Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prevence, zpomalený pc

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
GuerrCZ
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 25 srp 2014 17:10

Prevence, zpomalený pc

#1 Příspěvek od GuerrCZ »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by Jan Jonáš (administrator) on DESKTOP-11NN74O (Gigabyte Technology Co., Ltd. P67-DS3-B3) (09-07-2019 18:29:35)
Running from C:\Users\Jan Jonáš\Desktop
Loaded Profiles: Jan Jonáš (Available Profiles: Jan Jonáš)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta\Todoist.Universal.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1903.1006.0_x64__8wekyb3d8bbwe\Time.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.30.20002.0_x64__8wekyb3d8bbwe\GameBar.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.30.20002.0_x64__8wekyb3d8bbwe\GameBarFT.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0339583.inf_amd64_c5be1e62234928ae\B339442\atiesrxx.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Jan Jonáš\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HearthSim, LLC -> HearthSim) C:\Users\Jan Jonáš\AppData\Local\HearthstoneDeckTracker\app-1.8.13\HearthstoneDeckTracker.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(ownCloud) [File not signed] C:\Program Files (x86)\ownCloud\owncloud.exe
(Thermo Fisher Scientific Inc. -> Thermo Fisher Scientific Inc.) C:\Program Files (x86)\omnic\ThermoBenchService.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\!Torrent\utorrent.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3148576 2019-06-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [Discord] => C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [IrisMini] => "C:\Users\Jan Jonáš\AppData\Local\Iris mini\iris-mini-dynamic.exe"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [3136000 2019-03-18] (ownCloud) [File not signed]
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Jan Jonáš\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-06-06] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-06-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05732024-9BFB-4077-9C81-8E5C2AC7AB11} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {057F2680-CA2D-4CB7-92B3-4312D82F80EF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504376 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {138DDADE-EFCC-48BA-A5DC-4DC2C29A9AD4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2107257D-E8FC-47E2-B764-57D0102DF676} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D19AF5D-D9E7-460D-B42B-17F995378DF6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {57B2D781-1CBD-4349-BA63-F4E0E20991BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {616DEB01-D99E-4743-B0B8-D15B92241FA4} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-02-20] (Advanced Micro Devices, Inc.) [File not signed]
Task: {6E72EF86-FA77-4563-ADD9-AA951798895B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {73D9EA96-12FF-4C00-9512-925CF02CB765} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-02-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7A983BD1-8FE9-4B71-88C8-0E2CFF5819B3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {801B9287-D447-45B2-BF7B-1B69C825A74C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E7E9851-961A-471B-9A2E-4FB8596DFDB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93D35032-86AA-453A-A4F4-8D34EA9D4C36} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {99B1715C-59DF-4EE2-808C-684CEA55CDF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {9C72770B-DFD3-415E-A944-53C531181E7D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {AB67B64B-2AFE-4E77-AB1C-DD7ABA896374} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD5788A6-B136-46FD-9597-E3A621C843C4} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-02-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B83D8B82-1A1B-4486-ACC0-F75AD0F74388} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-02-20] (Advanced Micro Devices, Inc.) [File not signed]
Task: {C197D0CD-D841-4369-BE1F-4004F04614DA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D2ACE3BB-293B-4E4E-A7A3-CD2FFFBE02C9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2B16D72-6FFE-4A05-AC61-1FD1F9F3269D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [768296 2019-02-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {D8BF824C-026A-49E3-A330-6F7C0FF6B0B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{34919667-8fef-431e-8504-81d3e4f3df39}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default [2019-07-09]
CHR Extension: (Prezentace) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-21]
CHR Extension: (Dokumenty) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-21]
CHR Extension: (Disk Google) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-21]
CHR Extension: (AutoJoin for SteamGifts) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bchhlccjhoedhhegglilngpbnldfcidc [2019-02-21]
CHR Extension: (YouTube) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-22]
CHR Extension: (Steam Inventory Helper) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2019-06-29]
CHR Extension: (Adblock na Youtube™) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-03-23]
CHR Extension: (Tabulky) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-21]
CHR Extension: (The Great Suspender) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2019-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-21]
CHR Extension: (Enhanced Steam) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2019-02-21]
CHR Extension: (Gmail) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0339583.inf_amd64_c5be1e62234928ae\B339442\atiesrxx.exe [509048 2019-02-25] (Advanced Micro Devices, Inc. -> AMD)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-02-20] (AMD) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-03-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2329392 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3203888 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2019-07-09] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TMSRVC; C:\program files (x86)\omnic\ThermoBenchService.exe [283528 2012-11-29] (Thermo Fisher Scientific Inc. -> Thermo Fisher Scientific Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0339583.inf_amd64_c5be1e62234928ae\B339442\atikmdag.sys [52881528 2019-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0339583.inf_amd64_c5be1e62234928ae\B339442\atikmpag.sys [590968 2019-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4233728 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-09 18:29 - 2019-07-09 18:32 - 000025079 _____ C:\Users\Jan Jonáš\Desktop\FRST.txt
2019-07-09 18:29 - 2019-07-09 18:29 - 000000000 ____D C:\FRST
2019-07-09 17:51 - 2019-07-09 18:09 - 000000000 ____D C:\Users\Jan Jonáš\Downloads\Mr. Bean - The Complete Collection (1990-2007)
2019-07-09 16:10 - 2019-07-09 16:11 - 000000000 ____D C:\AdwCleaner
2019-07-09 16:00 - 2019-07-09 16:00 - 007025360 _____ (Malwarebytes) C:\Users\Jan Jonáš\Desktop\AdwCleaner.exe
2019-07-09 16:00 - 2019-07-09 16:00 - 002420224 _____ (Farbar) C:\Users\Jan Jonáš\Desktop\FRST64.exe
2019-07-09 13:14 - 2019-07-09 13:19 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2019-07-09 13:14 - 2019-07-09 13:15 - 000000000 ____D C:\Users\Jan Jonáš\Documents\Battlefield 3
2019-07-09 13:14 - 2019-07-09 13:14 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\PunkBuster
2019-07-09 12:38 - 2019-07-09 13:14 - 000000000 ____D C:\ProgramData\EA Logs
2019-07-09 12:38 - 2019-07-09 12:38 - 000000000 ____D C:\ProgramData\EA Core
2019-07-09 07:07 - 2019-07-09 07:07 - 000003120 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-07-03 17:40 - 2019-07-03 19:42 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\TS3Client
2019-07-03 17:40 - 2019-07-03 17:40 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\TeamSpeak 3
2019-07-03 17:39 - 2019-07-03 17:39 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2019-07-03 17:39 - 2019-07-03 17:39 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2019-07-02 21:01 - 2019-07-09 13:19 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2019-07-02 21:01 - 2019-07-09 13:14 - 000280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2019-07-02 21:00 - 2019-07-09 13:19 - 000076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2019-07-02 05:09 - 2019-07-02 05:09 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-06-26 07:01 - 2019-07-02 05:09 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-26 07:01 - 2019-07-02 05:09 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-20 06:04 - 2019-06-20 06:04 - 000011897 _____ C:\Users\Jan Jonáš\Desktop\Sofer20190618_part.xlsx
2019-06-18 17:19 - 2019-06-18 17:19 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 023438336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 018999296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 012869120 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 012162048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 007875072 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 006547144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 006309256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 005210904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 004661760 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-06-18 17:19 - 2019-06-18 17:19 - 003906560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-18 17:19 - 2019-06-18 17:19 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 002323696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001670840 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001466496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001223168 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001098136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000540720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000513904 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-18 17:19 - 2019-06-18 17:19 - 000398208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000122680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000087864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2019-06-18 17:18 - 2019-06-18 17:19 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-18 17:18 - 2019-06-18 17:18 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 004997096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 003385344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 003091968 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 002653696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 002085168 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 001929216 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-06-18 17:18 - 2019-06-18 17:18 - 001229824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 001219424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-06-18 17:18 - 2019-06-18 17:18 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-06-18 17:18 - 2019-06-18 17:18 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000773632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000752144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000730592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000676048 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-06-18 17:18 - 2019-06-18 17:18 - 000604344 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-18 17:18 - 2019-06-18 17:18 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000506192 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000462136 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000419368 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\BingASDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000386576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000152896 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000137056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000101176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\BingFilterDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-06-18 17:18 - 2019-06-18 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-06-18 17:18 - 2019-06-18 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-06-18 17:18 - 2019-06-18 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-06-18 17:18 - 2019-06-18 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-06-18 17:18 - 2019-06-18 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-06-18 17:18 - 2019-06-18 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-06-18 17:18 - 2019-06-18 17:18 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-06-18 17:07 - 2019-06-18 17:07 - 000000000 ____D C:\Program Files\UNP
2019-06-13 06:55 - 2019-06-13 06:55 - 001993528 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 015221248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 007724992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 006926336 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 005297152 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 005112792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 003983872 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 003426816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 003344896 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 002777736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 002690048 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 002627600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-06-11 06:50 - 2019-06-11 06:50 - 002276192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-11 06:50 - 2019-06-11 06:50 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-11 06:50 - 2019-06-11 06:50 - 001860608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001761280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001750016 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001700312 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-11 06:50 - 2019-06-11 06:50 - 001644544 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001618944 ____R (The ICU Project) C:\Windows\SysWOW64\icuin.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001471040 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 001462272 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001342904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-11 06:50 - 2019-06-11 06:50 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001260048 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-06-11 06:50 - 2019-06-11 06:50 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001255936 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001254912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001180184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001032704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000927744 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000804352 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-11 06:50 - 2019-06-11 06:50 - 000699392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000586040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000555232 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000515152 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000451104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000430904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-06-11 06:50 - 2019-06-11 06:50 - 000427688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000287912 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 000280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000262160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-11 06:50 - 2019-06-11 06:50 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000091424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2019-06-11 06:49 - 2019-06-11 06:50 - 002638336 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 017484800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 003270144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 002928640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 001860096 ____R (The ICU Project) C:\Windows\system32\icuin.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 001298952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000924160 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000651064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-06-11 06:49 - 2019-06-11 06:49 - 000615440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2019-06-11 06:49 - 2019-06-11 06:49 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000375544 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 000351232 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000292664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-06-11 06:49 - 2019-06-11 06:49 - 000282424 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000247608 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-06-11 06:49 - 2019-06-11 06:49 - 000196920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-06-11 06:49 - 2019-06-11 06:49 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSrv.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 000152400 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000125528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000114648 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-11 06:49 - 2019-06-11 06:49 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-11 06:45 - 2019-06-11 06:45 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\SKIDROW
2019-06-11 06:45 - 2019-06-11 06:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-06-11 06:45 - 2019-06-11 06:45 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2019-06-11 06:44 - 2019-06-11 06:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-06-11 06:43 - 2019-06-11 06:43 - 000000000 ____D C:\NVIDIA
2019-06-11 06:24 - 2019-06-11 06:24 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\2K Games
2019-06-11 06:21 - 2019-06-11 06:21 - 000002135 _____ C:\Users\Jan Jonáš\Desktop\MAFIA II .lnk
2019-06-11 06:13 - 2019-06-11 06:13 - 000000000 ____D C:\Program Files (x86)\2K Games
2019-06-10 20:05 - 2019-07-09 18:31 - 000000000 ____D C:\!Torrent
2019-06-10 20:05 - 2019-06-10 20:05 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2019-06-10 19:50 - 2019-06-10 19:50 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\Skyrim
2019-06-10 19:15 - 2019-06-22 08:14 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\HearthSim
2019-06-10 16:05 - 2019-07-09 17:38 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\HearthstoneDeckTracker
2019-06-10 16:05 - 2019-07-02 15:10 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\HearthstoneDeckTracker
2019-06-10 16:05 - 2019-07-02 15:09 - 000002593 _____ C:\Users\Jan Jonáš\Desktop\Hearthstone Deck Tracker.lnk
2019-06-10 16:05 - 2019-07-02 15:09 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2019-06-09 18:27 - 2019-06-09 18:27 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\.mono
2019-06-09 18:27 - 2019-06-09 18:27 - 000000000 ____D C:\ProgramData\.mono
2019-06-09 18:26 - 2019-06-09 18:26 - 000000000 ____D C:\Users\Jan Jonáš\AppData\LocalLow\Blizzard Entertainment
2019-06-09 18:26 - 2019-06-09 18:26 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\Blizzard
2019-06-09 17:26 - 2019-06-09 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2019-06-09 17:04 - 2019-07-02 15:12 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2019-06-09 17:03 - 2019-06-09 17:03 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2019-06-09 17:01 - 2019-07-09 17:44 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\Battle.net
2019-06-09 17:01 - 2019-06-29 07:39 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-06-09 17:01 - 2019-06-09 17:03 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\Battle.net
2019-06-09 17:01 - 2019-06-09 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2019-06-09 16:52 - 2019-06-09 17:02 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\Blizzard Entertainment
2019-06-09 16:52 - 2019-06-09 16:52 - 000000000 ____D C:\ProgramData\Battle.net

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-09 18:26 - 2019-04-28 11:37 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\vlc
2019-07-09 18:18 - 2019-02-21 16:54 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\D3DSCache
2019-07-09 18:16 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-09 18:08 - 2019-05-02 19:01 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\ownCloud
2019-07-09 17:49 - 2019-02-21 16:43 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-09 16:48 - 2019-02-21 15:56 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-09 13:13 - 2019-02-21 16:48 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-07-09 13:13 - 2019-02-21 16:37 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\Origin
2019-07-09 13:13 - 2019-02-21 16:36 - 000000000 ____D C:\ProgramData\Origin
2019-07-09 12:38 - 2019-02-21 17:56 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-07-09 11:43 - 2019-02-21 16:58 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\Discord
2019-07-08 22:30 - 2019-02-22 11:31 - 000003150 _____ C:\Windows\System32\Tasks\MSIAfterburner
2019-07-04 04:56 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-07-02 16:30 - 2019-02-21 16:41 - 000000000 ____D C:\Program Files (x86)\Origin
2019-07-02 15:09 - 2019-02-21 16:58 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\SquirrelTemp
2019-07-02 05:08 - 2019-02-21 16:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-30 11:13 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-28 19:08 - 2019-02-21 16:59 - 000000000 ____D C:\ProgramData\Packages
2019-06-19 06:05 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-06-19 05:59 - 2019-02-21 16:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-19 05:59 - 2019-02-21 16:26 - 000000000 ___RD C:\Users\Jan Jonáš\3D Objects
2019-06-19 05:59 - 2019-02-21 15:56 - 000485008 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-19 05:58 - 2019-02-21 15:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-18 22:42 - 2019-02-21 16:26 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-06-18 22:42 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-18 22:41 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-06-18 22:41 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-06-18 22:08 - 2019-02-21 16:37 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-18 17:22 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-06-18 17:19 - 2019-02-22 15:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-18 17:19 - 2019-02-21 16:30 - 000003388 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2634732689-2565811089-3999373169-1001
2019-06-18 17:18 - 2019-02-21 16:30 - 000000000 ___RD C:\Users\Jan Jonáš\OneDrive
2019-06-18 17:18 - 2019-02-21 16:24 - 000002377 _____ C:\Users\Jan Jonáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-13 06:58 - 2019-02-21 16:33 - 000000000 ____D C:\Windows\system32\MRT
2019-06-13 06:55 - 2019-02-21 16:33 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-11 20:19 - 2019-02-22 11:24 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-06-11 11:48 - 2019-02-21 16:24 - 000000000 ____D C:\Users\Jan Jonáš
2019-06-11 11:48 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-11 06:44 - 2019-02-21 16:28 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-10 10:23 - 2019-02-21 16:26 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\Packages

==================== Files in the root of some directories ================

2019-02-21 19:00 - 2019-02-21 19:00 - 000001111 _____ () C:\Users\Jan Jonáš\AppData\Local\gamma_ramp.reg

==================== FLock ================

2019-02-21 16:21 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Jan Jonáš (09-07-2019 18:33:11)
Running from C:\Users\Jan Jonáš\Desktop
Windows 10 Pro Version 1809 17763.557 (X64) (2019-02-21 14:20:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2634732689-2565811089-3999373169-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2634732689-2565811089-3999373169-503 - Limited - Disabled)
Guest (S-1-5-21-2634732689-2565811089-3999373169-501 - Limited - Disabled)
Jan Jonáš (S-1-5-21-2634732689-2565811089-3999373169-1001 - Administrator - Enabled) => C:\Users\Jan Jonáš
WDAGUtilityAccount (S-1-5-21-2634732689-2565811089-3999373169-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

##ID_STRING19## (HKLM\...\{E5CDEFE8-E723-7C31-C3F3-018B89046194}) (Version: 2019.0220.1532.27963 - ##COMPANY_NAME##) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.2.3 - Advanced Micro Devices, Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.1.5 - Electronic Arts, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Discord (HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
GAML Converters Update (HKLM-x32\...\{743E0FE7-E089-4445-9E4C-0DE5441B78DD}) (Version: 2.2.7 - Thermo Fisher Scientific, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\HearthstoneDeckTracker) (Version: 1.8.13 - HearthSim)
HR Nicolet Sample Library (HKLM-x32\...\{AB501AA7-BDC1-41EC-B67D-321878883271}) (Version: 1.3.0000 - Thermo Fisher Scientific)
Maple 2018 (HKLM\...\Maple 2018) (Version: 2018 - Maplesoft)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
MSI Afterburner 4.6.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.6.0 Beta 14 - MSI Co., LTD)
Nicolet iS5 Documentation (HKLM-x32\...\{9041860E-C92F-4F9A-92DC-553F83C3B001}) (Version: 9.1.0 - Thermo Fisher Scientific)
Nicolet iS5 Spectrometer and Help 64bit (HKLM\...\{9E2DCD91-F859-4850-A8BF-2F813A06C6EC}) (Version: 9.2.2 - Thermo Fisher Scientific)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
OMNIC Documentation (HKLM-x32\...\{137F933F-06EC-49D5-A57B-03A0181774CE}) (Version: 9.2.0 - Thermo Fisher Scientific)
OMNIC (HKLM-x32\...\{5735FB0C-6DFA-4240-BA3F-26BE4B3B3A86}) (Version: 9.3.30 - Thermo Fisher Scientific)
OMNIC for iS5 (HKLM-x32\...\{937A6517-9E9A-4572-A356-2EDFE62A2155}) (Version: 9.1.0 - Thermo Fisher Scientific)
OMNIC Internationalization (HKLM-x32\...\{A794CE92-8D59-44AB-92CD-6149968BAD3B}) (Version: 9.2.0 - Thermo Fisher Scientific)
OMNIC Library Converter (HKLM-x32\...\{263A58EE-70A4-41DA-8BB1-781779EF9A51}) (Version: 8.3.0 - Thermo Fisher Scientific)
OMNIC Macros Basic (HKLM-x32\...\{E420408E-AFDD-49AB-B673-D747C3BA7C04}) (Version: 9.1.0 - Thermo Fisher Scientific)
OMNIC Macros Basic Shared Utilities (HKLM-x32\...\{85BCC2B2-B4CC-4CF8-AE61-D7CEADA0497D}) (Version: 9.1.0 - Thermo Fisher Scientific)
OMNIC Tutorials (HKLM-x32\...\{A8653964-0162-4243-9899-62CEA31007E1}) (Version: 9.3.0 - Thermo Fisher Scientific)
Origin (HKLM-x32\...\Origin) (Version: 10.5.41.27263 - Electronic Arts, Inc.)
ownCloud (HKLM-x32\...\{5D061295-AAFA-4F0D-B1E1-E8E844E33571}) (Version: 2.5.4.11415 - ownCloud GmbH)
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
ThermoIQ (HKLM-x32\...\{53A03D62-8810-4013-95DA-A5242F7BDED7}) (Version: 2.0.32 - Thermo Fisher Scientific - Madison)
ToolBook 10.5 Neuron (HKLM-x32\...\{902EF8A0-AA81-47FB-AA57-E59BF4BEDF1F}) (Version: 10.5.0.22 - SumTotal Systems, Inc.)
TQ Analyst EZ Edition (HKLM-x32\...\{3922B720-41A4-4979-A71B-7F1E6C841E55}) (Version: 9.4.45 - Thermo Fisher Scientific)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
War Thunder Launcher 1.0.3.151 (HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-21] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Todoist: To-Do List and Task Manager -> C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta [2019-06-10] (Payist Payments Inc)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.3328.0_x64__cv1g1gvanyjgm [2019-06-02] (WhatsApp Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2634732689-2565811089-3999373169-1001_Classes\CLSID\{298785b7-fb74-42a7-9ae9-96b64de69f8d} -> [ownCloud] => C:\!Škola\OwnCloud [2019-05-02 20:23]
CustomCLSID: HKU\S-1-5-21-2634732689-2565811089-3999373169-1001_Classes\CLSID\{3e27fc33-02f6-456b-9d8a-37d4a6c8ca22} -> [2. semestr] => C:\!Škola\VŠ\2. semestr [2019-03-02 10:48]
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\ownCloud\shellext_x64\OCContextMenu.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-02-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-02-17 13:58 - 2019-02-17 13:58 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-02-17 13:58 - 2019-02-17 13:58 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-02-17 13:59 - 2019-02-17 13:59 - 000630272 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-02-17 13:58 - 2019-02-17 13:58 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-02-17 13:58 - 2019-02-17 13:58 - 000364544 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2019-02-21 16:41 - 2019-05-25 09:55 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2018-09-25 18:17 - 2018-09-25 18:17 - 000604672 _____ () [File not signed] C:\Program Files (x86)\ownCloud\libsqlite.dll
2019-03-18 02:21 - 2019-03-18 02:21 - 001139712 _____ () [File not signed] C:\Program Files (x86)\ownCloud\owncloud_csync.dll
2019-03-18 02:21 - 2019-03-18 02:21 - 001275904 _____ () [File not signed] C:\Program Files (x86)\ownCloud\owncloudsync.dll
2019-02-05 10:42 - 2019-02-05 10:42 - 000079872 _____ () [File not signed] C:\Program Files (x86)\ownCloud\qt5keychain.dll
2018-09-25 13:03 - 2018-09-25 13:03 - 000101376 _____ () [File not signed] C:\Program Files (x86)\ownCloud\zlib.dll
2019-02-21 16:45 - 2014-04-09 06:25 - 000071680 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssmp3.asi
2019-02-21 16:45 - 2014-04-09 06:25 - 000153088 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssvoice.asi
2018-12-20 18:52 - 2018-12-20 18:52 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-12-20 18:52 - 2018-12-20 18:52 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2019-05-23 06:07 - 2019-05-23 06:07 - 000914944 _____ () [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta\e_sqlite3.dll
2019-06-10 20:43 - 2019-06-10 20:43 - 070955520 _____ () [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta\Todoist.Universal.dll
2019-06-10 20:43 - 2019-06-10 20:43 - 000024576 _____ () [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta\Todoist.Universal.exe
2019-02-20 16:18 - 2019-02-20 16:18 - 000043008 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
2019-02-20 16:18 - 2019-02-20 16:18 - 000572928 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
2019-02-26 16:33 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-03-18 02:26 - 2019-03-18 02:26 - 001099776 _____ (ownCloud GmbH) [File not signed] C:\Program Files (x86)\ownCloud\shellext_x64\OCContextMenu.dll
2019-03-18 02:26 - 2019-03-18 02:26 - 001807360 _____ (ownCloud GmbH) [File not signed] C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll
2019-03-18 02:22 - 2019-03-18 02:22 - 003136000 _____ (ownCloud) [File not signed] C:\Program Files (x86)\ownCloud\owncloud.exe
2019-02-21 16:45 - 2014-05-03 03:16 - 000440320 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mss32.DLL
2019-02-21 16:45 - 2014-04-09 06:25 - 000055296 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mssdsp.flt
2019-02-21 16:41 - 2019-02-21 16:41 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2019-02-21 16:41 - 2019-02-21 16:41 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2018-09-25 15:53 - 2018-09-25 15:53 - 026215936 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ownCloud\icudt58.dll
2018-09-25 15:52 - 2018-09-25 15:52 - 001861120 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ownCloud\icuin58.dll
2018-09-25 15:51 - 2018-09-25 15:51 - 001278464 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ownCloud\icuuc58.dll
2019-02-21 16:41 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-07-02 16:29 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2018-11-15 16:07 - 2018-11-15 16:07 - 002505216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ownCloud\libcrypto-1_1.dll
2018-11-15 16:07 - 2018-11-15 16:07 - 000529920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ownCloud\libssl-1_1.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
2019-05-05 14:55 - 2019-05-25 09:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 054064128 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-10-10 13:26 - 2018-10-10 13:26 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\imageformats\qgif.dll
2018-10-10 13:25 - 2018-10-10 13:25 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\imageformats\qico.dll
2018-10-10 13:26 - 2018-10-10 13:26 - 000298496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\imageformats\qjpeg.dll
2018-09-25 16:03 - 2018-09-25 16:03 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\imageformats\qsvg.dll
2018-10-10 13:26 - 2018-10-10 13:26 - 001172992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\platforms\qwindows.dll
2018-12-05 15:40 - 2018-12-05 15:40 - 004437504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Core.dll
2018-10-10 13:22 - 2018-10-10 13:22 - 005295104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Gui.dll
2018-09-25 16:21 - 2018-09-25 16:21 - 000640000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Multimedia.dll
2018-09-25 16:21 - 2018-09-25 16:21 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5MultimediaWidgets.dll
2018-10-10 13:21 - 2018-10-10 13:21 - 001060352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Network.dll
2018-10-10 13:25 - 2018-10-10 13:25 - 000271360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5OpenGL.dll
2018-10-10 13:25 - 2018-10-10 13:25 - 000278528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5PrintSupport.dll
2018-09-25 16:05 - 2018-09-25 16:05 - 003054592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Qml.dll
2018-09-25 16:06 - 2018-09-25 16:06 - 003182080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Quick.dll
2018-09-25 16:26 - 2018-09-25 16:26 - 000167424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Sensors.dll
2018-10-10 13:19 - 2018-10-10 13:19 - 000163840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Sql.dll
2018-09-25 16:03 - 2018-09-25 16:03 - 000269824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Svg.dll
2018-09-25 16:59 - 2018-09-25 16:59 - 000092160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5WebChannel.dll
2018-09-25 18:37 - 2018-09-25 18:37 - 017848832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5WebKit.dll
2018-09-25 18:37 - 2018-09-25 18:37 - 000193536 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5WebKitWidgets.dll
2018-10-10 13:24 - 2018-10-10 13:24 - 004609024 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Widgets.dll
2018-10-10 13:19 - 2018-10-10 13:19 - 000150528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Xml.dll
2018-10-10 13:26 - 2018-10-10 13:26 - 000122368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\styles\qwindowsvistastyle.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-02-20 16:29 - 2019-02-20 16:29 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-12-20 18:51 - 2018-12-20 18:51 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-12-20 18:51 - 2018-12-20 18:51 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-12-20 18:51 - 2018-12-20 18:51 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-12-20 18:51 - 2018-12-20 18:51 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
2019-06-10 20:05 - 2018-10-25 20:00 - 000414656 _____ (uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\!Torrent\utorrent.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\Control Panel\Desktop\\Wallpaper -> C:\!Word, pdf\plocha.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "IrisMini"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7B66B083-C450-4BF3-8B60-5D69365B3D6F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CFFD1992-54CE-49C7-BC32-ABAEFEA3D0DD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{54244B1E-0398-4B33-94F1-C001A91DDACA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{60F63CFB-D092-4569-BF83-59B69DCE5D99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{38383262-3501-40A7-9EEC-A15999751C96}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9C70D992-4817-423E-AD1D-26C215086418}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15A19ED7-67CB-4081-A740-3161F00E2EEA}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8ED17C5B-5EEE-4808-823E-38996F1C09BE}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{A5A10403-0788-4076-AAE5-4AF7F30D34A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{EA2A7198-888B-4E87-9B3E-6AA3F219CD41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D7BB6D51-33BA-4F36-B2F5-98DF351746EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{7D746452-0CFA-4332-96B5-BF41A2DD67B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [TCP Query User{93074BBC-4E97-4A79-B2FF-248B6F6835C6}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{3530D0A9-B109-473E-9096-8965471A552C}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{85B554C9-B0BD-4891-9E5B-7ADC943838C1}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{B2A8F762-27C4-42ED-897F-2FB3D891D9C8}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D93EEF5C-F5D3-4163-8B6E-7DC8BABD66B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{B72F2A83-FFE9-4D7A-95E1-53E91F1E0B0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{49649BB4-3A3D-478B-9D5F-434B8B545B75}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{66997452-2C94-49E2-9022-EDC2A9E56D75}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{2837F6D2-1752-46E5-8F7F-1E64CED8B1C4}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{CBBB7B17-665D-46EB-9003-F813581985EA}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{6F4BBCC7-0556-407B-A587-0FA84B732F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{FB24D808-4C1B-46C7-9B68-FF2C36463F11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{53930F45-16CF-43B7-8A62-00CACCD92BDF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{40C9998F-4467-49AC-8181-AD0E9F7C0FA2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{40BAECDC-E42F-4502-81E6-3E9B80B1533C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E380321E-CD8F-4913-8667-AB34C63D9D2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1687B516-DC48-4BD5-A51D-AC38AB605ACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{502BD8F4-04A8-4153-B2E1-4D65270009EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{4A8E0D72-E51D-477F-9DFB-3E0E04EAE862}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{B7ADBD63-86C1-4AD5-90DD-DB368AEEFA55}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{9DACA984-EAE8-49BE-AD1B-4A13588079E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{604CD295-E950-4CF5-91DB-D2DD1BF4497C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5F376305-A626-4DB6-97E9-A95E207A8109}C:\program files\maple 2018\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2018\jre\bin\javaw.exe
FirewallRules: [UDP Query User{B8975DDF-5E01-41FC-AB24-EFC3E740645D}C:\program files\maple 2018\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2018\jre\bin\javaw.exe
FirewallRules: [{C099720D-5DD4-464E-B59C-3482BE30E2DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{9DCE3AC5-B056-4A29-A001-093FFC3A39CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{18D34A3F-6602-43D0-8014-079FD85BB3AB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFF8E1AB-FDE3-4E9B-B360-E91D92FDAC63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{AB4AD540-24B7-4105-A283-3A534B2395F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{14786AFF-93B3-4893-85AB-5BD0D8B186C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{85C7582E-F6ED-4E7B-A5CB-8B1276F74E6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{E3160648-45BC-4018-9A47-9C51282293B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{219CF4C8-78E9-4D05-B8FF-5D8C4E7B74A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{F65680B5-D1D9-4D45-8316-8E9CB6FA17F0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{81055466-AFA8-42ED-AC74-47B7925F01A7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{0D30D593-F2D3-47D2-9F0B-8EDF001210AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{A343415C-E424-429A-930D-3431D383B433}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{040DF323-D4C0-4A9E-8393-687096F54E31}C:\!torrent\utorrent.exe] => (Allow) C:\!torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{84CA247B-0405-4C56-BB44-6A55AF31D493}C:\!torrent\utorrent.exe] => (Allow) C:\!torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C14D30CE-D4B3-4025-BAFF-145DBA05011E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AF1B47E7-D00B-43D7-8139-5A17D59B973B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{0C2076D4-724D-4AD4-B887-BC74902580E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{354C9415-9F32-448D-9C4E-90F0A1B43C9C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{D2911759-B659-4755-9293-A0F502ADFEDC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4DEBE9E9-533F-4CE8-8958-456C57F129A3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{C2235EC3-F87B-4B75-8582-8DC1896948B4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{DEE6850D-387D-416F-8C2F-BC38349DBF7F}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C81BD6E5-FBC3-4404-97D5-2EA6F01D5839}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{90C506DB-FAC5-4D56-B270-18BD9B41A786}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{58FAF345-2F9C-4A79-A8AA-090006A2D991}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)

==================== Restore Points =========================

09-07-2019 07:26:27 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2019 06:16:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Video.UI.exe verze 10.19031.1141.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 4b8

Čas spuštění: 01d5367199a2df4a

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe

ID hlášení: b05ad3b0-a460-4c6a-9ee6-706039ce676a

Úplný název balíčku s chybou: Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: Microsoft.ZuneVideo

Typ zablokování: Quiesce

Error: (07/09/2019 05:20:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x19c8
Čas spuštění chybující aplikace: 0x01d5365e4ffda57d
Cesta k chybující aplikaci: C:\!Torrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 315b950d-9c80-4a85-8e81-16fa08b54d1a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/03/2019 03:17:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (07/03/2019 03:15:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (07/03/2019 02:41:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/02/2019 08:59:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (07/02/2019 06:00:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (07/02/2019 05:54:42 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet


System errors:
=============
Error: (07/09/2019 08:38:10 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-11NN74O)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-11NN74O\Jan Jonáš (SID: S-1-5-21-2634732689-2565811089-3999373169-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/09/2019 07:31:17 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-11NN74O)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-11NN74O\Jan Jonáš (SID: S-1-5-21-2634732689-2565811089-3999373169-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 07:26:57 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-11NN74O)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-11NN74O\Jan Jonáš (SID: S-1-5-21-2634732689-2565811089-3999373169-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 07:23:54 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-11NN74O)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-11NN74O\Jan Jonáš (SID: S-1-5-21-2634732689-2565811089-3999373169-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/04/2019 12:47:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-11NN74O)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-11NN74O\Jan Jonáš (SID: S-1-5-21-2634732689-2565811089-3999373169-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/04/2019 04:54:28 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-11NN74O)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-11NN74O\Jan Jonáš (SID: S-1-5-21-2634732689-2565811089-3999373169-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/03/2019 07:46:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-11NN74O)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-11NN74O\Jan Jonáš (SID: S-1-5-21-2634732689-2565811089-3999373169-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/03/2019 07:15:51 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.


Windows Defender:
===================================
Date: 2019-07-09 17:35:42.577
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bluteal!rfn
ID: 2147724737
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Jan Jonáš\Downloads\3DMGAME-Total.War.THREE.KINGDOMS-3DM\Total War THREE KINGDOMS\????.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-11NN74O\Jan Jonáš
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.297.672.0, AS: 1.297.672.0, NIS: 1.297.672.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4

Date: 2019-07-08 22:09:09.973
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C937EAF6-F108-48C3-8524-7767C88B4768}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-29 08:54:44.813
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1AB102D4-6FED-4407-B718-2F531E7DB829}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-29 07:36:47.075
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6A558F2D-5112-49A4-922C-B86CBE90DF8B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-20 06:17:42.228
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BC9874A9-B82D-4C18-B9F8-2E336F9B93BD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-28 19:03:22.289
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.1494.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16000.6
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F1 05/06/2011
Motherboard: Gigabyte Technology Co., Ltd. P67-DS3-B3
Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 72%
Total physical RAM: 8175.18 MB
Available physical RAM: 2249.44 MB
Total Virtual: 17201.6 MB
Available Virtual: 7356.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:506.41 GB) NTFS

\\?\Volume{2a7800ca-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2A7800CA)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prevence, zpomalený pc

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

GuerrCZ
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 25 srp 2014 17:10

Re: Prevence, zpomalený pc

#3 Příspěvek od GuerrCZ »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-10-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted AVG Secure Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1265 octets] - [10/07/2019 12:40:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prevence, zpomalený pc

#4 Příspěvek od Diallix »

poprosim o nove logy FRST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

GuerrCZ
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 25 srp 2014 17:10

Re: Prevence, zpomalený pc

#5 Příspěvek od GuerrCZ »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by Jan Jonáš (administrator) on DESKTOP-11NN74O (Gigabyte Technology Co., Ltd. P67-DS3-B3) (10-07-2019 21:15:11)
Running from C:\Users\Jan Jonáš\Desktop
Loaded Profiles: Jan Jonáš (Available Profiles: Jan Jonáš)
Platform: Windows 10 Pro Version 1809 17763.615 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta\Todoist.Universal.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1903.1006.0_x64__8wekyb3d8bbwe\Time.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.30.20002.0_x64__8wekyb3d8bbwe\GameBar.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.30.20002.0_x64__8wekyb3d8bbwe\GameBarFT.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0339583.inf_amd64_c5be1e62234928ae\B339442\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0339583.inf_amd64_c5be1e62234928ae\B339442\atiesrxx.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(ownCloud) [File not signed] C:\Program Files (x86)\ownCloud\owncloud.exe
(Thermo Fisher Scientific Inc. -> Thermo Fisher Scientific Inc.) C:\Program Files (x86)\omnic\ThermoBenchService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3148576 2019-06-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [Discord] => C:\Users\Jan Jonáš\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [IrisMini] => "C:\Users\Jan Jonáš\AppData\Local\Iris mini\iris-mini-dynamic.exe"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [3136000 2019-03-18] (ownCloud) [File not signed]
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Jan Jonáš\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-06-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05732024-9BFB-4077-9C81-8E5C2AC7AB11} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {057F2680-CA2D-4CB7-92B3-4312D82F80EF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504376 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F5C7DF6-D0BC-47B9-9FDE-9B06809815A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {138DDADE-EFCC-48BA-A5DC-4DC2C29A9AD4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {19FEFD4E-2038-43CB-BEE5-692A31C0F4D4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2107257D-E8FC-47E2-B764-57D0102DF676} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {38E9670C-F353-491D-BBED-4378263A4093} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-02-20] (Advanced Micro Devices, Inc.) [File not signed]
Task: {3D19AF5D-D9E7-460D-B42B-17F995378DF6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {57B2D781-1CBD-4349-BA63-F4E0E20991BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {650D4466-0F03-4F70-AF9A-6D0C14026828} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6E72EF86-FA77-4563-ADD9-AA951798895B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {73D9EA96-12FF-4C00-9512-925CF02CB765} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-02-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {801B9287-D447-45B2-BF7B-1B69C825A74C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {93D35032-86AA-453A-A4F4-8D34EA9D4C36} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {99B1715C-59DF-4EE2-808C-684CEA55CDF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {9C72770B-DFD3-415E-A944-53C531181E7D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {AB67B64B-2AFE-4E77-AB1C-DD7ABA896374} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD5788A6-B136-46FD-9597-E3A621C843C4} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-02-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B83D8B82-1A1B-4486-ACC0-F75AD0F74388} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-02-20] (Advanced Micro Devices, Inc.) [File not signed]
Task: {D2ACE3BB-293B-4E4E-A7A3-CD2FFFBE02C9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2B16D72-6FFE-4A05-AC61-1FD1F9F3269D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [768296 2019-02-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F68A121B-2081-4E42-8331-8C7E4C424B3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{34919667-8fef-431e-8504-81d3e4f3df39}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default [2019-07-10]
CHR Extension: (Prezentace) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-21]
CHR Extension: (Dokumenty) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-21]
CHR Extension: (Disk Google) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-21]
CHR Extension: (AutoJoin for SteamGifts) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bchhlccjhoedhhegglilngpbnldfcidc [2019-02-21]
CHR Extension: (YouTube) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-22]
CHR Extension: (Steam Inventory Helper) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2019-06-29]
CHR Extension: (Adblock na Youtube™) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-03-23]
CHR Extension: (Tabulky) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-21]
CHR Extension: (The Great Suspender) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2019-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-21]
CHR Extension: (Enhanced Steam) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2019-02-21]
CHR Extension: (Gmail) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Jan Jonáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0339583.inf_amd64_c5be1e62234928ae\B339442\atiesrxx.exe [509048 2019-02-25] (Advanced Micro Devices, Inc. -> AMD)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-02-20] (AMD) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-03-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2329392 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3203888 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2019-07-09] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TMSRVC; C:\program files (x86)\omnic\ThermoBenchService.exe [283528 2012-11-29] (Thermo Fisher Scientific Inc. -> Thermo Fisher Scientific Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0339583.inf_amd64_c5be1e62234928ae\B339442\atikmdag.sys [52881528 2019-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0339583.inf_amd64_c5be1e62234928ae\B339442\atikmpag.sys [590968 2019-02-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4233728 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [47704 2019-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [367032 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-10 21:15 - 2019-07-10 21:16 - 000024316 _____ C:\Users\Jan Jonáš\Desktop\FRST.txt
2019-07-10 12:42 - 2019-07-10 12:42 - 000003120 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-07-10 08:25 - 2019-07-10 08:25 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 023454208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 019012096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 012938752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 012243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 008900608 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 007921664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 007876096 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 007727336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 006545304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 005587976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 005115384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 004880896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 003738624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 003550384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 002714624 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 002469432 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 002393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 002278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-07-10 08:25 - 2019-07-10 08:25 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-07-10 08:25 - 2019-07-10 08:25 - 002013696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 001763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 001465464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 001427592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 001266192 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-07-10 08:25 - 2019-07-10 08:25 - 001254400 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2019-07-10 08:25 - 2019-07-10 08:25 - 001159168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 001132032 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000964608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000833536 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000828728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000804744 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000798736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2019-07-10 08:25 - 2019-07-10 08:25 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000747568 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2019-07-10 08:25 - 2019-07-10 08:25 - 000743216 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2019-07-10 08:25 - 2019-07-10 08:25 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000687896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2019-07-10 08:25 - 2019-07-10 08:25 - 000682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000673520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2019-07-10 08:25 - 2019-07-10 08:25 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000660032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000317456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2019-07-10 08:25 - 2019-07-10 08:25 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000290304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-07-10 08:25 - 2019-07-10 08:25 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2019-07-10 08:25 - 2019-07-10 08:25 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000092592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2019-07-10 08:25 - 2019-07-10 08:25 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\CompMgmtLauncher.exe
2019-07-10 08:25 - 2019-07-10 08:25 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-07-10 08:25 - 2019-07-10 08:25 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 022115472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 017484800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 015221248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 009683472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 007687784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 007645600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 006925312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 006308232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 005561312 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 005528064 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 005297664 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 004588752 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 004351448 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 004303872 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 004056576 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 003818416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 003636224 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 003630592 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 003427328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 003385856 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 003335216 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 003081728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002982400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002871816 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 002778760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002766136 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 002701000 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002693120 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002645504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002633216 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002626872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 002593336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002421760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 002406928 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002200080 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002085376 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002073472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 002050048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001966904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 001929728 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001863168 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001837136 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001794048 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001721352 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001715000 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001713976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001702088 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-10 08:24 - 2019-07-10 08:24 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001676288 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001674752 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001668752 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001662480 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001622016 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001522488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001516544 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 001477648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001472808 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 001466368 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001397048 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001345168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-10 08:24 - 2019-07-10 08:24 - 001321784 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001316352 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001308672 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001259520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001257472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 001223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001199616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 001162320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001145856 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001125416 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001054928 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 001052984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 001052672 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 001043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2019-07-10 08:24 - 2019-07-10 08:24 - 001038336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 001007616 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000998928 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000987736 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000956416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000895552 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000871784 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000865272 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000850992 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000833024 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000810504 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000807480 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000799776 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000771584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000770096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000768224 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000758896 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000756224 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000740664 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000731104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000730936 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000680176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000652528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000652296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000651792 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000645120 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000637968 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000617784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000553992 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000553472 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000547840 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-07-10 08:24 - 2019-07-10 08:24 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000514136 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000511504 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000506408 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000482104 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000470528 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2019-07-10 08:24 - 2019-07-10 08:24 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000464912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000449024 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000439096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000431416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000425472 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000423480 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000415752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-07-10 08:24 - 2019-07-10 08:24 - 000414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000397688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000351432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000333128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\windows.internal.shellcommon.shareexperience.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000324624 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000310288 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000298296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000294000 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000292152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000279920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000278528 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WiFiCloudStore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\DesktopSwitcherDataModel.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000241944 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2019-07-10 08:24 - 2019-07-10 08:24 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000219448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000203272 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000198456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000197832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2019-07-10 08:24 - 2019-07-10 08:24 - 000192824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000188416 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\NcaSvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000157024 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000149232 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000141216 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000137864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000121896 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000117720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-07-10 08:24 - 2019-07-10 08:24 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-07-10 08:24 - 2019-07-10 08:24 - 000071696 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2019-07-10 08:24 - 2019-07-10 08:24 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000036360 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-07-09 18:29 - 2019-07-10 21:15 - 000000000 ____D C:\FRST
2019-07-09 17:51 - 2019-07-09 20:07 - 000000000 ____D C:\Users\Jan Jonáš\Downloads\Mr. Bean - The Complete Collection (1990-2007)
2019-07-09 16:10 - 2019-07-10 12:41 - 000000000 ____D C:\AdwCleaner
2019-07-09 16:00 - 2019-07-09 16:00 - 007025360 _____ (Malwarebytes) C:\Users\Jan Jonáš\Desktop\AdwCleaner.exe
2019-07-09 16:00 - 2019-07-09 16:00 - 002420224 _____ (Farbar) C:\Users\Jan Jonáš\Desktop\FRST64.exe
2019-07-09 13:14 - 2019-07-10 17:59 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2019-07-09 13:14 - 2019-07-09 13:15 - 000000000 ____D C:\Users\Jan Jonáš\Documents\Battlefield 3
2019-07-09 13:14 - 2019-07-09 13:14 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\PunkBuster
2019-07-09 12:38 - 2019-07-10 17:59 - 000000000 ____D C:\ProgramData\EA Logs
2019-07-09 12:38 - 2019-07-09 12:38 - 000000000 ____D C:\ProgramData\EA Core
2019-07-03 17:40 - 2019-07-03 19:42 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\TS3Client
2019-07-03 17:40 - 2019-07-03 17:40 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\TeamSpeak 3
2019-07-03 17:39 - 2019-07-03 17:39 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2019-07-03 17:39 - 2019-07-03 17:39 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2019-07-02 21:01 - 2019-07-10 17:59 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2019-07-02 21:01 - 2019-07-10 17:59 - 000280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2019-07-02 21:00 - 2019-07-09 13:19 - 000076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2019-07-02 05:09 - 2019-07-02 05:09 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-02 05:09 - 2019-07-02 05:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-06-26 07:01 - 2019-07-02 05:09 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-26 07:01 - 2019-07-02 05:09 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-20 06:04 - 2019-06-20 06:04 - 000011897 _____ C:\Users\Jan Jonáš\Desktop\Sofer20190618_part.xlsx
2019-06-18 17:19 - 2019-06-18 17:19 - 005210904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 004661760 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 003906560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-18 17:19 - 2019-06-18 17:19 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001223168 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 001098136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000540720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-18 17:19 - 2019-06-18 17:19 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000122680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000087864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2019-06-18 17:19 - 2019-06-18 17:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 004997096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 001219424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000773632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000752144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000676048 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000604344 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-18 17:18 - 2019-06-18 17:18 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000462136 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000419368 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\BingASDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000386576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000152896 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000137056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000101176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\BingFilterDS.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-06-18 17:18 - 2019-06-18 17:18 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-06-18 17:18 - 2019-06-18 17:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2019-06-18 17:07 - 2019-06-18 17:07 - 000000000 ____D C:\Program Files\UNP
2019-06-13 06:55 - 2019-06-13 06:55 - 001993528 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 003344896 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001644544 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001618944 ____R (The ICU Project) C:\Windows\SysWOW64\icuin.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001255936 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000927744 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000699392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000586040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000555232 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000515152 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000451104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000427688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 000287912 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 000280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000262160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-11 06:50 - 2019-06-11 06:50 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-11 06:50 - 2019-06-11 06:50 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000091424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2019-06-11 06:50 - 2019-06-11 06:50 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2019-06-11 06:49 - 2019-06-11 06:50 - 002638336 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 003270144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 002928640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 001860096 ____R (The ICU Project) C:\Windows\system32\icuin.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 001298952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000924160 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000615440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2019-06-11 06:49 - 2019-06-11 06:49 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000375544 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 000351232 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000282424 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000247608 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSrv.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 000152400 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000125528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000114648 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-06-11 06:49 - 2019-06-11 06:49 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-11 06:49 - 2019-06-11 06:49 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-11 06:45 - 2019-06-11 06:45 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\SKIDROW
2019-06-11 06:45 - 2019-06-11 06:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-06-11 06:45 - 2019-06-11 06:45 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2019-06-11 06:44 - 2019-06-11 06:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-06-11 06:43 - 2019-06-11 06:43 - 000000000 ____D C:\NVIDIA
2019-06-11 06:24 - 2019-06-11 06:24 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\2K Games
2019-06-11 06:21 - 2019-06-11 06:21 - 000002135 _____ C:\Users\Jan Jonáš\Desktop\MAFIA II .lnk
2019-06-11 06:13 - 2019-06-11 06:13 - 000000000 ____D C:\Program Files (x86)\2K Games
2019-06-10 20:05 - 2019-07-09 21:43 - 000000000 ____D C:\!Torrent
2019-06-10 20:05 - 2019-06-10 20:05 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2019-06-10 19:50 - 2019-06-10 19:50 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\Skyrim
2019-06-10 19:15 - 2019-06-22 08:14 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\HearthSim
2019-06-10 16:05 - 2019-07-09 17:38 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\HearthstoneDeckTracker
2019-06-10 16:05 - 2019-07-02 15:10 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\HearthstoneDeckTracker
2019-06-10 16:05 - 2019-07-02 15:09 - 000002593 _____ C:\Users\Jan Jonáš\Desktop\Hearthstone Deck Tracker.lnk
2019-06-10 16:05 - 2019-07-02 15:09 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-10 20:44 - 2019-05-02 19:01 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\ownCloud
2019-07-10 20:20 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-10 19:37 - 2019-02-21 16:43 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-10 17:59 - 2019-02-21 16:54 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\D3DSCache
2019-07-10 17:55 - 2019-02-21 16:37 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\Origin
2019-07-10 16:52 - 2019-02-21 16:48 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-07-10 16:52 - 2019-02-21 16:36 - 000000000 ____D C:\ProgramData\Origin
2019-07-10 16:43 - 2019-02-21 15:56 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-10 12:54 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-07-10 12:41 - 2019-02-21 16:26 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-07-10 12:41 - 2019-02-21 15:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-10 12:41 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-07-10 12:37 - 2019-02-21 16:23 - 001693636 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-10 12:37 - 2018-09-15 19:39 - 000716902 _____ C:\Windows\system32\perfh005.dat
2019-07-10 12:37 - 2018-09-15 19:39 - 000144982 _____ C:\Windows\system32\perfc005.dat
2019-07-10 12:33 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-10 12:33 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-07-10 12:32 - 2019-02-21 16:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 12:32 - 2019-02-21 16:26 - 000000000 ___RD C:\Users\Jan Jonáš\3D Objects
2019-07-10 12:32 - 2019-02-21 16:24 - 000000000 ____D C:\Users\Jan Jonáš
2019-07-10 12:31 - 2019-02-21 15:56 - 000485008 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-10 12:28 - 2018-09-15 19:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-07-10 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-07-10 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-10 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\oobe
2019-07-10 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-10 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-07-10 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\ShellComponents
2019-07-10 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\Provisioning
2019-07-10 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-07-10 12:28 - 2018-09-15 08:09 - 000000000 ____D C:\Windows\system32\Dism
2019-07-10 08:32 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-07-10 08:31 - 2019-02-21 16:33 - 000000000 ____D C:\Windows\system32\MRT
2019-07-10 08:28 - 2019-02-21 16:33 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-10 08:07 - 2019-02-21 16:31 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-07-09 20:26 - 2019-02-21 15:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-07-09 18:26 - 2019-04-28 11:37 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\vlc
2019-07-09 17:44 - 2019-06-09 17:01 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\Battle.net
2019-07-09 12:38 - 2019-02-21 17:56 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-07-09 11:43 - 2019-02-21 16:58 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Roaming\Discord
2019-07-08 22:30 - 2019-02-22 11:31 - 000003150 _____ C:\Windows\System32\Tasks\MSIAfterburner
2019-07-02 16:30 - 2019-02-21 16:41 - 000000000 ____D C:\Program Files (x86)\Origin
2019-07-02 15:12 - 2019-06-09 17:04 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2019-07-02 15:09 - 2019-02-21 16:58 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\SquirrelTemp
2019-07-02 05:08 - 2019-02-21 16:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-29 07:39 - 2019-06-09 17:01 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-06-28 19:08 - 2019-02-21 16:59 - 000000000 ____D C:\ProgramData\Packages
2019-06-18 22:41 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-06-18 22:08 - 2019-02-21 16:37 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-18 17:19 - 2019-02-22 15:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-18 17:19 - 2019-02-21 16:30 - 000003388 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2634732689-2565811089-3999373169-1001
2019-06-18 17:18 - 2019-02-21 16:30 - 000000000 ___RD C:\Users\Jan Jonáš\OneDrive
2019-06-18 17:18 - 2019-02-21 16:24 - 000002377 _____ C:\Users\Jan Jonáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-11 20:19 - 2019-02-22 11:24 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-06-11 11:48 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-11 06:44 - 2019-02-21 16:28 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-10 10:23 - 2019-02-21 16:26 - 000000000 ____D C:\Users\Jan Jonáš\AppData\Local\Packages

==================== Files in the root of some directories ================

2019-02-21 19:00 - 2019-02-21 19:00 - 000001111 _____ () C:\Users\Jan Jonáš\AppData\Local\gamma_ramp.reg

==================== FLock ================

2019-02-21 16:21 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Jan Jonáš (10-07-2019 21:18:00)
Running from C:\Users\Jan Jonáš\Desktop
Windows 10 Pro Version 1809 17763.615 (X64) (2019-02-21 14:20:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2634732689-2565811089-3999373169-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2634732689-2565811089-3999373169-503 - Limited - Disabled)
Guest (S-1-5-21-2634732689-2565811089-3999373169-501 - Limited - Disabled)
Jan Jonáš (S-1-5-21-2634732689-2565811089-3999373169-1001 - Administrator - Enabled) => C:\Users\Jan Jonáš
WDAGUtilityAccount (S-1-5-21-2634732689-2565811089-3999373169-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

##ID_STRING19## (HKLM\...\{E5CDEFE8-E723-7C31-C3F3-018B89046194}) (Version: 2019.0220.1532.27963 - ##COMPANY_NAME##) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.2.3 - Advanced Micro Devices, Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.1.5 - Electronic Arts, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Discord (HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
GAML Converters Update (HKLM-x32\...\{743E0FE7-E089-4445-9E4C-0DE5441B78DD}) (Version: 2.2.7 - Thermo Fisher Scientific, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\HearthstoneDeckTracker) (Version: 1.8.13 - HearthSim)
HR Nicolet Sample Library (HKLM-x32\...\{AB501AA7-BDC1-41EC-B67D-321878883271}) (Version: 1.3.0000 - Thermo Fisher Scientific)
Maple 2018 (HKLM\...\Maple 2018) (Version: 2018 - Maplesoft)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
MSI Afterburner 4.6.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.6.0 Beta 14 - MSI Co., LTD)
Nicolet iS5 Documentation (HKLM-x32\...\{9041860E-C92F-4F9A-92DC-553F83C3B001}) (Version: 9.1.0 - Thermo Fisher Scientific)
Nicolet iS5 Spectrometer and Help 64bit (HKLM\...\{9E2DCD91-F859-4850-A8BF-2F813A06C6EC}) (Version: 9.2.2 - Thermo Fisher Scientific)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
OMNIC Documentation (HKLM-x32\...\{137F933F-06EC-49D5-A57B-03A0181774CE}) (Version: 9.2.0 - Thermo Fisher Scientific)
OMNIC (HKLM-x32\...\{5735FB0C-6DFA-4240-BA3F-26BE4B3B3A86}) (Version: 9.3.30 - Thermo Fisher Scientific)
OMNIC for iS5 (HKLM-x32\...\{937A6517-9E9A-4572-A356-2EDFE62A2155}) (Version: 9.1.0 - Thermo Fisher Scientific)
OMNIC Internationalization (HKLM-x32\...\{A794CE92-8D59-44AB-92CD-6149968BAD3B}) (Version: 9.2.0 - Thermo Fisher Scientific)
OMNIC Library Converter (HKLM-x32\...\{263A58EE-70A4-41DA-8BB1-781779EF9A51}) (Version: 8.3.0 - Thermo Fisher Scientific)
OMNIC Macros Basic (HKLM-x32\...\{E420408E-AFDD-49AB-B673-D747C3BA7C04}) (Version: 9.1.0 - Thermo Fisher Scientific)
OMNIC Macros Basic Shared Utilities (HKLM-x32\...\{85BCC2B2-B4CC-4CF8-AE61-D7CEADA0497D}) (Version: 9.1.0 - Thermo Fisher Scientific)
OMNIC Tutorials (HKLM-x32\...\{A8653964-0162-4243-9899-62CEA31007E1}) (Version: 9.3.0 - Thermo Fisher Scientific)
Origin (HKLM-x32\...\Origin) (Version: 10.5.41.27263 - Electronic Arts, Inc.)
ownCloud (HKLM-x32\...\{5D061295-AAFA-4F0D-B1E1-E8E844E33571}) (Version: 2.5.4.11415 - ownCloud GmbH)
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
ThermoIQ (HKLM-x32\...\{53A03D62-8810-4013-95DA-A5242F7BDED7}) (Version: 2.0.32 - Thermo Fisher Scientific - Madison)
ToolBook 10.5 Neuron (HKLM-x32\...\{902EF8A0-AA81-47FB-AA57-E59BF4BEDF1F}) (Version: 10.5.0.22 - SumTotal Systems, Inc.)
TQ Analyst EZ Edition (HKLM-x32\...\{3922B720-41A4-4979-A71B-7F1E6C841E55}) (Version: 9.4.45 - Thermo Fisher Scientific)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
War Thunder Launcher 1.0.3.151 (HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-21] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
Todoist: To-Do List and Task Manager -> C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta [2019-06-10] (Payist Payments Inc)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.3.3794.0_x64__cv1g1gvanyjgm [2019-07-10] (WhatsApp Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2634732689-2565811089-3999373169-1001_Classes\CLSID\{298785b7-fb74-42a7-9ae9-96b64de69f8d} -> [ownCloud] => C:\!Škola\OwnCloud [2019-05-02 20:23]
CustomCLSID: HKU\S-1-5-21-2634732689-2565811089-3999373169-1001_Classes\CLSID\{3e27fc33-02f6-456b-9d8a-37d4a6c8ca22} -> [2. semestr] => C:\!Škola\VŠ\2. semestr [2019-03-02 10:48]
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\ownCloud\shellext_x64\OCContextMenu.dll [2019-03-18] (ownCloud GmbH) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-02-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-02-17 13:58 - 2019-02-17 13:58 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-02-17 13:58 - 2019-02-17 13:58 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-02-17 13:59 - 2019-02-17 13:59 - 000630272 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-02-17 13:58 - 2019-02-17 13:58 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-02-17 13:58 - 2019-02-17 13:58 - 000364544 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2019-02-21 16:41 - 2019-05-25 09:55 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2018-09-25 18:17 - 2018-09-25 18:17 - 000604672 _____ () [File not signed] C:\Program Files (x86)\ownCloud\libsqlite.dll
2019-03-18 02:21 - 2019-03-18 02:21 - 001139712 _____ () [File not signed] C:\Program Files (x86)\ownCloud\owncloud_csync.dll
2019-03-18 02:21 - 2019-03-18 02:21 - 001275904 _____ () [File not signed] C:\Program Files (x86)\ownCloud\owncloudsync.dll
2019-02-05 10:42 - 2019-02-05 10:42 - 000079872 _____ () [File not signed] C:\Program Files (x86)\ownCloud\qt5keychain.dll
2018-09-25 13:03 - 2018-09-25 13:03 - 000101376 _____ () [File not signed] C:\Program Files (x86)\ownCloud\zlib.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-12-20 18:52 - 2018-12-20 18:52 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2019-05-23 06:07 - 2019-05-23 06:07 - 000914944 _____ () [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta\e_sqlite3.dll
2019-06-10 20:43 - 2019-06-10 20:43 - 070955520 _____ () [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta\Todoist.Universal.dll
2019-06-10 20:43 - 2019-06-10 20:43 - 000024576 _____ () [File not signed] C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta\Todoist.Universal.exe
2019-02-20 16:18 - 2019-02-20 16:18 - 000043008 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
2019-02-20 16:18 - 2019-02-20 16:18 - 000572928 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
2019-02-20 16:18 - 2019-02-20 16:18 - 000159232 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
2019-03-18 02:26 - 2019-03-18 02:26 - 001807360 _____ (ownCloud GmbH) [File not signed] C:\Program Files (x86)\ownCloud\shellext_x64\OCOverlays.dll
2019-03-18 02:22 - 2019-03-18 02:22 - 003136000 _____ (ownCloud) [File not signed] C:\Program Files (x86)\ownCloud\owncloud.exe
2019-02-21 16:41 - 2019-02-21 16:41 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2019-02-21 16:41 - 2019-02-21 16:41 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2018-09-25 15:53 - 2018-09-25 15:53 - 026215936 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ownCloud\icudt58.dll
2018-09-25 15:52 - 2018-09-25 15:52 - 001861120 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ownCloud\icuin58.dll
2018-09-25 15:51 - 2018-09-25 15:51 - 001278464 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\ownCloud\icuuc58.dll
2019-02-21 16:41 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-07-02 16:29 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2018-11-15 16:07 - 2018-11-15 16:07 - 002505216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ownCloud\libcrypto-1_1.dll
2018-11-15 16:07 - 2018-11-15 16:07 - 000529920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ownCloud\libssl-1_1.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2019-02-21 16:41 - 2019-05-25 09:55 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
2019-05-05 14:55 - 2019-05-25 09:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 054064128 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-05-05 14:55 - 2019-05-25 09:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-10-10 13:26 - 2018-10-10 13:26 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\imageformats\qgif.dll
2018-10-10 13:25 - 2018-10-10 13:25 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\imageformats\qico.dll
2018-10-10 13:26 - 2018-10-10 13:26 - 000298496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\imageformats\qjpeg.dll
2018-09-25 16:03 - 2018-09-25 16:03 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\imageformats\qsvg.dll
2018-10-10 13:26 - 2018-10-10 13:26 - 001172992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\platforms\qwindows.dll
2018-12-05 15:40 - 2018-12-05 15:40 - 004437504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Core.dll
2018-10-10 13:22 - 2018-10-10 13:22 - 005295104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Gui.dll
2018-09-25 16:21 - 2018-09-25 16:21 - 000640000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Multimedia.dll
2018-09-25 16:21 - 2018-09-25 16:21 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5MultimediaWidgets.dll
2018-10-10 13:21 - 2018-10-10 13:21 - 001060352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Network.dll
2018-10-10 13:25 - 2018-10-10 13:25 - 000271360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5OpenGL.dll
2018-10-10 13:25 - 2018-10-10 13:25 - 000278528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5PrintSupport.dll
2018-09-25 16:05 - 2018-09-25 16:05 - 003054592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Qml.dll
2018-09-25 16:06 - 2018-09-25 16:06 - 003182080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Quick.dll
2018-09-25 16:26 - 2018-09-25 16:26 - 000167424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Sensors.dll
2018-10-10 13:19 - 2018-10-10 13:19 - 000163840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Sql.dll
2018-09-25 16:03 - 2018-09-25 16:03 - 000269824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Svg.dll
2018-09-25 16:59 - 2018-09-25 16:59 - 000092160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5WebChannel.dll
2018-09-25 18:37 - 2018-09-25 18:37 - 017848832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5WebKit.dll
2018-09-25 18:37 - 2018-09-25 18:37 - 000193536 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5WebKitWidgets.dll
2018-10-10 13:24 - 2018-10-10 13:24 - 004609024 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Widgets.dll
2018-10-10 13:19 - 2018-10-10 13:19 - 000150528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\Qt5Xml.dll
2018-10-10 13:26 - 2018-10-10 13:26 - 000122368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\ownCloud\styles\qwindowsvistastyle.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-02-20 16:29 - 2019-02-20 16:29 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-12-20 18:51 - 2018-12-20 18:51 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-12-20 18:51 - 2018-12-20 18:51 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-12-20 18:51 - 2018-12-20 18:51 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-12-20 18:51 - 2018-12-20 18:51 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-12-20 18:52 - 2018-12-20 18:52 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\Control Panel\Desktop\\Wallpaper -> C:\!Word, pdf\plocha.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "IrisMini"
HKU\S-1-5-21-2634732689-2565811089-3999373169-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7B66B083-C450-4BF3-8B60-5D69365B3D6F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CFFD1992-54CE-49C7-BC32-ABAEFEA3D0DD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{54244B1E-0398-4B33-94F1-C001A91DDACA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{60F63CFB-D092-4569-BF83-59B69DCE5D99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{38383262-3501-40A7-9EEC-A15999751C96}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9C70D992-4817-423E-AD1D-26C215086418}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15A19ED7-67CB-4081-A740-3161F00E2EEA}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8ED17C5B-5EEE-4808-823E-38996F1C09BE}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{A5A10403-0788-4076-AAE5-4AF7F30D34A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{EA2A7198-888B-4E87-9B3E-6AA3F219CD41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D7BB6D51-33BA-4F36-B2F5-98DF351746EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{7D746452-0CFA-4332-96B5-BF41A2DD67B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [TCP Query User{93074BBC-4E97-4A79-B2FF-248B6F6835C6}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{3530D0A9-B109-473E-9096-8965471A552C}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{85B554C9-B0BD-4891-9E5B-7ADC943838C1}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{B2A8F762-27C4-42ED-897F-2FB3D891D9C8}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D93EEF5C-F5D3-4163-8B6E-7DC8BABD66B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{B72F2A83-FFE9-4D7A-95E1-53E91F1E0B0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{49649BB4-3A3D-478B-9D5F-434B8B545B75}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{66997452-2C94-49E2-9022-EDC2A9E56D75}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{2837F6D2-1752-46E5-8F7F-1E64CED8B1C4}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{CBBB7B17-665D-46EB-9003-F813581985EA}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{6F4BBCC7-0556-407B-A587-0FA84B732F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{FB24D808-4C1B-46C7-9B68-FF2C36463F11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{53930F45-16CF-43B7-8A62-00CACCD92BDF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{40C9998F-4467-49AC-8181-AD0E9F7C0FA2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{40BAECDC-E42F-4502-81E6-3E9B80B1533C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E380321E-CD8F-4913-8667-AB34C63D9D2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1687B516-DC48-4BD5-A51D-AC38AB605ACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{502BD8F4-04A8-4153-B2E1-4D65270009EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{4A8E0D72-E51D-477F-9DFB-3E0E04EAE862}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{B7ADBD63-86C1-4AD5-90DD-DB368AEEFA55}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{9DACA984-EAE8-49BE-AD1B-4A13588079E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{604CD295-E950-4CF5-91DB-D2DD1BF4497C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5F376305-A626-4DB6-97E9-A95E207A8109}C:\program files\maple 2018\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2018\jre\bin\javaw.exe
FirewallRules: [UDP Query User{B8975DDF-5E01-41FC-AB24-EFC3E740645D}C:\program files\maple 2018\jre\bin\javaw.exe] => (Allow) C:\program files\maple 2018\jre\bin\javaw.exe
FirewallRules: [{C099720D-5DD4-464E-B59C-3482BE30E2DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{9DCE3AC5-B056-4A29-A001-093FFC3A39CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{18D34A3F-6602-43D0-8014-079FD85BB3AB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFF8E1AB-FDE3-4E9B-B360-E91D92FDAC63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{AB4AD540-24B7-4105-A283-3A534B2395F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{14786AFF-93B3-4893-85AB-5BD0D8B186C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{85C7582E-F6ED-4E7B-A5CB-8B1276F74E6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{E3160648-45BC-4018-9A47-9C51282293B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{219CF4C8-78E9-4D05-B8FF-5D8C4E7B74A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{F65680B5-D1D9-4D45-8316-8E9CB6FA17F0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{81055466-AFA8-42ED-AC74-47B7925F01A7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{0D30D593-F2D3-47D2-9F0B-8EDF001210AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{A343415C-E424-429A-930D-3431D383B433}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{040DF323-D4C0-4A9E-8393-687096F54E31}C:\!torrent\utorrent.exe] => (Allow) C:\!torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{84CA247B-0405-4C56-BB44-6A55AF31D493}C:\!torrent\utorrent.exe] => (Allow) C:\!torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C14D30CE-D4B3-4025-BAFF-145DBA05011E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AF1B47E7-D00B-43D7-8139-5A17D59B973B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{0C2076D4-724D-4AD4-B887-BC74902580E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{354C9415-9F32-448D-9C4E-90F0A1B43C9C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{D2911759-B659-4755-9293-A0F502ADFEDC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4DEBE9E9-533F-4CE8-8958-456C57F129A3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{C2235EC3-F87B-4B75-8582-8DC1896948B4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{DEE6850D-387D-416F-8C2F-BC38349DBF7F}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C81BD6E5-FBC3-4404-97D5-2EA6F01D5839}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{90C506DB-FAC5-4D56-B270-18BD9B41A786}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{58FAF345-2F9C-4A79-A8AA-090006A2D991}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)

==================== Restore Points =========================

09-07-2019 07:26:27 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2019 12:37:56 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/10/2019 12:35:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Todoist.Universal.exe verze 1.1.9.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1e3c

Čas spuštění: 01d5370b0b0f93ef

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta\Todoist.Universal.exe

ID hlášení: 7d7a6d4c-a403-446f-878a-0f500d2e6a26

Úplný název balíčku s chybou: 88449BC3.TodoistTo-DoListTaskManager_2.1.5530.0_x86__71ef4824z52ta

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Cross-thread

Error: (07/10/2019 12:32:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 4076, identifikátor PID ProfSvc: 1596.

Error: (07/09/2019 06:16:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Video.UI.exe verze 10.19031.1141.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 4b8

Čas spuštění: 01d5367199a2df4a

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe

ID hlášení: b05ad3b0-a460-4c6a-9ee6-706039ce676a

Úplný název balíčku s chybou: Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: Microsoft.ZuneVideo

Typ zablokování: Quiesce

Error: (07/09/2019 05:20:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x19c8
Čas spuštění chybující aplikace: 0x01d5365e4ffda57d
Cesta k chybující aplikaci: C:\!Torrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 315b950d-9c80-4a85-8e81-16fa08b54d1a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/03/2019 03:17:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (07/03/2019 03:15:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (07/03/2019 02:41:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (07/10/2019 04:46:02 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-11NN74O)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-11NN74O\Jan Jonáš (SID: S-1-5-21-2634732689-2565811089-3999373169-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/10/2019 12:45:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/10/2019 12:45:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/10/2019 12:45:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/10/2019 12:44:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-11NN74O)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-11NN74O\Jan Jonáš (SID: S-1-5-21-2634732689-2565811089-3999373169-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/10/2019 12:41:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/10/2019 12:41:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/10/2019 12:41:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD User Experience Program Launcher byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-07-10 21:01:47.147
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EA3AD6F3-18B0-487F-A0BA-D8E2BF54ED06}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-09 17:35:42.577
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bluteal!rfn
ID: 2147724737
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Jan Jonáš\Downloads\3DMGAME-Total.War.THREE.KINGDOMS-3DM\Total War THREE KINGDOMS\????.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-11NN74O\Jan Jonáš
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.297.672.0, AS: 1.297.672.0, NIS: 1.297.672.0
Verze modulu: AM: 1.1.16100.4, NIS: 1.1.16100.4

Date: 2019-07-08 22:09:09.973
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C937EAF6-F108-48C3-8524-7767C88B4768}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-29 08:54:44.813
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1AB102D4-6FED-4407-B718-2F531E7DB829}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-29 07:36:47.075
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6A558F2D-5112-49A4-922C-B86CBE90DF8B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-28 19:03:22.289
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.1494.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16000.6
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F1 05/06/2011
Motherboard: Gigabyte Technology Co., Ltd. P67-DS3-B3
Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 64%
Total physical RAM: 8175.18 MB
Available physical RAM: 2933.48 MB
Total Virtual: 13935.94 MB
Available Virtual: 6090.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:506.85 GB) NTFS

\\?\Volume{2a7800ca-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2A7800CA)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prevence, zpomalený pc

#6 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

FirewallRules: [{54244B1E-0398-4B33-94F1-C001A91DDACA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{60F63CFB-D092-4569-BF83-59B69DCE5D99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
Task: {57B2D781-1CBD-4349-BA63-F4E0E20991BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {99B1715C-59DF-4EE2-808C-684CEA55CDF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)

EmptyTemp:


Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

GuerrCZ
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 25 srp 2014 17:10

Re: Prevence, zpomalený pc

#7 Příspěvek od GuerrCZ »

Fix result of Farbar Recovery Scan Tool (x64) Version: 10-07-2019
Ran by Jan Jonáš (13-07-2019 07:55:54) Run:1
Running from C:\Users\Jan Jonáš\Desktop
Loaded Profiles: Jan Jonáš (Available Profiles: Jan Jonáš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
FirewallRules: [{54244B1E-0398-4B33-94F1-C001A91DDACA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{60F63CFB-D092-4569-BF83-59B69DCE5D99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-07-10 08:24 - 2019-07-10 08:24 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
Task: {57B2D781-1CBD-4349-BA63-F4E0E20991BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)
Task: {99B1715C-59DF-4EE2-808C-684CEA55CDF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc -> Google Inc.)

EmptyTemp:
*****************

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{54244B1E-0398-4B33-94F1-C001A91DDACA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60F63CFB-D092-4569-BF83-59B69DCE5D99}" => removed successfully
C:\Windows\system32\DrtmAuth8.bin => moved successfully
C:\Windows\system32\DrtmAuth7.bin => moved successfully
C:\Windows\system32\DrtmAuth6.bin => moved successfully
C:\Windows\system32\DrtmAuth5.bin => moved successfully
C:\Windows\system32\DrtmAuth4.bin => moved successfully
C:\Windows\system32\DrtmAuth3.bin => moved successfully
C:\Windows\system32\DrtmAuth2.bin => moved successfully
C:\Windows\system32\DrtmAuth1.bin => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57B2D781-1CBD-4349-BA63-F4E0E20991BF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57B2D781-1CBD-4349-BA63-F4E0E20991BF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{99B1715C-59DF-4EE2-808C-684CEA55CDF8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99B1715C-59DF-4EE2-808C-684CEA55CDF8}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 172447065 B
Java, Flash, Steam htmlcache => 357487030 B
Windows/system/drivers => 2661307 B
Edge => 1143421 B
Chrome => 432255495 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 282144 B
NetworkService => 0 B
Jan Jonáš => 149597235 B

RecycleBin => 5021169 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 07:57:23 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prevence, zpomalený pc

#8 Příspěvek od Diallix »

Ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

GuerrCZ
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 25 srp 2014 17:10

Re: Prevence, zpomalený pc

#9 Příspěvek od GuerrCZ »

Nic neobvyklého.
Děkuji moc :)

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prevence, zpomalený pc

#10 Příspěvek od Diallix »

Dobre, nemate zac :]]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět