45 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-09 19:45 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-09 19:45 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-09 19:45 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-09 19:45 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-09 19:45 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-09 19:45 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-09 19:45 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-09 19:45 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-09 19:45 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-09 19:45 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-09 19:45 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-09 19:45 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-09 19:45 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-09 19:45 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-09 19:45 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-09 19:45 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-09 19:45 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-09 19:45 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-09 19:45 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-09 19:45 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-09 19:45 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-09 19:45 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-09 19:45 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-09 19:45 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-09 19:45 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-09 19:45 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-09 19:45 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-09 19:45 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-09 19:45 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-09 19:45 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-09 19:45 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-09 19:45 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-09 19:45 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-09 19:45 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-09 19:45 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-09 19:45 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-09 19:45 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-09 19:45 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-09 19:45 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-09 19:45 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-09 19:45 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-09 19:45 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-09 19:45 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-09 19:45 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-09 19:45 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-09 19:45 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-09 19:45 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-09 19:45 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-09 19:45 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-09 19:45 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-09 19:45 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-09 19:45 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-09 19:45 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-09 19:45 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-09 19:45 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-09 19:45 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-09 19:45 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-09 19:45 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-09 19:45 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-09 19:45 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-09 19:45 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-09 19:45 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-09 19:45 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-09 19:45 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-09 19:45 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-09 19:45 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-09 19:45 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-09 19:45 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-09 19:45 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-09 19:45 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-09 19:45 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-09 19:45 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-09 19:45 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-09 19:45 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-09 19:45 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-09 19:45 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-09 19:45 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-09 19:45 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-09 19:45 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-09 19:45 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-09 19:45 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-09 19:45 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-09 19:45 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-09 19:45 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-09 19:45 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-09 19:45 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-09 19:45 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-09 19:45 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-09 19:45 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-09 19:45 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-09 19:45 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-09 19:45 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-09 19:45 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-09 19:45 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-09 19:45 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-09 19:45 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-09 19:45 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-09 19:45 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-09 19:45 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-09 19:45 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-09 19:45 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-09 19:45 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-09 19:45 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-09 19:45 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-09 19:45 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-09 19:45 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-09 19:45 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-09 19:45 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-09 19:45 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-09 19:45 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-09 19:45 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-09 19:45 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-09 19:45 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-09 19:45 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-09 19:45 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-09 19:45 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-09 19:45 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-09 19:45 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-09 19:45 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-09 19:45 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-09 19:45 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-09 19:45 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-09 19:45 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-09 19:45 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-09 19:45 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-09 19:45 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-09 19:45 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-09 19:45 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-09 19:45 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-09 19:45 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-09 19:45 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-09 19:45 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-09 19:45 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-09 19:45 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-09 19:45 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-06-29 14:45 - 2019-06-29 14:45 - 000031744 _____ C:\Users\Katka\Downloads\planovaci-kalendar-2019-CZ.xls
2019-06-29 12:55 - 2019-06-29 12:55 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-06-29 12:55 - 2019-06-29 12:55 - 000225816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-29 12:55 - 2019-06-29 12:55 - 000169112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-22 11:19 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-22 11:09 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-22 11:03 - 2018-06-02 09:19 - 001881544 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-22 11:03 - 2018-04-12 17:50 - 000781248 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-22 11:03 - 2018-04-12 17:50 - 000177796 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-22 11:01 - 2017-10-22 23:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-22 11:00 - 2018-06-23 14:12 - 000000000 ____D C:\Users\Katka\AppData\Local\AVAST Software
2019-07-22 10:59 - 2018-07-09 20:41 - 000025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2019-07-22 10:59 - 2018-07-09 20:41 - 000000514 _____ C:\WINDOWS\Tasks\Avast Driver Updater Startup.job
2019-07-22 10:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-22 10:59 - 2017-10-04 17:36 - 000000000 __SHD C:\Users\Katka\IntelGraphicsProfiles
2019-07-22 10:58 - 2018-06-02 09:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-22 10:58 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-22 10:58 - 2018-01-11 20:55 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForKatka.job
2019-07-22 10:48 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-22 09:28 - 2017-10-07 20:09 - 000000000 ____D C:\Users\Katka\AppData\Roaming\uTorrent
2019-07-22 09:28 - 2017-10-04 18:36 - 000000000 ____D C:\Users\Katka\AppData\Roaming\hpqLog
2019-07-22 09:27 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-22 09:25 - 2018-06-02 09:25 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForKatka
2019-07-22 09:25 - 2017-10-04 18:40 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-22 09:22 - 2017-10-04 19:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-07-22 09:14 - 2017-11-20 18:48 - 000000000 ___RD C:\Users\Katka\3D Objects
2019-07-22 09:14 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-14 14:45 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-14 14:44 - 2018-10-13 12:39 - 000003826 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-14 14:44 - 2018-10-13 12:39 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-07-14 14:44 - 2018-08-05 12:17 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-08-05 12:17 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-08-05 12:17 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-08-05 12:17 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-08-05 12:17 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-07-07 13:10 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-14 14:44 - 2018-07-07 13:10 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-14 14:44 - 2018-06-02 09:25 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-07-14 14:44 - 2018-06-02 09:25 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-14 14:44 - 2018-06-02 09:25 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-14 14:44 - 2018-06-02 09:25 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000002856 _____ C:\WINDOWS\System32\Tasks\HPJumpStartLaunch
2019-07-14 14:44 - 2018-06-02 09:25 - 000002854 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2072171445-3948342329-90923121-1001
2019-07-14 14:44 - 2018-06-02 09:25 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-07-14 14:44 - 2018-06-02 09:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-14 14:44 - 2017-12-01 10:24 - 000000000 ____D C:\Users\Katka\AppData\Local\Ubisoft Game Launcher
2019-07-14 12:47 - 2018-06-02 09:25 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-07-14 12:47 - 2016-11-24 04:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-13 20:08 - 2018-06-02 09:19 - 000002368 _____ C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-13 20:08 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-13 20:08 - 2017-10-04 17:37 - 000000000 ___RD C:\Users\Katka\OneDrive
2019-07-13 20:01 - 2017-10-07 17:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-13 19:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-13 19:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-09 19:38 - 2017-10-07 17:06 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-04 23:25 - 2017-10-07 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-07-04 23:25 - 2017-10-07 20:38 - 000000000 ____D C:\Program Files\7-Zip
2019-06-29 12:55 - 2019-02-13 19:06 - 000549416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-06-29 12:55 - 2019-01-14 18:51 - 000263224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-06-29 12:55 - 2019-01-05 21:06 - 000206056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-06-29 12:55 - 2019-01-05 21:06 - 000061688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-06-29 12:55 - 2018-11-05 07:12 - 000042504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 001030992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000477288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000387392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000209256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-06-29 12:49 - 2019-06-13 21:21 - 000004294 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine VPN Update
2019-06-23 18:43 - 2017-10-08 19:38 - 000000000 ____D C:\Program Files\UNP
2019-06-22 13:35 - 2017-10-08 19:38 - 000000000 ____D C:\Program Files\rempl
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Katka (22-07-2019 11:22:32)
Running from C:\Users\Katka\Downloads
Windows 10 Home Version 1803 17134.885 (X64) (2018-06-02 07:25:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2072171445-3948342329-90923121-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2072171445-3948342329-90923121-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2072171445-3948342329-90923121-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2072171445-3948342329-90923121-501 - Limited - Disabled)
Katka (S-1-5-21-2072171445-3948342329-90923121-1001 - Administrator - Enabled) => C:\Users\Katka
WDAGUtilityAccount (S-1-5-21-2072171445-3948342329-90923121-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Anno 1404 (HKLM-x32\...\Uplay Install 89) (Version: - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7611 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{8804140C-3144-4075-9526-1C662E26CA17}) (Version: 2.5.5 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.5 - AVAST Software)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{7EA1BF8A-65C7-4780-8F2E-3612F22FE8AA}) (Version: 3.14.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3426 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.63 - NVIDIA Corporation) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
ExpressVPN (HKLM-x32\...\{761844fc-6d43-4279-8f64-111c5ff0a78e}) (Version: 7.0.1.7156 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B846CD9325}) (Version: 7.0.1.7156 - ExpressVPN) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP)
HP Audio Switch (HKLM-x32\...\{0C5D69BD-B518-46DB-8471-506CD27F9478}) (Version: 1.0.138.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{1E7D6A6F-E28B-4057-BD4F-9989C1F5353D}) (Version: 1.3.0.423 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{4380D813-39E5-46FD-AC23-FC9A1A8B98AA}) (Version: 1.3.423.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8361.5688 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{DFBDDDB3-D753-4454-84E9-2D3D96E89EFF}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{14D126AD-8249-45B4-B6F0-175939F8F894}) (Version: 12.11.24.11 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{ABE95EB9-5EA1-42A3-8009-BA7602127ED6}) (Version: 1.4.25 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{F5852AA8-30EA-495B-84B4-C2403C935D6F}) (Version: 1.1.19.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BB0C4AC6-0E52-4956-8245-4C715E85FF09}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 13.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.5.5 - KLCP)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Manager (HKLM-x32\...\{BF3644FF-E4CA-4B2F-B664-09C9869376AD}) (Version: 5.0.29.838 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 411.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.63 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.429 - Trusteer)
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
Ovládací panel NVIDIA 411.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.63 - NVIDIA Corporation) Hidden
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.1.28.36004 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{E6BB3749-AC9F-4BDE-84D9-1E22EF689573}) (Version: 5.1.28.35989 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{CC1439A7-3054-4C5F-AF60-7F770DAD7793}) (Version: 5.1.28.35989 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{23AFD2CD-3930-451E-A27C-07A9457CE07F}) (Version: 5.1.28.35989 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.0 - pdfforge GmbH)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.429 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Sweet Home 3D version 5.6 (HKLM\...\Sweet Home 3D_is1) (Version: 5.6 - eTeks)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 45.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2018-06-30] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-02] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-22] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-14] (king.com)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-10-07] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.1.0.6_x86__h6adky7gbf63m [2019-06-22] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-22] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_5.5.13.0_x64__kx24dqmazqk8j [2019-05-25] (Random Salad Games LLC) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2072171445-3948342329-90923121-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\context-menu.dll [2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-10-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxDTCM.dll [2018-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
==================== Loaded Modules (Whitelisted) ==============
2017-12-22 19:13 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2019-03-21 10:16 - 2019-03-21 10:16 - 000303104 _____ () [File not signed] C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.SplitTunnel.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2019-07-22 10:35 - 2019-07-22 10:35 - 000156672 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\a8f472c0e00e1e2dbf326a59eb37a1e1\BRIDGECommon.ni.dll
2019-07-22 10:36 - 2019-07-22 10:36 - 000116736 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\c8e4a8ff4860b105456e4e6f32e846b6\BridgeExtension.ni.dll
2019-07-22 10:36 - 2019-07-22 10:36 - 000329728 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\d55b503fa46d4715e8d96d3948cc7654\CleanStartController.ni.dll
2016-11-24 04:03 - 2016-10-07 16:17 - 001309184 _____ (HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
2019-07-22 10:36 - 2019-07-22 10:36 - 000131072 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\24bf5ebb88d95b71ce480f5873bfa8ce\CommonPortable.ni.dll
2019-07-22 10:36 - 2019-07-22 10:36 - 000157184 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HPJumpStartBridge\e5eb4f6a673b4a70242fc3a587e33c6d\HPJumpStartBridge.ni.exe
2019-03-21 10:16 - 2019-03-21 10:16 - 000368640 _____ (Iain Patterson) [File not signed] C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
2017-12-22 18:40 - 2017-12-22 18:40 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-03-13 20:54 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-01-04 10:22 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DB99AE5A-2AC4-47AF-9E63-DAB25E4E5E08}] => (Allow) D:\Downloads\Hry\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{00089AE8-36AA-4FA4-9E04-58AF70C94508}] => (Allow) D:\Downloads\Hry\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{CF2D976A-5E9D-4B00-A160-4FD1EC5A0F19}] => (Allow) D:\Downloads\Hry\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{D94A4194-EF13-4BAF-8AB7-4F37385C5F58}] => (Allow) D:\Downloads\Hry\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{1A797BCD-3E89-4231-9FAF-C1FC381F14CC}] => (Allow) D:\Downloads\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{30ACCD3B-CA38-40BA-A584-EDFDD7DD289F}] => (Allow) D:\Downloads\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1C2FAAB8-CCBD-4F73-8E3B-CDA177495738}] => (Allow) D:\Downloads\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{76F2D7F8-1E3F-453E-A2AB-89726F86B9FD}] => (Allow) D:\Downloads\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AF812EED-3D5D-4699-8648-CEFA876A8E29}] => (Allow) C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2B654452-D299-4624-B668-FDAB074220C4}] => (Allow) C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C27153ED-28EF-40CE-8762-AC7F966D03AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8FD2CD43-5FBF-4845-9646-34926FFF443E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C55AFC8-904D-47AB-A83F-4C6850AF51F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E13D799-4D2F-47DA-B384-BB20F1CB1861}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{496805E9-786D-40BA-B14F-BF536712B9C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{CA597FE2-0AB9-4B9B-BA22-9211B55DFCA0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{D98B2ED2-F81E-40DD-81F8-291294E571F6}] => (Allow) D:\Hry\Anno 2070\Anno5.exe (Related Designs Software -> Related Designs) [File not signed]
FirewallRules: [{25EDEC65-6822-4EEF-99E6-7F85C545C288}] => (Allow) D:\Hry\Anno 2070\Anno5.exe (Related Designs Software -> Related Designs) [File not signed]
FirewallRules: [{85A9EE73-5085-4DFE-B55A-C36DF9DD6FD8}] => (Allow) D:\Hry\Anno 2070\AutoPatcher.exe (Related Designs Software -> Related Designs Software) [File not signed]
FirewallRules: [{A5AA1263-EEEF-4743-AC29-B34668AE9A02}] => (Allow) D:\Hry\Anno 2070\AutoPatcher.exe (Related Designs Software -> Related Designs Software) [File not signed]
FirewallRules: [{B5371340-7B8D-4016-A81E-454DE40680C7}] => (Allow) D:\Hry\Anno 2070\InitEngine.exe (Related Designs Software -> ) [File not signed]
FirewallRules: [{73C966DC-D8C9-477C-A01B-FDD17EBB4FD1}] => (Allow) D:\Hry\Anno 2070\InitEngine.exe (Related Designs Software -> ) [File not signed]
FirewallRules: [{71973776-0C6B-44FD-9863-822E30DCF6E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{59BDD28E-7AE7-48F6-9124-53CC7F6A9515}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{84C5B358-7C1D-438E-90E5-F3776278A53B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D8C63DB5-BCB7-457C-914E-B5FB22426499}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{775F639B-E2B6-41CA-9AC6-0E56BC851057}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{C1B984AD-6296-47C8-A146-2F486FB58B1E}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{AB7BB8F6-06D0-47CC-9EAB-E4493625AFCD}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{1015A88A-7416-4E91-9B13-BBE9B7F8162F}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{A3A39C26-2078-4FE9-B6C8-363707761AD5}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\tools\Anno4Web.exe () [File not signed]
FirewallRules: [{42E642E5-508E-4683-BCA3-55D3664E1BB6}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\tools\Anno4Web.exe () [File not signed]
FirewallRules: [{E124D112-DB77-4430-86F8-F50162EE06E1}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\tools\AddonWeb.exe No File
FirewallRules: [{B1D0CAA2-95FE-45B7-8EC8-9CD9F3C1D02C}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\tools\AddonWeb.exe No File
FirewallRules: [{CB0E2D8A-6A7F-4AA7-B85D-EEABF09CAB3E}] => (Allow) D:\Downloads\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{25CB711D-A8CD-44C6-B76C-4040D591C190}] => (Allow) D:\Downloads\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E9D5ED19-7D5D-43DC-A6B6-1C26081BFD56}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BE98759E-B9DD-442A-9C11-7221ECB198A8}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{1D6398D8-AC10-407F-90C4-2DAFE677F791}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{63B998F2-1F26-498C-9FA8-40A77278C1E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99482787-BED7-424B-AEBA-840FDF838DBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{09E6136E-A12F-4DF1-AC1D-122531D389E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3FF8AF9-FA2C-49CC-A109-7F07BCD3FAAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1493BC3B-DB27-4E17-BC79-06CF3147DB20}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{0D71EF09-B730-4B13-8452-BAB332B82A0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118.01 GB) (Free:23.76 GB) (20%)
==================== Faulty Device Manager Devices =============
Name: ExpressVPN Tap Adapter
Description: ExpressVPN Tap Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/22/2019 10:59:13 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4004,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Katka\AppData\Local\Microsoft\Windows\WebCache\V0100006.log došlo k chybě -1811 (0xfffff8ed).
Error: (07/14/2019 01:05:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Support\Utils\GDFInstaller.exe se nezdařilo.
Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (07/14/2019 01:05:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Support\Utils\GDFInstaller.exe se nezdařilo.
Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (07/07/2019 02:23:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9687
Error: (07/07/2019 02:23:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9687
Error: (07/07/2019 02:23:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/05/2019 11:28:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9609
Error: (07/05/2019 11:28:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9609
System errors:
=============
Error: (07/22/2019 11:11:13 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-ILMEP1E6)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-ILMEP1E6\Katka (SID: S-1-5-21-2072171445-3948342329-90923121-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 11:08:15 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-ILMEP1E6)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-ILMEP1E6\Katka (SID: S-1-5-21-2072171445-3948342329-90923121-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 11:01:04 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-ILMEP1E6)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-ILMEP1E6\Katka (SID: S-1-5-21-2072171445-3948342329-90923121-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 10:59:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 10:59:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 10:58:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (07/22/2019 10:58:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (07/22/2019 10:58:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
CodeIntegrity:
===================================
Date: 2019-07-22 10:51:22.475
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.429
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.422
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.415
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.406
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.390
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.384
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.354
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
==================== Memory info ===========================
BIOS: Insyde F.48 06/22/2018
Motherboard: HP 8217
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 44%
Total physical RAM: 8077.22 MB
Available physical RAM: 4482.98 MB
Total Virtual: 12429.22 MB
Available Virtual: 7207.36 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:23.76 GB) NTFS
Drive d: (DATA) (Fixed) (Total:919.78 GB) (Free:75.13 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:11.73 GB) (Free:1.42 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Removable) (Total:14.31 GB) (Free:1.54 GB) FAT32
\\?\Volume{eab14c7b-26ad-4664-b671-2d042d1c86eb}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.47 GB) NTFS
\\?\Volume{29b57022-759f-4931-ad47-33dbd9a71362}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 3DCEC070)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 65A4602B)
Partition: GPT.
========================================================
Disk: 2 (Protective MBR) (Size: 14.3 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
letos podruhé mi někdo ukradl účet na Steamu, potřebuji pomoc s tím, jak se to stalo, moc už na compu nehraju, nejsem si jistá, kdy k tomu došlo, naposledy jsem hrála asi v květnu.
Stáhla jsem si malwarebytes a malwerbytes adw cleaner a projela je, aktuální FRST níže.
Předem děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Katka (administrator) on LAPTOP-ILMEP1E6 (HP HP Pavilion Notebook) (22-07-2019 11:20:47)
Running from C:\Users\Katka\Downloads
Loaded Profiles: Katka (Available Profiles: defaultuser0 & Katka)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Express Vpn LLC -> ) C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVPN.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpnNotificationService.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Iain Patterson) [File not signed] C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP Inc. -> HP)
HKLM-x32\...\Run: [ExpressVpnNotificationService] => C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpnNotificationService.exe [773248 2019-03-21] (Express Vpn LLC -> ExpressVPN)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7592008 2019-03-14] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVPN.exe [799872 2019-03-21] (Express Vpn LLC -> ExpressVPN)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2017-12-22]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-06-13]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08442C7B-4ADB-449C-96F5-63E671344E23} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {09DD0D33-6133-44A6-B26E-D3513B44C17A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0CB27EDF-2273-4BAF-AE7A-31B2018A2B40} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {0CF74098-61EC-486C-BE08-90B4DA636F74} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F2B0386-F1AF-4669-9CB3-D3A17B937870} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {11AC67F5-2381-4941-8D3B-C0401367165E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)
Task: {12D4BFBB-330D-4BB8-9963-7FFEFD3D6D3D} - System32\Tasks\{E6FA35FB-C726-4A62-A64B-0B983B2DEC6A} => C:\windows\system32\pcalua.exe -a D:\Hry\Anno\Anno4.exe -d D:\Hry\Anno
Task: {12F6025D-B4DE-4DB5-A586-AA1B66B601E5} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {132A6084-C34E-4CE3-880B-1947C0C97E74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Restart => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {164046F5-AF05-4664-98DE-7690966AEB9F} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356008 2016-01-21] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {193AB150-7CD3-4ED4-BD08-787B47FEADA1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AA6A51D-5716-4E1A-96CE-8E54588D6525} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2017-09-22] () [File not signed]
Task: {1EB5F7DC-CF1D-426F-ABC7-E41956923099} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {21442B86-A133-4F66-AD77-FDAEA1083381} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {2D4C6965-AB05-4EB4-89A3-5C3A83C166F4} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30497576 2018-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {34167FEA-4790-4BE2-802B-7507E9394EBC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)
Task: {34ED2C15-5DB6-457A-B9E7-8B5E6D318561} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3B056D74-BDFE-4412-B429-319C2AC6B921} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\HP\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [29184 2016-08-29] (HP Inc.) [File not signed]
Task: {3D25901D-ACB8-4360-8ADB-4A03FE5862A5} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {52DA02D5-E647-4D25-AF92-666987529714} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)
Task: {53DFAC32-7EEF-4598-81B1-9053D97DFFC0} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-08-31] (Dropbox, Inc -> )
Task: {6B066064-63C9-480A-BB48-0000D6CB9CF7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
Task: {6E86D434-90B6-4CD7-80C5-76B302889961} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1392008 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {7474F262-A818-4333-838A-6AA9E1BAEBA5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {79AF99D1-7079-47C3-BD1F-430763C4A222} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7A1B6AEB-93E6-4B1A-BD6C-D06845770AEF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-13] (Adobe Inc. -> Adobe)
Task: {7F3D96E7-976D-40A0-9D1F-B6FF8432D018} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7FE8922C-ABF5-4366-AB5C-4851DCF1F4E8} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-07-28] (HP Inc. -> )
Task: {8005BECA-9F04-42F0-8029-1ACE2C3DB226} - System32\Tasks\HPCeeScheduleForKatka => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99392 2016-05-12] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {82D0C186-27A6-4C4E-946F-251406A1B621} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-04] (Google Inc -> Google Inc.)
Task: {8332FEF1-CDF8-407A-BAF1-6BCE017BF846} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8A9C61A9-D33C-4D56-B963-B168294F1810} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D231062-3781-4187-8A0B-22F9F70C4A8D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590704 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {904202B6-6BA7-4473-BD40-04C642ACA801} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {999E6C24-D546-45DB-85E4-A914EF8619CE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E83FB29-00EE-4DB3-9BC6-AF2135241508} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A467A2BF-0BCE-4B98-89B1-5747723A5975} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {AAABE4CC-BBC3-4F93-97A0-0FB59A0F719A} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1657880 2016-10-04] (HP Inc. -> HP Inc.)
Task: {AAEEAEA7-55A6-4A3B-8FA4-902CCEE4E3D6} - System32\Tasks\{A8C42E80-3BFB-4D5A-B765-E5B1504DB54C} => C:\windows\system32\pcalua.exe -a D:\Hry\Anno4.exe -d D:\Hry
Task: {AF73A7D4-84F0-45FA-B960-CCAB90373FDB} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2B7C191-B44A-464F-933C-86A6C7C02BDC} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C32318D8-38A9-4D1F-BA68-0BCF7AE36C7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {C8B4931B-3A18-472B-84F3-797923EA1351} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {D8D43D6F-D767-4DF2-AECB-DE69B0DC08C5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3728752 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DECE7FC7-17C9-45FF-BA69-3FDE9963DBC5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEE5E70A-D8DC-4108-82A6-288CF4253944} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648048 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1575D0A-B35E-4EAF-9AA4-AFC9F339B2EA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {E981844E-846B-4B79-BAC1-241BF16397F6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-13] (Adobe Inc. -> Adobe)
Task: {F5B6D126-A4E6-49CD-AFD2-119F83F25DE5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8B9DBD5-F9FC-41CD-B832-421525C1275B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-04] (Google Inc -> Google Inc.)
Task: {FE9F30EC-D9DA-4502-82F2-F121BD0D3180} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForKatka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{341d9250-66fa-4247-af55-71a5eb330741}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{566ebe3f-c46e-4c6b-847c-54e80ebbeed4}: [DhcpNameServer] 40.23.1.12
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {04B0B942-68B9-48EB-9999-E3C1BE93B2D6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {04B0B942-68B9-48EB-9999-E3C1BE93B2D6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2072171445-3948342329-90923121-1001 -> {04B0B942-68B9-48EB-9999-E3C1BE93B2D6} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2072171445-3948342329-90923121-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10454__180527__yaie&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-10-12] (HP Inc. -> HP Inc.)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator\plugins\IEAddin\creator-ie-helper.dll [2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-10-12] (HP Inc. -> HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator\plugins\IEAddin\creator-ie-plugin.dll [2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 5 -> C:\Program Files (x86)\PDF Architect 5\np-previewer.dll [2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://private.searchplanet.online/search/?category=web&s=59pr&q={searchTerms}
CHR DefaultSearchKeyword: Default -> TheSafe Search
CHR DefaultSuggestURL: Default -> hxxp://sug.searchplanet.online/search/index_sg.php?q={searchTerms}
CHR Profile: C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default [2019-07-22]
CHR Extension: (Prezentace) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (IBM Security Rapport) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-07-22]
CHR Extension: (YouTube) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-15]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Hudba Google Play) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-10-06]
CHR Extension: (Tabulky) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Avast Online Security) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-22]
CHR Extension: (TheSafe Search) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\himbhnomjioebmhjcglcehjabdcfjknh [2019-07-22]
CHR Extension: (Gaco) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkifijeoijjinpjckmlgedfhpeflakd [2018-07-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (MyTopMovies New Tab) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\odnihbmlbfmfjpgdbbmhdieojmdemnha [2019-07-22]
CHR Extension: (Gmail) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-07]
CHR HKU\S-1-5-21-2072171445-3948342329-90923121-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [423288 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10285680 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc -> Dropbox, Inc.)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-19] (Intel Corporation - pGFX -> Intel Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [368640 2019-03-21] (Iain Patterson) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-03-14] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-03-14] (GOG Sp. z o.o. -> GOG.com)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-07-28] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [356728 2019-06-12] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S4 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2832560 2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator\common\creator-ws.exe [874680 2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [1250592 2018-10-05] (pdfforge GmbH -> © pdfforge GmbH.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5274560 2019-04-15] (IBM -> IBM Corp.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7343496 2019-07-22] (AVAST Software s.r.o. -> AVAST Software)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169112 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [549416 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030992 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-10-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387392 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2017-10-05] (Tages SA -> )
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-09-19] (Intel Corporation -> Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-07] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-07] (Disc Soft Ltd -> Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-09-19] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28160 2019-03-21] (ExprsVPN LLC -> )
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2017-10-05] (Tages SA -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 NVHDA; C:\WINDOWS\system32\drivers\nvhda64v.sys [218968 2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_da7d9a362931e747\nvlddmkm.sys [20177280 2018-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [503000 2019-04-15] (IBM -> IBM Corp.)
R1 RapportCerberus_1930415; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930415.sys [1659544 2019-04-03] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [727000 2019-04-15] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [463408 2019-04-15] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [766616 2019-04-15] (IBM -> IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-02-15] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-08-22] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2019-07-22] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2019-02-12] (ExprsVPN LLC -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-05-16] (HP Inc. -> HP)
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-22 11:20 - 2019-07-22 11:21 - 000044956 _____ C:\Users\Katka\Downloads\FRST.txt
2019-07-22 11:19 - 2019-07-22 11:20 - 000000000 ____D C:\FRST
2019-07-22 11:18 - 2019-07-22 11:18 - 002095104 _____ (Farbar) C:\Users\Katka\Downloads\FRST64.exe
2019-07-22 11:00 - 2019-07-22 11:00 - 000002330 _____ C:\Users\Katka\Desktop\AdwCleaner[C00].txt
2019-07-22 10:59 - 2019-07-22 10:59 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-07-22 10:59 - 2019-07-22 10:59 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-07-22 10:59 - 2019-07-22 10:59 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-07-22 10:59 - 2019-07-22 10:59 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-07-22 10:58 - 2019-07-22 10:59 - 000388016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-22 10:57 - 2019-07-22 10:58 - 000000000 ____D C:\AdwCleaner
2019-07-22 10:57 - 2019-07-22 10:57 - 007025360 _____ (Malwarebytes) C:\Users\Katka\Downloads\adwcleaner_7.3.exe
2019-07-22 10:48 - 2019-07-22 10:48 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-07-22 10:48 - 2019-07-22 10:48 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\Users\Katka\AppData\Local\mbamtray
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\Users\Katka\AppData\Local\mbam
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-22 10:48 - 2019-07-22 10:48 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-22 10:48 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-22 10:48 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-22 10:46 - 2019-07-22 10:47 - 064688416 _____ (Malwarebytes ) C:\Users\Katka\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11654.exe
2019-07-09 19:45 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-09 19:45 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-09 19:45 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-09 19:45 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-09 19:45 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-09 19:45 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-09 19:45 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-09 19:45 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-09 19:45 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-09 19:45 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-09 19:45 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-09 19:45 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-09 19:45 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-09 19:45 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-09 19:45 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-09 19:45 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-09 19:45 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-09 19:45 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-09 19:45 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-09 19:45 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-09 19:45 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-09 19:45 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-09 19:45 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-09 19:45 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-09 19:45 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-09 19:45 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-09 19:45 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-09 19:45 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-09 19:45 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-09 19:45 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-09 19:45 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-09 19:45 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-09 19:45 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-09 19:45 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-09 19:45 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-09 19:45 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-09 19:45 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-09 19:45 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-09 19:45 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-09 19:45 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-09 19:45 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-09 19:45 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-09 19:45 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-09 19:45 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-09 19:45 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-09 19:45 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-09 19:45 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-09 19:45 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-09 19:45 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-09 19:45 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-09 19:45 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-09 19:45 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-09 19:45 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-09 19:45 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-09 19:45 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-09 19:45 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-09 19:45 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-09 19:45 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-09 19:45 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-09 19:45 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-09 19:45 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-09 19:45 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-09 19:45 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-09 19:45 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-09 19:45 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-09 19:45 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-09 19:45 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-09 19:45 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-09 19:45 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-09 19:45 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-09 19:45 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-09 19:45 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-09 19:45 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-09 19:45 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-09 19:45 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-09 19:45 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-09 19:45 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-09 19:45 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-09 19:45 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-09 19:45 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-09 19:45 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-09 19:45 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-09 19:45 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-09 19:45 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-09 19:45 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-09 19:45 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-09 19:45 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-09 19:45 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-09 19:45 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-09 19:45 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-09 19:45 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-09 19:45 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-09 19:45 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-09 19:45 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-09 19:45 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-09 19:45 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-09 19:45 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-09 19:45 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-09 19:45 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-09 19:45 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-09 19:45 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-09 19:45 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-09 19:45 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-09 19:45 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-09 19:45 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-09 19:45 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-09 19:45 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-09 19:45 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-09 19:45 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-09 19:45 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-09 19:45 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-09 19:45 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-09 19:45 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-09 19:45 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-09 19:45 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-09 19:45 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-09 19:45 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-09 19:45 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-09 19:45 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-09 19:45 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-09 19:45 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-09 19:45 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-09 19:45 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-09 19:45 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-09 19:45 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-09 19:45 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-09 19:45 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-09 19:45 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-09 19:45 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-09 19:45 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-09 19:45 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-09 19:45 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-09 19:45 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-09 19:45 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-09 19:45 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-09 19:45 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-09 19:45 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-09 19:45 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-09 19:45 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-09 19:45 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-09 19:45 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-09 19:45 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-09 19:45 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-09 19:45 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-09 19:45 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-09 19:45 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-09 19:45 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-09 19:45 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-09 19:45 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-09 19:45 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-09 19:45 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-09 19:45 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-09 19:45 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-09 19:45 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-09 19:45 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-09 19:45 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-09 19:45 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-09 19:45 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-09 19:45 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-09 19:45 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-09 19:45 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-09 19:45 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-09 19:45 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-09 19:45 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-09 19:45 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-09 19:45 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-09 19:45 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-09 19:45 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-09 19:45 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-09 19:45 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-09 19:45 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-09 19:45 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-09 19:45 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-09 19:45 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-09 19:45 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-09 19:45 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-09 19:45 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-09 19:45 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-09 19:45 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-09 19:45 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-09 19:45 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-09 19:45 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-06-29 14:45 - 2019-06-29 14:45 - 000031744 _____ C:\Users\Katka\Downloads\planovaci-kalendar-2019-CZ.xls
2019-06-29 12:55 - 2019-06-29 12:55 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-06-29 12:55 - 2019-06-29 12:55 - 000225816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-29 12:55 - 2019-06-29 12:55 - 000169112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-22 11:19 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-22 11:09 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-22 11:03 - 2018-06-02 09:19 - 001881544 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-22 11:03 - 2018-04-12 17:50 - 000781248 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-22 11:03 - 2018-04-12 17:50 - 000177796 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-22 11:01 - 2017-10-22 23:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-22 11:00 - 2018-06-23 14:12 - 000000000 ____D C:\Users\Katka\AppData\Local\AVAST Software
2019-07-22 10:59 - 2018-07-09 20:41 - 000025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2019-07-22 10:59 - 2018-07-09 20:41 - 000000514 _____ C:\WINDOWS\Tasks\Avast Driver Updater Startup.job
2019-07-22 10:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-22 10:59 - 2017-10-04 17:36 - 000000000 __SHD C:\Users\Katka\IntelGraphicsProfiles
2019-07-22 10:58 - 2018-06-02 09:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-22 10:58 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-22 10:58 - 2018-01-11 20:55 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForKatka.job
2019-07-22 10:48 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-22 09:28 - 2017-10-07 20:09 - 000000000 ____D C:\Users\Katka\AppData\Roaming\uTorrent
2019-07-22 09:28 - 2017-10-04 18:36 - 000000000 ____D C:\Users\Katka\AppData\Roaming\hpqLog
2019-07-22 09:27 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-22 09:25 - 2018-06-02 09:25 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForKatka
2019-07-22 09:25 - 2017-10-04 18:40 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-22 09:22 - 2017-10-04 19:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-07-22 09:14 - 2017-11-20 18:48 - 000000000 ___RD C:\Users\Katka\3D Objects
2019-07-22 09:14 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-14 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-14 14:45 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-14 14:44 - 2018-10-13 12:39 - 000003826 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-14 14:44 - 2018-10-13 12:39 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-07-14 14:44 - 2018-08-05 12:17 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-08-05 12:17 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-08-05 12:17 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-08-05 12:17 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-08-05 12:17 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-07-07 13:10 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-14 14:44 - 2018-07-07 13:10 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-14 14:44 - 2018-06-02 09:25 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-07-14 14:44 - 2018-06-02 09:25 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-14 14:44 - 2018-06-02 09:25 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-14 14:44 - 2018-06-02 09:25 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000002856 _____ C:\WINDOWS\System32\Tasks\HPJumpStartLaunch
2019-07-14 14:44 - 2018-06-02 09:25 - 000002854 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2072171445-3948342329-90923121-1001
2019-07-14 14:44 - 2018-06-02 09:25 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-14 14:44 - 2018-06-02 09:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-07-14 14:44 - 2018-06-02 09:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-14 14:44 - 2017-12-01 10:24 - 000000000 ____D C:\Users\Katka\AppData\Local\Ubisoft Game Launcher
2019-07-14 12:47 - 2018-06-02 09:25 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-07-14 12:47 - 2016-11-24 04:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-13 20:08 - 2018-06-02 09:19 - 000002368 _____ C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-13 20:08 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-13 20:08 - 2017-10-04 17:37 - 000000000 ___RD C:\Users\Katka\OneDrive
2019-07-13 20:01 - 2017-10-07 17:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-13 19:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-13 19:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-09 19:38 - 2017-10-07 17:06 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-04 23:25 - 2017-10-07 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-07-04 23:25 - 2017-10-07 20:38 - 000000000 ____D C:\Program Files\7-Zip
2019-06-29 12:55 - 2019-02-13 19:06 - 000549416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-06-29 12:55 - 2019-01-14 18:51 - 000263224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-06-29 12:55 - 2019-01-05 21:06 - 000206056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-06-29 12:55 - 2019-01-05 21:06 - 000061688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-06-29 12:55 - 2018-11-05 07:12 - 000042504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 001030992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000477288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000387392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000209256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-06-29 12:55 - 2017-11-19 18:37 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-06-29 12:49 - 2019-06-13 21:21 - 000004294 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine VPN Update
2019-06-23 18:43 - 2017-10-08 19:38 - 000000000 ____D C:\Program Files\UNP
2019-06-22 13:35 - 2017-10-08 19:38 - 000000000 ____D C:\Program Files\rempl
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Katka (22-07-2019 11:22:32)
Running from C:\Users\Katka\Downloads
Windows 10 Home Version 1803 17134.885 (X64) (2018-06-02 07:25:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2072171445-3948342329-90923121-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2072171445-3948342329-90923121-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2072171445-3948342329-90923121-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2072171445-3948342329-90923121-501 - Limited - Disabled)
Katka (S-1-5-21-2072171445-3948342329-90923121-1001 - Administrator - Enabled) => C:\Users\Katka
WDAGUtilityAccount (S-1-5-21-2072171445-3948342329-90923121-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Anno 1404 (HKLM-x32\...\Uplay Install 89) (Version: - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7611 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{8804140C-3144-4075-9526-1C662E26CA17}) (Version: 2.5.5 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.5 - AVAST Software)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{7EA1BF8A-65C7-4780-8F2E-3612F22FE8AA}) (Version: 3.14.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3426 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.63 - NVIDIA Corporation) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
ExpressVPN (HKLM-x32\...\{761844fc-6d43-4279-8f64-111c5ff0a78e}) (Version: 7.0.1.7156 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B846CD9325}) (Version: 7.0.1.7156 - ExpressVPN) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP)
HP Audio Switch (HKLM-x32\...\{0C5D69BD-B518-46DB-8471-506CD27F9478}) (Version: 1.0.138.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{1E7D6A6F-E28B-4057-BD4F-9989C1F5353D}) (Version: 1.3.0.423 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{4380D813-39E5-46FD-AC23-FC9A1A8B98AA}) (Version: 1.3.423.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8361.5688 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{DFBDDDB3-D753-4454-84E9-2D3D96E89EFF}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{14D126AD-8249-45B4-B6F0-175939F8F894}) (Version: 12.11.24.11 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{ABE95EB9-5EA1-42A3-8009-BA7602127ED6}) (Version: 1.4.25 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{F5852AA8-30EA-495B-84B4-C2403C935D6F}) (Version: 1.1.19.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BB0C4AC6-0E52-4956-8245-4C715E85FF09}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 13.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.5.5 - KLCP)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Manager (HKLM-x32\...\{BF3644FF-E4CA-4B2F-B664-09C9869376AD}) (Version: 5.0.29.838 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 411.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.63 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.429 - Trusteer)
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
Ovládací panel NVIDIA 411.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.63 - NVIDIA Corporation) Hidden
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.1.28.36004 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{E6BB3749-AC9F-4BDE-84D9-1E22EF689573}) (Version: 5.1.28.35989 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{CC1439A7-3054-4C5F-AF60-7F770DAD7793}) (Version: 5.1.28.35989 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{23AFD2CD-3930-451E-A27C-07A9457CE07F}) (Version: 5.1.28.35989 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.0 - pdfforge GmbH)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.429 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Sweet Home 3D version 5.6 (HKLM\...\Sweet Home 3D_is1) (Version: 5.6 - eTeks)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 45.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2018-06-30] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-02] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-22] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-14] (king.com)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-10-07] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.1.0.6_x86__h6adky7gbf63m [2019-06-22] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-22] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_5.5.13.0_x64__kx24dqmazqk8j [2019-05-25] (Random Salad Games LLC) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2072171445-3948342329-90923121-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\context-menu.dll [2017-11-29] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-10-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxDTCM.dll [2018-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
==================== Loaded Modules (Whitelisted) ==============
2017-12-22 19:13 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2019-03-21 10:16 - 2019-03-21 10:16 - 000303104 _____ () [File not signed] C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.SplitTunnel.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2019-07-22 10:35 - 2019-07-22 10:35 - 000156672 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\a8f472c0e00e1e2dbf326a59eb37a1e1\BRIDGECommon.ni.dll
2019-07-22 10:36 - 2019-07-22 10:36 - 000116736 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\c8e4a8ff4860b105456e4e6f32e846b6\BridgeExtension.ni.dll
2019-07-22 10:36 - 2019-07-22 10:36 - 000329728 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\d55b503fa46d4715e8d96d3948cc7654\CleanStartController.ni.dll
2016-11-24 04:03 - 2016-10-07 16:17 - 001309184 _____ (HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
2019-07-22 10:36 - 2019-07-22 10:36 - 000131072 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\24bf5ebb88d95b71ce480f5873bfa8ce\CommonPortable.ni.dll
2019-07-22 10:36 - 2019-07-22 10:36 - 000157184 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HPJumpStartBridge\e5eb4f6a673b4a70242fc3a587e33c6d\HPJumpStartBridge.ni.exe
2019-03-21 10:16 - 2019-03-21 10:16 - 000368640 _____ (Iain Patterson) [File not signed] C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
2017-12-22 18:40 - 2017-12-22 18:40 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-03-13 20:54 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-01-04 10:22 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2072171445-3948342329-90923121-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DB99AE5A-2AC4-47AF-9E63-DAB25E4E5E08}] => (Allow) D:\Downloads\Hry\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{00089AE8-36AA-4FA4-9E04-58AF70C94508}] => (Allow) D:\Downloads\Hry\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{CF2D976A-5E9D-4B00-A160-4FD1EC5A0F19}] => (Allow) D:\Downloads\Hry\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{D94A4194-EF13-4BAF-8AB7-4F37385C5F58}] => (Allow) D:\Downloads\Hry\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{1A797BCD-3E89-4231-9FAF-C1FC381F14CC}] => (Allow) D:\Downloads\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{30ACCD3B-CA38-40BA-A584-EDFDD7DD289F}] => (Allow) D:\Downloads\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1C2FAAB8-CCBD-4F73-8E3B-CDA177495738}] => (Allow) D:\Downloads\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{76F2D7F8-1E3F-453E-A2AB-89726F86B9FD}] => (Allow) D:\Downloads\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AF812EED-3D5D-4699-8648-CEFA876A8E29}] => (Allow) C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2B654452-D299-4624-B668-FDAB074220C4}] => (Allow) C:\Users\Katka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C27153ED-28EF-40CE-8762-AC7F966D03AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8FD2CD43-5FBF-4845-9646-34926FFF443E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C55AFC8-904D-47AB-A83F-4C6850AF51F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E13D799-4D2F-47DA-B384-BB20F1CB1861}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{496805E9-786D-40BA-B14F-BF536712B9C5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{CA597FE2-0AB9-4B9B-BA22-9211B55DFCA0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{D98B2ED2-F81E-40DD-81F8-291294E571F6}] => (Allow) D:\Hry\Anno 2070\Anno5.exe (Related Designs Software -> Related Designs) [File not signed]
FirewallRules: [{25EDEC65-6822-4EEF-99E6-7F85C545C288}] => (Allow) D:\Hry\Anno 2070\Anno5.exe (Related Designs Software -> Related Designs) [File not signed]
FirewallRules: [{85A9EE73-5085-4DFE-B55A-C36DF9DD6FD8}] => (Allow) D:\Hry\Anno 2070\AutoPatcher.exe (Related Designs Software -> Related Designs Software) [File not signed]
FirewallRules: [{A5AA1263-EEEF-4743-AC29-B34668AE9A02}] => (Allow) D:\Hry\Anno 2070\AutoPatcher.exe (Related Designs Software -> Related Designs Software) [File not signed]
FirewallRules: [{B5371340-7B8D-4016-A81E-454DE40680C7}] => (Allow) D:\Hry\Anno 2070\InitEngine.exe (Related Designs Software -> ) [File not signed]
FirewallRules: [{73C966DC-D8C9-477C-A01B-FDD17EBB4FD1}] => (Allow) D:\Hry\Anno 2070\InitEngine.exe (Related Designs Software -> ) [File not signed]
FirewallRules: [{71973776-0C6B-44FD-9863-822E30DCF6E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{59BDD28E-7AE7-48F6-9124-53CC7F6A9515}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{84C5B358-7C1D-438E-90E5-F3776278A53B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D8C63DB5-BCB7-457C-914E-B5FB22426499}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{775F639B-E2B6-41CA-9AC6-0E56BC851057}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{C1B984AD-6296-47C8-A146-2F486FB58B1E}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{AB7BB8F6-06D0-47CC-9EAB-E4493625AFCD}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{1015A88A-7416-4E91-9B13-BBE9B7F8162F}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{A3A39C26-2078-4FE9-B6C8-363707761AD5}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\tools\Anno4Web.exe () [File not signed]
FirewallRules: [{42E642E5-508E-4683-BCA3-55D3664E1BB6}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\tools\Anno4Web.exe () [File not signed]
FirewallRules: [{E124D112-DB77-4430-86F8-F50162EE06E1}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\tools\AddonWeb.exe No File
FirewallRules: [{B1D0CAA2-95FE-45B7-8EC8-9CD9F3C1D02C}] => (Allow) D:\Hry\Ubisoft Game Launcher\games\Anno 1404\tools\AddonWeb.exe No File
FirewallRules: [{CB0E2D8A-6A7F-4AA7-B85D-EEABF09CAB3E}] => (Allow) D:\Downloads\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{25CB711D-A8CD-44C6-B76C-4040D591C190}] => (Allow) D:\Downloads\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E9D5ED19-7D5D-43DC-A6B6-1C26081BFD56}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BE98759E-B9DD-442A-9C11-7221ECB198A8}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{1D6398D8-AC10-407F-90C4-2DAFE677F791}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{63B998F2-1F26-498C-9FA8-40A77278C1E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99482787-BED7-424B-AEBA-840FDF838DBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{09E6136E-A12F-4DF1-AC1D-122531D389E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3FF8AF9-FA2C-49CC-A109-7F07BCD3FAAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1493BC3B-DB27-4E17-BC79-06CF3147DB20}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{0D71EF09-B730-4B13-8452-BAB332B82A0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118.01 GB) (Free:23.76 GB) (20%)
==================== Faulty Device Manager Devices =============
Name: ExpressVPN Tap Adapter
Description: ExpressVPN Tap Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/22/2019 10:59:13 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4004,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Katka\AppData\Local\Microsoft\Windows\WebCache\V0100006.log došlo k chybě -1811 (0xfffff8ed).
Error: (07/14/2019 01:05:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Support\Utils\GDFInstaller.exe se nezdařilo.
Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (07/14/2019 01:05:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\Hry\Ubisoft Game Launcher\games\Anno 1404\Support\Utils\GDFInstaller.exe se nezdařilo.
Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (07/07/2019 02:23:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9687
Error: (07/07/2019 02:23:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9687
Error: (07/07/2019 02:23:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/05/2019 11:28:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9609
Error: (07/05/2019 11:28:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9609
System errors:
=============
Error: (07/22/2019 11:11:13 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-ILMEP1E6)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-ILMEP1E6\Katka (SID: S-1-5-21-2072171445-3948342329-90923121-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 11:08:15 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-ILMEP1E6)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-ILMEP1E6\Katka (SID: S-1-5-21-2072171445-3948342329-90923121-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 11:01:04 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-ILMEP1E6)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-ILMEP1E6\Katka (SID: S-1-5-21-2072171445-3948342329-90923121-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 10:59:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 10:59:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (07/22/2019 10:58:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (07/22/2019 10:58:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (07/22/2019 10:58:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
CodeIntegrity:
===================================
Date: 2019-07-22 10:51:22.475
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.429
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.422
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.415
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.406
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.390
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.384
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-22 10:51:22.354
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
==================== Memory info ===========================
BIOS: Insyde F.48 06/22/2018
Motherboard: HP 8217
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 44%
Total physical RAM: 8077.22 MB
Available physical RAM: 4482.98 MB
Total Virtual: 12429.22 MB
Available Virtual: 7207.36 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:23.76 GB) NTFS
Drive d: (DATA) (Fixed) (Total:919.78 GB) (Free:75.13 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:11.73 GB) (Free:1.42 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Removable) (Total:14.31 GB) (Free:1.54 GB) FAT32
\\?\Volume{eab14c7b-26ad-4664-b671-2d042d1c86eb}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.47 GB) NTFS
\\?\Volume{29b57022-759f-4931-ad47-33dbd9a71362}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 3DCEC070)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 65A4602B)
Partition: GPT.
========================================================
Disk: 2 (Protective MBR) (Size: 14.3 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================