Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

preventivní kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Im_Ghost
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 bře 2020 19:34

preventivní kontrola

#1 Příspěvek od Im_Ghost »

Dobrý den prosim o preventivní kontrolu


Logfile of random's system information tool 1.10 (written by random/random)
Run by vojta at 2020-03-30 20:40:06
Microsoft Windows 10 Home
System drive C: has 71 GB (31%) free of 228 GB
Total RAM: 16326 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:40:20, on 30.03.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\vojta\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\wtfast\wtfast.exe
C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Program Files (x86)\Common Files\Overwolf\0.143.0.24\OverwolfHelper.exe
C:\Users\vojta\AppData\Local\GameCenter\GameCenter.exe
C:\Users\vojta\AppData\Local\GameCenter\GameCenter.exe
C:\Users\vojta\AppData\Local\GameCenter\GameCenter.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
D:\Riot Games\Riot Client\RiotClientServices.exe
D:\Riot Games\Riot Client\RiotClientCrashHandler.exe
D:\League of Legends\LeagueClient.exe
D:\League of Legends\LeagueCrashHandler.exe
D:\League of Legends\LeagueClientUx.exe
D:\League of Legends\LeagueClientUxRender.exe
D:\League of Legends\LeagueClientUxRender.exe
C:\Program Files\trend micro\vojta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=37180
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [Opera Browser Assistant] C:\Users\vojta\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Spotify] C:\Users\vojta\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [World of Tanks] "D:\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [MyDriveConnect.exe] D:\TomTom\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [EpicGamesLauncher] "D:\Epicgames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [GameCenter] "C:\Users\vojta\AppData\Local\GameCenter\GameCenter.exe" -autostart
O4 - HKCU\..\Run: [Discord] C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
O4 - HKCU\..\Run: [Gaijin.Net Updater] "C:\Users\vojta\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\vojta\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\vojta\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [wtfast Tray] "C:\Program Files (x86)\wtfast\wtfast.exe" trayonly
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\81.0.4044.61\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\81.0.4044.61\remoting_host.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_bbd75c9 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Heroes & Generals Steam Service (HnGSteamService) - Reto-Moto ApS - D:\Steam\steamapps\common\Heroes & Generals\hngservice.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Survarium Update Service - Unknown owner - D:\Survivarium\Survarium\game\binaries\x86\survarium_service.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12656 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-67c890f4-d7d5-408f-a1e8-14f7661a0d30 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-982bd503-42ac-4354-a5e2-fdb91b376075 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-86cf4401-8cd6-4b98-8649-ff9cf2b06e51 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4d26d5e8-6333-49e2-b974-a8caea4b5f4a -LifetimeId:1544a243-c6b3-4f11-909c-8ba1ddc61714 -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c1b93445-4741-4a19-a883-7d19ee23949f -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-cf42d366-25ac-4ec8-947e-9d06b5ad597f -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1a2cb5c2-7269-487c-9892-73d4d5f0b36d -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9ddb4fb1-4201-4c18-a639-f9d4c7439f08 -LifetimeId:80252f26-1a08-4a19-a013-de186e31472f -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\System32\svchost.exe -k netsvcs -p

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"fontdrvhost.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
"C:\Users\vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=2000,8819467918690832271,6208588671526095109,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\vojta\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\vojta\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=176858457724231014 --mojo-platform-channel-handle=2052 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\vojta\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=2000,8819467918690832271,6208588671526095109,131072 --disable-features=VizDisplayCompositor --service-pipe-token=7162451858422435832 --lang=en-US --log-file="C:\Users\vojta\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=7162451858422435832 --renderer-client-id=3 --mojo-platform-channel-handle=2636 /prefetch:1
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe"
"C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=gpu-process --field-trial-handle=1772,8089358446689090500,12948656040365190257,131072 --disable-features=SpareRendererForSitePerProcess --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=9146653605920441995 --mojo-platform-channel-handle=1820 --ignored=" --type=renderer " /prefetch:2
"C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=utility --field-trial-handle=1772,8089358446689090500,12948656040365190257,131072 --disable-features=SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=network --service-request-channel-token=15323030237814204059 --mojo-platform-channel-handle=2184 /prefetch:8
szndesktop.exe default start
"C:\Users\vojta\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\wtfast\wtfast.exe" trayonly
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe --no-rate-limit --no-upload-gzip --type=crash-handler "--crashes-directory=C:\Users\vojta\AppData\Local\Temp\Discord Crashes" "--database=C:\Users\vojta\AppData\Local\Temp\Discord Crashes" "--metrics-dir=C:\Users\vojta\AppData\Local\Temp\Discord Crashes" --url=https://sentry.io/api/146342/minidump/? ... be03b2b35a --initial-client-data=0x950,0x9cc,0x9b8,0x9bc,0x9c8,0x546d090,0x546d0a0,0x546d0ac
"C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1772,8089358446689090500,12948656040365190257,131072 --disable-features=SpareRendererForSitePerProcess --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\vojta\AppData\Local\Discord\app-0.0.306\resources\app.asar" --no-sandbox --no-zygote --native-window-open --preload="C:\Users\vojta\AppData\Roaming\discord\0.0.306\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#202225 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5139138778511502166 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2504 /prefetch:1
"C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe" -overwolfsilent -silent
taskhostw.exe
"C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe" --type=utility --field-trial-handle=1772,8089358446689090500,12948656040365190257,131072 --disable-features=SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=audio --service-request-channel-token=16917359643229420870 --mojo-platform-channel-handle=2936 /prefetch:8
"C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe" --type=crashpad-handler --no-rate-limit --max-db-size=10 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\vojta\AppData\Local\Overwolf\User Data\Crashpad" "--metrics-dir=C:\Users\vojta\AppData\Local\Overwolf\User Data" --url=http://localhost:54288/ --annotation=platform=win64 --annotation=product=Overwolf --annotation=version=0.143.0.24 --initial-client-data=0x1118,0x111c,0x1120,0x1114,0x1124,0x7ff87f0a6fb8,0x7ff87f0a6fc8,0x7ff87f0a6fd8
"C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe" --type=gpu-process --field-trial-handle=4880,1009286560025668077,16928911474050040743,131072 --disable-features=PictureInPicture,SpareRendererForSitePerProcess,UseModernMediaControls --no-sandbox --locales-dir-path="C:\Program Files (x86)\Overwolf\0.143.0.24\Locales" --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --log-severity=error --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36 OverwolfClient/0.143.0.24" --lang=cs-CZ --ignore-certificate-errors --ow-process-id=9220 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --service-request-channel-token=5715780571837275699 --mojo-platform-channel-handle=4952 /prefetch:2
"C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe" --type=utility --field-trial-handle=4880,1009286560025668077,16928911474050040743,131072 --disable-features=PictureInPicture,SpareRendererForSitePerProcess,UseModernMediaControls --lang=en-US --service-sandbox-type=network --no-sandbox --locales-dir-path="C:\Program Files (x86)\Overwolf\0.143.0.24\Locales" --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --log-severity=error --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36 OverwolfClient/0.143.0.24" --lang=cs-CZ --ignore-certificate-errors --ow-process-id=9220 --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --service-request-channel-token=8532086258402457371 --mojo-platform-channel-handle=5308 /prefetch:8
"C:\Program Files (x86)\Common Files\Overwolf\0.143.0.24\OverwolfHelper.exe" "path=C:\Program Files (x86)\Overwolf\0.143.0.24\win32\OWExplorerLauncher.dll pid=9220"
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Common Files\Overwolf\0.143.0.24\OverwolfHelper64.exe" "path=C:\Program Files (x86)\Overwolf\0.143.0.24\OWExplorerLauncher.dll pid=9220"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer/YourPhoneServer.exe" -Embedding
C:\Windows\System32\SecurityHealthHost.exe {08728914-3F57-4D52-9E31-49DAECA5A80A} -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1096.0.797536608\2052112758" -parentBuildID 20200309095159 -prefsHandle 1616 -prefMapHandle 1480 -prefsLen 1 -prefMapSize 226895 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1096 "\\.\pipe\gecko-crash-server-pipe.1096" 1712 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1096.3.1666927825\1740069677" -childID 1 -isForBrowser -prefsHandle 2520 -prefMapHandle 2516 -prefsLen 177 -prefMapSize 226895 -parentBuildID 20200309095159 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1096 "\\.\pipe\gecko-crash-server-pipe.1096" 2532 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1096.13.1757236003\1136088511" -childID 2 -isForBrowser -prefsHandle 3820 -prefMapHandle 3816 -prefsLen 6479 -prefMapSize 226895 -parentBuildID 20200309095159 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1096 "\\.\pipe\gecko-crash-server-pipe.1096" 3828 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1096.27.2058452893\1522810472" -childID 4 -isForBrowser -prefsHandle 4248 -prefMapHandle 4200 -prefsLen 7466 -prefMapSize 226895 -parentBuildID 20200309095159 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1096 "\\.\pipe\gecko-crash-server-pipe.1096" 2296 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1096.41.1849867660\1944374203" -parentBuildID 20200309095159 -prefsHandle 8752 -prefMapHandle 8676 -prefsLen 7558 -prefMapSize 226895 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1096 "\\.\pipe\gecko-crash-server-pipe.1096" 8620 rdd
C:\WINDOWS\system32\AUDIODG.EXE 0x718
"C:\Users\vojta\AppData\Local\GameCenter\GameCenter.exe" -lowermode -restarted
"C:\Users\vojta\AppData\Local\GameCenter\GameCenter.exe" --type=gpu-process --field-trial-handle=1896,15254726408436202430,3271994229239542877,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --no-sandbox --locales-dir-path="C:\Users\vojta\AppData\Local\GameCenter\Chrome\80.3987.2146" --log-file="C:\Users\vojta\AppData\Local\GameCenter\Chrome.log" --log-severity=error --product-version="Chrome/80.0.3987.132 Downloader/15620 MyComGameCenter/1562" --resources-dir-path="C:\Users\vojta\AppData\Local\GameCenter\Chrome\80.3987.2146" --lang=ru --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file="C:\Users\vojta\AppData\Local\GameCenter\Chrome.log" --mojo-platform-channel-handle=1100 /prefetch:2
"C:\Users\vojta\AppData\Local\GameCenter\GameCenter.exe" --type=utility --field-trial-handle=1896,15254726408436202430,3271994229239542877,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --lang=ru --service-sandbox-type=network --no-sandbox --locales-dir-path="C:\Users\vojta\AppData\Local\GameCenter\Chrome\80.3987.2146" --log-file="C:\Users\vojta\AppData\Local\GameCenter\Chrome.log" --log-severity=error --product-version="Chrome/80.0.3987.132 Downloader/15620 MyComGameCenter/1562" --resources-dir-path="C:\Users\vojta\AppData\Local\GameCenter\Chrome\80.3987.2146" --lang=ru --log-file="C:\Users\vojta\AppData\Local\GameCenter\Chrome.log" --mojo-platform-channel-handle=2296 /prefetch:8
"C:\Program Files (x86)\Origin\Origin.exe"
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --no-sandbox --disable-webrtc-hw-encoding --disable-databases --primordial-pipe-token=ABF6E656E04B8FDC1C2CBC20E802597C --lang=en-US --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --mojo-channel-token=FB730C64AF78A355336F189DA3227437 --mojo-application-channel-token=ABF6E656E04B8FDC1C2CBC20E802597C --channel="1272.3.982090789\770472472" --mojo-platform-channel-handle=4652 /prefetch:1
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --no-sandbox --disable-webrtc-hw-encoding --primordial-pipe-token=38D590900250CF3B44C3620199B967BA --lang=en-US --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --mojo-channel-token=CCEC92318A1CA30D865C908315E297CC --mojo-application-channel-token=38D590900250CF3B44C3620199B967BA --channel="1272.7.280389878\1749888227" --mojo-platform-channel-handle=4812 /prefetch:1
"C:\Program Files (x86)\Origin\OriginClientService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
"D:/Riot Games/Riot Client/RiotClientServices.exe" --rso-auth.platform=EUN1 --region=EUNE --locale=cs_CZ --priority-launch-pid=4092 "--priority-launch-path=D:\League of Legends\LeagueClient.exe" "--upgrade-install-path=D:\League of Legends" --upgrade-product=league_of_legends --upgrade-patchline=live --session-id=1f0f27df-e03f-8643-9e99-93457056154f --restart-timestamp=170573324755
"D:/Riot Games/Riot Client/RiotClientCrashHandler.exe" "--database=C:/Users/vojta/AppData/Local/Riot Games/Riot Client/Crashes/Riot Client" "--metrics-dir=C:/Users/vojta/AppData/Local/Riot Games/Riot Client/Crashes/Riot Client" --url=https://sentry.io/api/1339107/minidump/ ... 7a83f99e1a "--annotation=2020-03-30T19-08-46_3104_Riot Client.0.log=C:/Users/vojta/AppData/Local/Riot Games/Riot Client/Logs/Riot Client Logs/2020-03-30T19-08-46_3104_Riot Client.0.log" "--annotation=2020-03-30T19-08-46_3104_Riot Client.log=C:/Users/vojta/AppData/Local/Riot Games/Riot Client/Logs/Riot Client Logs/2020-03-30T19-08-46_3104_Riot Client.log" --initial-client-data=0x3f0,0x3f4,0x3f8,0x3cc,0x3fc,0x646c751c,0x646c752c,0x646c753c
"D:/League of Legends/LeagueClient.exe" --riotclient-auth-token=0oAywO3k5usmgFZwobDUpQ --riotclient-app-port=57906 --no-rads --disable-self-update --region=EUNE --locale=cs_CZ
"D:\League of Legends\LeagueCrashHandler.exe" "--database=C:/Users/vojta/AppData/Local/Riot Games/League of Legends/LeagueClient/Crashes" "--metrics-dir=C:/Users/vojta/AppData/Local/Riot Games/League of Legends/LeagueClient/Crashes" --url=https://sentry.io/api/1442968/minidump/ ... 1c04fda544 --initial-client-data=0x2ac,0x2c0,0x2c4,0x164,0x2c8,0x1da8718,0x1da8728,0x1da8738
"D:/League of Legends/LeagueClientUx.exe" "--riotclient-auth-token=0oAywO3k5usmgFZwobDUpQ" "--riotclient-app-port=57906" "--no-rads" "--disable-self-update" "--region=EUNE" "--locale=cs_CZ" "--remoting-auth-token=FnCYk9W9kZnLTFghUBycsQ" "--respawn-command=LeagueClient.exe" "--respawn-display-name=League of Legends" "--app-port=57918" "--install-directory=D:\League of Legends" "--app-name=LeagueClient" "--ux-name=LeagueClientUx" "--ux-helper-name=LeagueClientUxHelper" "--log-dir=LeagueClient Logs" "--crash-reporting=crashpad" "--crash-environment=EUN1" "--crash-pipe=\\.\pipe\crashpad_16428_TZWCMTUCDDPUTKUE" "--app-log-file-path=D:/League of Legends/Logs/LeagueClient Logs/2020-03-30T19-08-51_16428_LeagueClient.log" "--app-pid=16428" "--output-base-dir=D:\League of Legends" "--no-proxy-server"
LeagueClientUxRender.exe --type=gpu-process --field-trial-handle=1488,1615590445041760081,7529047332287416913,131072 --disable-features=HardwareMediaKeyHandling,NetworkService --no-sandbox --log-file="D:\League of Legends\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAABAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="D:\League of Legends\debug.log" --service-request-channel-token=536261504521757741 --mojo-platform-channel-handle=1660 /prefetch:2 --app-name=LeagueClient --ux-name=LeagueClientUx --ux-helper-name=LeagueClientUxHelper --log-dir="LeagueClient Logs" --app-port=57918 --output-base-dir="D:\League of Legends" --crash-reporting=crashpad --crash-environment=EUN1 --crash-pipe="\\.\pipe\crashpad_16428_TZWCMTUCDDPUTKUE" --app-log-file-path="D:/League of Legends/Logs/LeagueClient Logs/2020-03-30T19-08-51_16428_LeagueClient.log" --primary-ux-log-file-path="D:/League of Legends/Logs/LeagueClient Logs/2020-03-30T19-08-54_15020_LeagueClientUx.log"
LeagueClientUxRender.exe --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --force-device-scale-factor=1 --log-file="D:\League of Legends\debug.log" --field-trial-handle=1488,1615590445041760081,7529047332287416913,131072 --disable-features=HardwareMediaKeyHandling,NetworkService --lang=en-US --log-file="D:\League of Legends\debug.log" --disable-extensions --disable-spell-checking --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=7144284892476864991 --renderer-client-id=3 --mojo-platform-channel-handle=2596 /prefetch:1 --app-name=LeagueClient --ux-name=LeagueClientUx --ux-helper-name=LeagueClientUxHelper --log-dir="LeagueClient Logs" --app-port=57918 --output-base-dir="D:\League of Legends" --crash-reporting=crashpad --crash-environment=EUN1 --crash-pipe="\\.\pipe\crashpad_16428_TZWCMTUCDDPUTKUE" --app-log-file-path="D:/League of Legends/Logs/LeagueClient Logs/2020-03-30T19-08-51_16428_LeagueClient.log" --primary-ux-log-file-path="D:/League of Legends/Logs/LeagueClient Logs/2020-03-30T19-08-54_15020_LeagueClientUx.log"
"C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --js-flags=--expose-gc --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --remote-debugging-port=54284 --field-trial-handle=4880,1009286560025668077,16928911474050040743,131072 --disable-features=PictureInPicture,SpareRendererForSitePerProcess,UseModernMediaControls --enable-blink-features=CSSFocusVisible --lang=en-US --locales-dir-path="C:\Program Files (x86)\Overwolf\0.143.0.24\Locales" --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --log-severity=error --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36 OverwolfClient/0.143.0.24" --disable-pdf-extension --ppapi-flash-path="C:\Program Files (x86)\Overwolf\0.143.0.24\PepperFlash\pepflashplayer64.dll" --ppapi-flash-version=32.0.0.303 --uncaught-exception-stack-size=20 --owapp="Launcher Events Provider - app.html" --owtk=6732.1330075763604723409 --uid=ecbhmmfmjonpojpbedhhhbjanafifbbcjofikdim --ow-allow-internal --ow-permissions=272400 --ignore-certificate-errors --enable-owc --ow-process-id=9220 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=13881322205358968612 --renderer-client-id=13 --mojo-platform-channel-handle=8108 /prefetch:1
"C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --js-flags=--expose-gc --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --remote-debugging-port=54284 --field-trial-handle=4880,1009286560025668077,16928911474050040743,131072 --disable-features=PictureInPicture,SpareRendererForSitePerProcess,UseModernMediaControls --enable-blink-features=CSSFocusVisible --lang=en-US --locales-dir-path="C:\Program Files (x86)\Overwolf\0.143.0.24\Locales" --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --log-severity=error --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36 OverwolfClient/0.143.0.24" --disable-pdf-extension --ppapi-flash-path="C:\Program Files (x86)\Overwolf\0.143.0.24\PepperFlash\pepflashplayer64.dll" --ppapi-flash-version=32.0.0.303 --uncaught-exception-stack-size=20 --owapp="Porofessor.gg - background" --uid=pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh --ow-permissions=797680 --ignore-certificate-errors --enable-owc --ow-process-id=9220 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=3588735702447636986 --renderer-client-id=14 --mojo-platform-channel-handle=6324 /prefetch:1
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
"C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --js-flags=--expose-gc --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --remote-debugging-port=54284 --field-trial-handle=4880,1009286560025668077,16928911474050040743,131072 --disable-features=PictureInPicture,SpareRendererForSitePerProcess,UseModernMediaControls --enable-blink-features=CSSFocusVisible --lang=en-US --locales-dir-path="C:\Program Files (x86)\Overwolf\0.143.0.24\Locales" --log-file="C:\Users\vojta\AppData\Local\Overwolf\Log\OverwolfCEF_9220.log" --log-severity=error --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36 OverwolfClient/0.143.0.24" --disable-pdf-extension --ppapi-flash-path="C:\Program Files (x86)\Overwolf\0.143.0.24\PepperFlash\pepflashplayer64.dll" --ppapi-flash-version=32.0.0.303 --uncaught-exception-stack-size=20 --ignore-certificate-errors --enable-owc --ow-process-id=9220 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=13951413601903489476 --renderer-client-id=44 --mojo-platform-channel-handle=7184 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1096.59.184636724\1401908222" -childID 8 -isForBrowser -prefsHandle 9468 -prefMapHandle 10096 -prefsLen 9821 -prefMapSize 226895 -parentBuildID 20200309095159 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1096 "\\.\pipe\gecko-crash-server-pipe.1096" 10088 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1096.73.1591302414\2142192435" -childID 10 -isForBrowser -prefsHandle 6448 -prefMapHandle 9580 -prefsLen 9821 -prefMapSize 226895 -parentBuildID 20200309095159 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1096 "\\.\pipe\gecko-crash-server-pipe.1096" 10064 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1096.80.1297076900\1696214692" -childID 11 -isForBrowser -prefsHandle 6924 -prefMapHandle 9796 -prefsLen 9821 -prefMapSize 226895 -parentBuildID 20200309095159 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1096 "\\.\pipe\gecko-crash-server-pipe.1096" 10128 tab
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\vojta\Desktop\RSITx64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe147_ Global\UsGthrCtrlFltPipeMssGthrPipe147 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 784 788 796 8192 792
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

=========Mozilla firefox=========

ProfilePath - C:\Users\vojta\AppData\Roaming\Mozilla\Firefox\Profiles\q8xv8cjp.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.344 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.344 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll


C:\Users\vojta\AppData\Roaming\Mozilla\Firefox\Profiles\q8xv8cjp.default\searchplugins\
yahoo-lavasoft.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-12 885696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-12 551872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-12 760768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-12 507328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-12 885696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-12 760768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-12 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-11-16 9235936]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2017-08-12 163776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-03-19 1579368]
"Steam"=D:\Steam\steam.exe [2020-03-27 3370272]
"Spotify"=C:\Users\vojta\AppData\Roaming\Spotify\Spotify.exe [2020-03-28 22825376]
"World of Tanks"=D:\World_of_Tanks\WargamingGameUpdater.exe [2018-06-25 3139936]
"MyDriveConnect.exe"=D:\TomTom\MyDrive Connect\TomTom MyDrive Connect.exe [2018-05-01 2026216]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-09-10 18630056]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-10-19 731240]
"EpicGamesLauncher"=D:\Epicgames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2019-11-30 36054928]
"GameCenter"=C:\Users\vojta\AppData\Local\GameCenter\GameCenter.exe [2020-03-30 10377312]
"Discord"=C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe [2020-02-24 90950968]
"Gaijin.Net Updater"=C:\Users\vojta\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2019-05-09 2105416]
"cz.seznam.software.autoupdate"=C:\Users\vojta\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\vojta\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"wtfast Tray"=C:\Program Files (x86)\wtfast\wtfast.exe [2019-12-04 7644184]
"Overwolf"=C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [2020-03-14 1749848]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Opera Browser Assistant"=C:\Users\vojta\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2020-03-27 3024920]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-03-30 20:40:06 ----D---- C:\rsit
2020-03-30 20:40:06 ----D---- C:\Program Files\trend micro
2020-03-30 18:23:18 ----HD---- C:\Program Files\Common Files\EAInstaller
2020-03-30 12:22:47 ----HD---- C:\OneDriveTemp
2020-03-30 00:45:43 ----D---- C:\WINDOWS\LastGood
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\OpenCL.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvdispgenco6444575.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvdispco6444575.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2020-03-30 00:44:27 ----A---- C:\WINDOWS\system32\nvcuda.dll
2020-03-13 02:09:02 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-03-13 02:09:01 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2020-03-13 02:09:01 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-03-13 02:09:01 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-03-13 02:09:01 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-03-13 02:09:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-13 02:09:00 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 02:09:00 ----A---- C:\WINDOWS\system32\sppsvc.exe
2020-03-13 02:09:00 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-03-13 02:09:00 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2020-03-13 02:09:00 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2020-03-11 00:46:41 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2020-03-11 00:46:41 ----A---- C:\WINDOWS\system32\wmp.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\MSFlacEncoder.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2020-03-11 00:46:37 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\winmde.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\mfsvr.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\mfplat.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-03-11 00:46:35 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 00:46:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-03-11 00:46:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2020-03-11 00:46:34 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2020-03-11 00:46:34 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2020-03-11 00:46:33 ----A---- C:\WINDOWS\SYSWOW64\odbc32.dll
2020-03-11 00:46:33 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2020-03-11 00:46:33 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2020-03-11 00:46:33 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2020-03-11 00:46:33 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2020-03-11 00:46:33 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-03-11 00:46:33 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-03-11 00:46:33 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-03-11 00:46:32 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-03-11 00:46:32 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2020-03-11 00:46:32 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-03-11 00:46:32 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2020-03-11 00:46:31 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2020-03-11 00:46:31 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2020-03-11 00:46:31 ----A---- C:\WINDOWS\SYSWOW64\upnphost.dll
2020-03-11 00:46:31 ----A---- C:\WINDOWS\SYSWOW64\upnpcont.exe
2020-03-11 00:46:31 ----A---- C:\WINDOWS\SYSWOW64\udhisapi.dll
2020-03-11 00:46:31 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2020-03-11 00:46:31 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2020-03-11 00:46:31 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-11 00:46:31 ----A---- C:\WINDOWS\system32\ProvSysprep.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\WorkFolders.exe
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\systemreset.exe
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\ResetEngine.exe
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\reseteng.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\rdpudd.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\rdpnano.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\rdpcore.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\odbc32.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\msimsg.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\msi.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-03-11 00:46:30 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2020-03-11 00:46:29 ----A---- C:\WINDOWS\system32\jscript9.dll
2020-03-11 00:46:29 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-11 00:46:29 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-03-11 00:46:29 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-03-11 00:46:29 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-03-11 00:46:28 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2020-03-11 00:46:28 ----A---- C:\WINDOWS\system32\werconcpl.dll
2020-03-11 00:46:28 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-11 00:46:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-03-11 00:46:28 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2020-03-11 00:46:28 ----A---- C:\WINDOWS\system32\edgehtml.dll
2020-03-11 00:46:27 ----A---- C:\WINDOWS\system32\wsecedit.dll
2020-03-11 00:46:27 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-11 00:46:27 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-11 00:46:27 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 00:46:27 ----A---- C:\WINDOWS\system32\computecore.dll
2020-03-11 00:46:27 ----A---- C:\WINDOWS\system32\ClipUp.exe
2020-03-11 00:46:26 ----A---- C:\WINDOWS\SYSWOW64\rtmpltfm.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\SYSWOW64\rtmpal.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\SYSWOW64\rtmmvrortc.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\SYSWOW64\rtmcodecs.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\SYSWOW64\ortcengine.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\system32\upnphost.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\system32\upnpcont.exe
2020-03-11 00:46:26 ----A---- C:\WINDOWS\system32\udhisapi.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-03-11 00:46:26 ----A---- C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\system32\dusmtask.exe
2020-03-11 00:46:26 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2020-03-11 00:46:26 ----A---- C:\WINDOWS\system32\dusmapi.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\XpsDocumentTargetPrint.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\windowsperformancerecordercontrol.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\scecli.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\rtm.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\omadmapi.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\msimg32.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\msauserext.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\mprdim.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\iprtprio.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\enterpriseresourcemanager.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\drivers\afunix.sys
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2020-03-11 00:46:25 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\LaunchTM.exe
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\directml.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2020-03-11 00:46:24 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\WsmWmiPl.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\WsmRes.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\wsmprovhost.exe
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\wsmplpxy.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\WsmAuto.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\WSManMigrationPlugin.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\WsmAgent.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\rdpsharercom.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\GraphicsCapture.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2020-03-11 00:46:23 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\TpmCertResources.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\tbs.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\sxstrace.exe
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\sxs.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\sppcomapi.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\profapi.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeHelper.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\dot3msm.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\dot3api.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\SYSWOW64\DeviceReactivation.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\vpnike.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\scecli.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\rtm.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\pnpclean.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\npmproxy.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\notepad.exe
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\nlasvc.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\nlaapi.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\netprofm.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\ncsi.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\mprdim.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\iprtprio.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\drivers\NdisImPlatform.sys
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\drivers\afunix.sys
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\system32\asycfilt.dll
2020-03-11 00:46:22 ----A---- C:\WINDOWS\notepad.exe
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\wininet.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\urlmon.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\msIso.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\msauserext.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\lpremove.exe
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\lpksetup.exe
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\jsproxy.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\iertutil.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\gdi32full.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\edgeIso.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\AxInstUI.exe
2020-03-11 00:46:21 ----A---- C:\WINDOWS\system32\AxInstSv.dll
2020-03-11 00:46:20 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-11 00:46:20 ----A---- C:\WINDOWS\system32\omadmclient.exe
2020-03-11 00:46:20 ----A---- C:\WINDOWS\system32\omadmapi.dll
2020-03-11 00:46:20 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-11 00:46:20 ----A---- C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-11 00:46:20 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2020-03-11 00:46:20 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2020-03-11 00:46:20 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-11 00:46:20 ----A---- C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\winlogon.exe
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\msimg32.dll
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\mf3216.dll
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2020-03-11 00:46:17 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2020-03-11 00:46:16 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2020-03-11 00:46:16 ----A---- C:\WINDOWS\system32\sechost.dll
2020-03-11 00:46:16 ----A---- C:\WINDOWS\system32\profapi.dll
2020-03-11 00:46:16 ----A---- C:\WINDOWS\system32\KernelBase.dll
2020-03-11 00:46:16 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-03-11 00:46:16 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2020-03-11 00:46:16 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-03-11 00:46:16 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\WinTypes.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\winhttp.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\wincorlib.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\wermgr.exe
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\weretw.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\wer.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\utcutil.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\twinui.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\profsvc.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\oleaut32.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-03-11 00:46:15 ----A---- C:\WINDOWS\system32\combase.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\sxstrace.exe
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\sxs.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\sppwinob.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\sppobjs.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\sppcomapi.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\slui.exe
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\rtmpltfm.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\rtmpal.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\rtmcodecs.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\ortcengine.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\msctf.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-11 00:46:14 ----A---- C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\winresume.exe
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\winload.exe
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\uReFS.dll
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\uDWM.dll
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\tier2punctuations.dll
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\SRH.dll
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\shell32.dll
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\refsutil.exe
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\OpenWith.exe
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\ole32.dll
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\LaunchTM.exe
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\dwmcore.dll
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2020-03-11 00:46:13 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\wci.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\usosvc.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\MusNotification.exe
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2020-03-11 00:46:12 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\wpnservice.dll
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\wpnprv.dll
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\wpncore.dll
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\win32u.dll
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\win32k.sys
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\user32.dll
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\profext.dll
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\daxexec.dll
2020-03-11 00:46:11 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\windows.storage.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\tquery.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\rdpsharercom.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\mssvp.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\mssrch.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\mssprxy.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\mssph.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\mssitlb.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\msscntrs.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\InstallService.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\InputService.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\FntCache.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\esent.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-11 00:46:10 ----A---- C:\WINDOWS\system32\dxgi.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\wlidprov.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\qmgr.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\directml.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\cdd.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\bisrv.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\appinfo.dll
2020-03-11 00:46:09 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\WsmRes.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\WsmAgent.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\wlrmdr.exe
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\win32spl.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\wifitask.exe
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\vdsbas.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\TetheringMgr.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\tbs.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\provtool.exe
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\provops.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\provhandlers.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\provengine.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\provdatastore.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\netman.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\mpnotify.exe
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\localspl.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\DTUHandler.exe
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\drivers\tbs.sys
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\drivers\Acx01000.sys
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\dot3svc.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\dot3msm.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\dot3api.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-11 00:46:08 ----A---- C:\WINDOWS\explorer.exe
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\wwansvc.dll
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\pciide.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\monitor.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\KNetPwrDepBroker.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\intelpep.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\intelide.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\ataport.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\atapi.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2020-03-11 00:46:07 ----A---- C:\WINDOWS\system32\autopilot.dll
2020-03-11 00:41:51 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-03-11 00:41:51 ----A---- C:\WINDOWS\system32\poqexec.exe
2020-03-10 15:39:12 ----D---- C:\Program Files\Mozilla Firefox
2020-03-03 15:42:53 ----D---- C:\Program Files (x86)\Overwolf
2020-03-03 15:42:45 ----D---- C:\ProgramData\Overwolf

======List of files/folders modified in the last 1 month======

2020-03-30 20:40:20 ----D---- C:\WINDOWS\Temp
2020-03-30 20:40:20 ----D---- C:\Users\vojta\AppData\Roaming\Origin
2020-03-30 20:40:17 ----D---- C:\WINDOWS\Prefetch
2020-03-30 20:40:06 ----RD---- C:\Program Files
2020-03-30 20:39:21 ----D---- C:\Users\vojta\AppData\Roaming\discord
2020-03-30 20:32:00 ----D---- C:\WINDOWS\system32\sru
2020-03-30 20:23:55 ----D---- C:\WINDOWS\System32
2020-03-30 20:20:50 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-03-30 20:20:46 ----D---- C:\WINDOWS\system32\SleepStudy
2020-03-30 18:23:18 ----D---- C:\Program Files\Common Files
2020-03-30 18:23:16 ----SHD---- C:\WINDOWS\Installer
2020-03-30 18:22:46 ----RSD---- C:\WINDOWS\assembly
2020-03-30 18:22:40 ----D---- C:\Windows
2020-03-30 18:22:30 ----D---- C:\WINDOWS\Logs
2020-03-30 16:42:35 ----D---- C:\WINDOWS\SysWOW64
2020-03-30 16:42:35 ----D---- C:\WINDOWS\system32\DriverStore
2020-03-30 16:42:35 ----D---- C:\WINDOWS\INF
2020-03-30 16:42:21 ----RD---- C:\WINDOWS\Microsoft.NET
2020-03-30 16:37:37 ----D---- C:\Program Files (x86)\Origin Games
2020-03-30 16:35:00 ----D---- C:\ProgramData\Origin
2020-03-30 14:52:48 ----D---- C:\Users\vojta\AppData\Roaming\Spotify
2020-03-30 12:40:44 ----D---- C:\Users\vojta\AppData\Roaming\vlc
2020-03-30 12:33:54 ----D---- C:\WINDOWS\AppReadiness
2020-03-30 12:33:38 ----D---- C:\WINDOWS\debug
2020-03-30 12:32:50 ----D---- C:\AdwCleaner
2020-03-30 12:27:51 ----D---- C:\Users\vojta\AppData\Roaming\Seznam.cz
2020-03-30 12:25:18 ----D---- C:\ProgramData\NVIDIA
2020-03-30 00:48:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-30 00:48:36 ----SHD---- C:\System Volume Information
2020-03-30 00:46:40 ----D---- C:\WINDOWS\system32\drivers
2020-03-30 00:46:23 ----D---- C:\WINDOWS\Help
2020-03-30 00:45:43 ----D---- C:\Program Files\NVIDIA Corporation
2020-03-30 00:41:26 ----D---- C:\ProgramData\NVIDIA Corporation
2020-03-30 00:41:21 ----D---- C:\WINDOWS\system32\Tasks
2020-03-30 00:41:18 ----D---- C:\WINDOWS\system32\catroot2
2020-03-30 00:41:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2020-03-28 19:46:08 ----D---- C:\Program Files (x86)\TeamViewer
2020-03-28 19:46:07 ----D---- C:\WINDOWS\system32\LogFiles
2020-03-28 19:46:03 ----D---- C:\Program Files\WinRAR
2020-03-27 09:47:41 ----HD---- C:\Program Files\WindowsApps
2020-03-25 03:56:56 ----D---- C:\WINDOWS\system32\drivers\wd
2020-03-25 00:23:33 ----D---- C:\Users\vojta\AppData\Roaming\TS3Client
2020-03-24 13:37:13 ----D---- C:\Program Files (x86)\Origin
2020-03-21 15:19:51 ----D---- C:\Users\vojta\AppData\Roaming\EasyAntiCheat
2020-03-19 04:06:00 ----A---- C:\WINDOWS\system32\nvapi64.dll
2020-03-18 09:51:20 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-03-18 06:00:07 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2020-03-18 06:00:07 ----A---- C:\WINDOWS\system32\nvcpl.dll
2020-03-18 06:00:05 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2020-03-18 06:00:05 ----A---- C:\WINDOWS\system32\nvshext.dll
2020-03-18 06:00:05 ----A---- C:\WINDOWS\system32\nvmctray.dll
2020-03-18 06:00:05 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2020-03-18 06:00:05 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2020-03-16 11:15:52 ----D---- C:\WINDOWS\system32\config
2020-03-16 02:02:57 ----D---- C:\WINDOWS\WinSxS
2020-03-14 14:54:24 ----SD---- C:\Users\vojta\AppData\Roaming\Microsoft
2020-03-13 02:33:15 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-03-13 02:33:15 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2020-03-13 02:33:15 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-03-13 02:33:15 ----D---- C:\WINDOWS\system32\en-US
2020-03-13 02:33:15 ----D---- C:\WINDOWS\system32\en-GB
2020-03-13 02:33:15 ----D---- C:\WINDOWS\system32\cs-CZ
2020-03-13 02:33:15 ----D---- C:\WINDOWS\ShellExperiences
2020-03-13 02:33:15 ----D---- C:\WINDOWS\bcastdvr
2020-03-13 02:09:38 ----D---- C:\WINDOWS\CbsTemp
2020-03-11 14:48:43 ----D---- C:\WINDOWS\system32\Macromed
2020-03-11 14:48:42 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2020-03-11 14:40:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-11 01:14:33 ----SD---- C:\WINDOWS\system32\DiagSvcs
2020-03-11 01:14:33 ----D---- C:\WINDOWS\SYSWOW64\setup
2020-03-11 01:14:33 ----D---- C:\WINDOWS\SYSWOW64\migration
2020-03-11 01:14:33 ----D---- C:\WINDOWS\SYSWOW64\drivers
2020-03-11 01:14:33 ----D---- C:\WINDOWS\SYSWOW64\Dism
2020-03-11 01:14:33 ----D---- C:\WINDOWS\SystemResources
2020-03-11 01:14:33 ----D---- C:\WINDOWS\system32\wbem
2020-03-11 01:14:33 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2020-03-11 01:14:33 ----D---- C:\WINDOWS\system32\setup
2020-03-11 01:14:33 ----D---- C:\WINDOWS\system32\oobe
2020-03-11 01:14:33 ----D---- C:\WINDOWS\system32\migration
2020-03-11 01:14:33 ----D---- C:\WINDOWS\system32\Dism
2020-03-11 01:14:32 ----D---- C:\WINDOWS\system32\Boot
2020-03-11 01:14:31 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2020-03-11 01:14:31 ----D---- C:\WINDOWS\servicing
2020-03-11 01:14:31 ----D---- C:\WINDOWS\apppatch
2020-03-11 01:14:31 ----D---- C:\Program Files\Windows Defender
2020-03-11 01:14:28 ----D---- C:\WINDOWS\system32\drivers\UMDF
2020-03-11 00:50:34 ----D---- C:\WINDOWS\system32\MRT
2020-03-11 00:48:20 ----AC---- C:\WINDOWS\system32\MRT.exe
2020-03-03 15:42:54 ----D---- C:\Program Files (x86)\Common Files
2020-03-03 15:42:53 ----RD---- C:\Program Files (x86)
2020-03-03 15:42:45 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-03-19 89096]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-03-11 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 MpKslDrv;MpKslDrv; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1EAA6667-6D16-46A9-AC57-336FD19755FF}\MpKslDrv.sys [2020-03-28 43232]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-03-11 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-12 117264]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-03-11 99328]
R3 dtlitescsibus;@oem6.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2018-11-18 30264]
R3 dtliteusbbus;@oem19.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2018-11-18 47672]
R3 e1dexpress;@oem14.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_b44028fc7fdf4fca\e1d68x64.sys [2019-09-13 599920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2017-11-16 6038440]
R3 MEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [2019-04-17 266128]
R3 NVHDA;@oem20.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-03-18 223120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_63268710a2dc3648\nvlddmkm.sys [2020-03-19 23439080]
R3 nvvad_WaveExtensible;@oem3.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem10.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2019-08-17 75600]
R3 ScpVBus;@oem18.inf,%ScpVBus.SVCDESC%;Scp Virtual Bus Driver; C:\WINDOWS\System32\drivers\ScpVBus.sys [2013-05-19 39168]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-03-19 151352]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2019-03-19 220176]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-03-11 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-14 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-17 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-03-11 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-03-11 36864]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-03-19 133120]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-03-11 1428992]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\System32\drivers\e1i65x64.sys [2019-03-19 553984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-17 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-10 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-02-12 84496]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-14 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-07-23 30336]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-12 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_bbd75c9;Uživatelská služba platformy připojených zařízení_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2018-06-11 9728]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-09-28 858480]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2020-03-18 874472]
R2 OneSyncSvc_bbd75c9;Hostitel synchronizace_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2020-03-16 3445552]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe []
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2019-03-19 263904]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_bbd75c9;Uživatelská služba schránky_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-10-19 3729512]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2020-03-16 2495280]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_bbd75c9;Data kontaktů_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2020-03-11 929144]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-17 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_bbd75c9;Agent Activation Runtime_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-03-11 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_bbd75c9;Uživatelská služba pro GameDVR a vysílání her_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-11-26 8402648]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_bbd75c9;Služba pro podporu uživatelů Bluetooth_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_bbd75c9;CaptureService_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_bbd75c9;ConsentUX_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_bbd75c9;CredentialEnrollmentManagerUserSvc_bbd75c9; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_bbd75c9;DeviceAssociationBroker_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_bbd75c9;DevicePicker_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_bbd75c9;Tok zařízení_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-03-11 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2020-02-28 803440]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-09-17 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\elevation_service.exe [2020-03-16 1113072]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-17 153168]
S3 HnGSteamService;Heroes & Generals Steam Service; D:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [2020-02-18 788264]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 chromoting;@C:\Program Files (x86)\Google\Chrome Remote Desktop\81.0.4044.61\remoting_core.dll,-101; C:\Program Files (x86)\Google\Chrome Remote Desktop\81.0.4044.61\remoting_host.exe [2019-12-17 73200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_bbd75c9;Služba zasílání zpráv_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-03-10 244936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2017-10-16 7677008]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-09-28 858480]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2020-03-14 2463064]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_bbd75c9;PrintWorkflow_bbd75c9; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2019-11-30 474256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 1264128]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]

-----------------EOF-----------------
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: preventivní kontrola

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena
  • Ak nebudu ziadne nalezy, klikni na
  • Pockaj na dokoncenie a potvrd restartovanie PC
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Im_Ghost
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 bře 2020 19:34

Re: preventivní kontrola

#3 Příspěvek od Im_Ghost »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-02.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-30-2020
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 28
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\RelevantKnowledge
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Deleted C:\Users\vojta\AppData\Roaming\DRPSu
Deleted C:\Users\vojta\AppData\Roaming\Seznam.cz
Deleted C:\Users\vojta\AppData\Roaming\Tencent

***** [ Files ] *****

Deleted C:\Program Files\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS
Deleted C:\Program Files\MOZILLA FIREFOX\DSENGINE.CFG
Deleted C:\Users\vojta\AppData\Roaming\Mozilla\Firefox\Profiles\q8xv8cjp.default\searchplugins\yahoo-lavasoft.xml
Deleted C:\Windows\SysWOW64\rlls.dll
Deleted C:\Windows\System32\rlls64.dll

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Video Player
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Deleted HKLM\Software\Wow6432Node\drpsu

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3746 octets] - [30/03/2020 23:42:42]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: preventivní kontrola

#4 Příspěvek od Conder »

Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Im_Ghost
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 bře 2020 19:34

Re: preventivní kontrola

#5 Příspěvek od Im_Ghost »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by vojta (31-03-2020 22:08:07)
Running from C:\Users\vojta\Desktop
Windows 10 Home Version 1903 18362.720 (X64) (2019-09-17 18:03:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1179111831-1948279992-4122349688-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1179111831-1948279992-4122349688-503 - Limited - Disabled)
Guest (S-1-5-21-1179111831-1948279992-4122349688-501 - Limited - Disabled)
vojta (S-1-5-21-1179111831-1948279992-4122349688-1001 - Administrator - Enabled) => C:\Users\vojta
WDAGUtilityAccount (S-1-5-21-1179111831-1948279992-4122349688-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Aktualizace NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.3.1 - Electronic Arts, Inc.)
Armored Warfare MyCom (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Armored Warfare MyCom) (Version: 1.200 - My.com B.V.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0650 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\FACEITApp) (Version: 1.22.5 - FACEIT Ltd.)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
ChallengeMe.GG Client version 1.5 (HKLM-x32\...\{7A91C052-5E4E-441C-A3A5-84B100B98166}_is1) (Version: 1.5 - CME.GG)
Chrome Remote Desktop Host (HKLM-x32\...\{81D05E22-F5EC-4EC6-966A-FF3C43C168A4}) (Version: 81.0.4044.61 - Google Inc.)
KeyShot 8 (HKLM\...\KeyShot 8) (Version: 8.2 - Luxion ApS)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Legends of Runeterra (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Riot Game bacon.live) (Version: - Riot Games, Inc)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 cs) (HKLM\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\GameCenter) (Version: 4.1543 - MY.COM B.V.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera Stable 67.0.3575.97 (HKLM-x32\...\Opera 67.0.3575.97) (Version: 67.0.3575.97 - Opera Software)
Oracle VM VirtualBox 5.1.30 (HKLM\...\{2F7790B1-72FA-426F-91B3-EBEAA30B1ABA}) (Version: 5.1.30 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.66.38849 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.143.0.24 - Overwolf Ltd.)
Ovládací panel NVIDIA 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 445.75 - NVIDIA Corporation) Hidden
Porofessor.gg (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.3.49 - Overwolf app)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.987 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.6.132 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.1 - Rockstar Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Siemens Solid Edge 2020 (HKLM\...\{04396AA7-8483-4B6A-9512-D4E79B69EBC2}) (Version: 220.00.00104 - Siemens)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spotify (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Spotify) (Version: 1.1.29.592.gf0779179 - Spotify AB)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.55c - Vostok Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\TeamSpeak 3 Client) (Version: 3.1.9 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version: - Ubisoft)
TomTom MyDrive Connect 4.2.1.3495 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.1.3495 - TomTom)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 61.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
War Thunder Launcher 1.0.3.154 (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
wtfast 4.14 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.14.1.1877 - Initex & AAA Internet Publishing)
XVM verze 7.7.9 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 7.7.9 - XVM team)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.5.9.0_x86__kgqvnymyfvs32 [2020-02-21] (king.com)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-28] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-06-02] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vojta\AppData\Local\MEGAsync\ShellExtX64.dll [2019-05-30] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Loaded Modules (Whitelisted) =============

2017-08-12 11:23 - 2017-08-12 11:23 - 000885696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2017-08-12 11:23 - 2017-08-12 11:23 - 003664320 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-06-12 10:56 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-06-12 10:56 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2018-06-12 10:56 - 2019-07-12 09:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-03-24 13:37 - 2019-07-12 09:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-03-24 13:37 - 2019-07-12 09:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-03-24 13:37 - 2019-07-12 09:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-03-24 13:37 - 2019-07-12 09:23 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-03-24 13:37 - 2019-07-12 09:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-03-24 13:37 - 2019-07-12 09:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\vojta:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [236]
AlternateDataStreams: C:\Users\vojta\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\vojta\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vojta\Desktop\pozadi\itl.cat_itachi-wallpaper-iphone_321544.png
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{8A8100BC-987A-42A8-BD3D-D3EEA0E80A17}D:\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) D:\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{55D40AA8-59CF-45FC-A8F3-ECEF671A6917}D:\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) D:\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{8875F1B3-365B-40DA-9334-21238E126DD3}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{D7605BAC-38EF-41ED-83DA-E63D6201DD6C}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{FB16E97D-043D-411C-B038-4D42BB1F487D}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{051A9254-B617-487F-A25D-8276225E477E}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{D153BE54-BC30-4202-9E14-83F8D2F7396A}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{17FAB709-EE74-4233-9CA1-A1D3873E7383}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [UDP Query User{3B9A3274-BFDA-4B50-B801-5FF4F364EF5D}D:\league of legends\game\league of legends.exe] => (Allow) D:\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{CBCA087D-6CA5-468F-96FF-55532641E774}D:\league of legends\game\league of legends.exe] => (Allow) D:\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{919BD60C-A62C-47E1-AF75-EAFD93AB9B59}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{0FDAE62C-ECED-4AA6-804B-61B79B6A7953}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6349F12B-BDD2-4589-B759-F4D494DF5F93}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{8837BA27-E59E-455B-846D-3CA6FF4FFBEE}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{5BB55933-FC8F-4A1D-B67A-7FE2559DD952}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{DA69F8BE-4EAD-4AF1-BB84-D8F0238A2438}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [UDP Query User{7B6FEF0A-CB9B-4008-9C4F-238BD70D2881}D:\utorent\utorrent.exe] => (Allow) D:\utorent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{F9A259C7-30A7-428A-976F-9E638847A87A}D:\utorent\utorrent.exe] => (Allow) D:\utorent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6FE37197-6DB2-4751-9A5F-8EF0460A7A0D}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{814706CE-919A-4629-B3F7-2BEF92CEC83C}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{096A8FBA-AED4-4AF7-B442-9627465CB278}] => (Allow) D:\Steam\steamapps\common\Battalion 1944\Battalion.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{853A1E03-787A-4355-AEB7-5DF973ABD850}] => (Allow) D:\Steam\steamapps\common\Battalion 1944\Battalion.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{4A0853F0-64EE-4770-88FE-C3B1B286E327}] => (Allow) D:\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{16F8370D-7F83-4ADA-B75F-F60644FEE6D0}] => (Allow) D:\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{563D06C5-F694-4735-931E-C1EE28036C09}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{0952373F-E90C-4AA1-979F-30DFF2B2D859}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [UDP Query User{E48B063F-8932-4609-8D0E-C0A784570935}C:\users\vojta\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\vojta\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [TCP Query User{B6E13543-A253-4403-AC02-2969E2C2C849}C:\users\vojta\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\vojta\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{1373C899-50DB-428B-A2BA-F14ECFDE6B68}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{10020800-368C-4E5E-8C90-10EDF94471A9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{BA898A34-C17C-411B-AE88-8A56D6BB5749}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [TCP Query User{E40048AA-4C74-43B2-AAE2-6F53651AD16B}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{15A6844F-44F9-4857-B0C4-9BF1EC958496}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{93F564A8-57BA-44B2-8069-FAA750F3F74F}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{AC20F7AA-9135-4EFA-A552-B489C11A689C}C:\users\vojta\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vojta\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{5FA9A46B-CBCF-4DEA-9FA7-0F2B8CB0B792}C:\users\vojta\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vojta\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{718C750A-B07C-4D47-BC5F-495FE979A1AD}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{72EE9939-5F51-4030-B7B1-CDD850528939}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{464EAEEB-0F47-426F-9282-6E802DA767B6}D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{790A1404-7D2E-42B4-AE6A-5C5C26F7173E}D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1DE299EF-29F9-4251-865F-9079387A12D7}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9A282FEF-D4AF-492E-B8E2-CA6CB5B53170}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{AB88C947-E3BF-4B62-B251-D0083CEA5B1D}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [TCP Query User{0295E577-1CA6-4C19-9A88-982AABE2D455}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{6BD3B100-9BF9-4508-9EF2-8BF1360B1355}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{856B9DC0-01C5-4FF5-82D9-A6C759F3EAC1}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B3040E49-CF85-4F17-ACFC-21C9F983309A}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{B3357254-DAB1-4386-9B15-8DC6550B102E}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A032812E-30D6-4FC4-AB81-84CD997305BC}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{699B5A8F-FB18-4A5A-924C-54A0C2BA89E2}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{D153EDE3-F290-4C4F-AFAA-9216C585104C}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6A7908B0-81D1-4723-BB22-A53D6F6281F6}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [{AD3606D2-601B-4C9A-ACDE-F6AB90A211D6}] => (Allow) D:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{4B22A221-30DA-424C-A3C1-52FB349C45B9}] => (Allow) D:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [UDP Query User{C8832AC4-7F20-4F0E-AD37-83BB74CC402A}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{93DFBD85-2425-4407-B358-F35408977244}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [{9280BD9F-77CC-4B9B-8046-B67209976D0F}] => (Allow) D:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{2F9D2E3C-C9CF-496D-936D-AEB9C2D02BEB}] => (Allow) D:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [UDP Query User{A303B1C1-3687-436F-863B-9DC3FA6C4DB8}D:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{B0D53877-701F-4EBF-903D-F051FD648B41}D:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{CC80CF92-3110-4E2D-8CB9-C39C55668125}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{C6A4B195-9729-4B0C-8152-C07DE60009E8}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{F07F3A6C-C150-447F-AF2F-7BCBCBE4C4A1}] => (Allow) D:\Steam\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{7D294D0F-2BA6-4FE6-AC71-EDC0E8772362}] => (Allow) D:\Steam\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{C40A749F-708F-47E9-9527-DEBE972400EA}] => (Allow) D:\Steam\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{95196038-14D5-4062-9028-AED12C556B9D}] => (Allow) D:\Steam\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [UDP Query User{C58916A0-7B56-4EFA-8D82-D8F59BE003A5}D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{299D1A29-ACA6-463E-9475-5D063BF8CA54}D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1570FA41-5DCF-4C9F-8C54-D30DD5F2BD73}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4D66587B-C83C-4E4E-9E00-3D96E118342E}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{F9BB2D63-01D4-464A-A153-6CE3484C407F}D:\the sims 4\the sims 4\game\bin\ts4.exe] => (Allow) D:\the sims 4\the sims 4\game\bin\ts4.exe No File
FirewallRules: [TCP Query User{ACA4CD66-5781-4441-9B8A-4BDFA5D48684}D:\the sims 4\the sims 4\game\bin\ts4.exe] => (Allow) D:\the sims 4\the sims 4\game\bin\ts4.exe No File
FirewallRules: [UDP Query User{FF854625-AE50-4E2B-85CB-B367711036A1}D:\origin\apex\r5apex.exe] => (Allow) D:\origin\apex\r5apex.exe No File
FirewallRules: [TCP Query User{03F13AE9-CFD7-4145-AC21-7EE4FED75ADF}D:\origin\apex\r5apex.exe] => (Allow) D:\origin\apex\r5apex.exe No File
FirewallRules: [UDP Query User{A487D915-1409-4ACB-984A-C1F91D9ABD7C}C:\users\vojta\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\vojta\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [TCP Query User{229F31FE-4409-4D39-AA62-A033CCDDB97D}C:\users\vojta\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\vojta\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{69EA6F45-D321-4C16-829E-A8CCBB8B09CD}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BCA426F2-95B4-46D0-AF8F-858867D7F599}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{4F168249-760A-42A4-B165-0FFC6663A421}D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{7BEF1FF6-B159-433F-8A81-B5B35C67E39C}D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [{399B2C7B-1632-48C1-AD51-7B8B017BC29B}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{B173BFD6-F473-411A-8B48-813DA68BEED5}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{D1601F75-EACD-4B2F-A674-482169280A40}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [TCP Query User{D534141F-1D11-4289-9977-472FC525FB40}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [UDP Query User{3777B93B-CE22-4611-8D23-DB6E32609898}D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{9CE890AF-5D7C-4BED-8435-4D8C1DC8E081}D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F47FADD0-2E6D-4639-8847-E9796B449F80}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{58C8387C-FB23-46B4-BA57-6FB29B9652F7}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{4012FF23-1B8C-49C5-B0B3-31D0B129E3DF}] => (Allow) D:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{DA81F591-9A81-4BEA-96C7-627F5BED199D}] => (Allow) D:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [UDP Query User{42ECEE35-164F-4907-8B4D-C0A6018573A5}D:\battlenet\destyny 2\destiny 2\destiny2.exe] => (Allow) D:\battlenet\destyny 2\destiny 2\destiny2.exe No File
FirewallRules: [TCP Query User{1FB741AB-A20D-4741-A7F5-A9EE2163CD3A}D:\battlenet\destyny 2\destiny 2\destiny2.exe] => (Allow) D:\battlenet\destyny 2\destiny 2\destiny2.exe No File
FirewallRules: [{839AB588-3BB2-40E9-9C6C-E7C8C455FA2B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D1E72655-A1F9-461F-BBBE-7402E74C1685}] => (Allow) D:\Survivarium\Survarium\game\binaries\x86\survarium.exe (LLC UKRAINIAN GAME TECHNOLOGYS -> )
FirewallRules: [{619142CD-C4F6-460D-98C8-108526C30E2A}] => (Allow) D:\Survivarium\Survarium\game\binaries\x86\survarium.exe (LLC UKRAINIAN GAME TECHNOLOGYS -> )
FirewallRules: [{43DC36E7-0BBA-4B44-B335-74975DF952ED}] => (Allow) D:\Survivarium\Survarium\temp\survarium_updater.exe (LLC UKRAINIAN GAME TECHNOLOGYS -> )
FirewallRules: [{F3F247F6-4DCF-4F86-93CF-F7D3B898B8AC}] => (Allow) D:\Survivarium\Survarium\temp\survarium_updater.exe (LLC UKRAINIAN GAME TECHNOLOGYS -> )
FirewallRules: [{02CC9AFE-50C3-4873-B778-B5BF958054FF}] => (Allow) D:\Survivarium\Survarium\temp\survarium_updater.exe (LLC UKRAINIAN GAME TECHNOLOGYS -> )
FirewallRules: [{1626918B-5DFD-4BE0-9AD2-4C390DED0317}] => (Allow) D:\Survivarium\Survarium\temp\survarium_updater.exe (LLC UKRAINIAN GAME TECHNOLOGYS -> )
FirewallRules: [{A0F6C8BD-B9FA-4698-8E49-9F205FAA17E7}] => (Allow) D:\Survivarium\Survarium\temp\survarium_launcher.exe (LLC UKRAINIAN GAME TECHNOLOGYS -> )
FirewallRules: [UDP Query User{BF9676FF-3302-4464-8B3B-0F55D73F9303}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{A76DACFA-B5D8-49C1-AFA9-1594D5184A4F}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{E0ABC789-2602-4CD5-8E89-47E85561E377}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [{CCF8229E-F930-42C5-B882-391538AEBD8C}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [{851AAFDE-6901-40AB-89B1-432D4CEB06DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{96A24500-50C0-46DB-8E45-4C4DCF5843A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C2DD766-E185-4364-A491-402C5D5F1A40}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{219B8EFA-D82B-4645-B36A-73397BB59EBA}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{D9F87C33-C536-4C4F-9675-BC6296BC0D6D}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D868EE57-65F3-48C5-BDAE-3F4541728119}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{6C34DF26-97EF-47FC-9A23-5214F3D045B1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8C22C16A-65ED-4646-AF8C-BCA02FE9CE06}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{110EF41E-C160-4033-842B-A86D9ED6481F}] => (Allow) D:\Uplay\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe (Shanghai Ubi Computer Software Co Ltd -> UBISoft)
FirewallRules: [{0E903875-26A4-44CB-9980-098CD0597B1D}] => (Allow) D:\Uplay\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe (Shanghai Ubi Computer Software Co Ltd -> UBISoft)
FirewallRules: [{216F10E3-77FE-45D4-B3E4-B5ACA1B25B81}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{16967EF8-E93B-47D5-B2A8-1602304F13B7}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{C00CE097-EB65-4CB4-876C-D5FEDFADF938}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5BD74A27-5DDE-400F-899F-190A93E50DB7}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4CF692CD-AA8F-4479-A262-6CDF088271A0}] => (Allow) D:\Uplay\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{81752E8F-1AC3-4ECE-82F6-67086A0337B8}] => (Allow) D:\Uplay\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{02515187-01E3-4A1C-8F66-E7FFF906653C}] => (Allow) D:\Uplay\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{F0275F79-545F-4050-96DA-2790E69AAD06}] => (Allow) D:\Uplay\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{534AA357-7BC1-4C17-89BA-4782EF2F2EB2}] => (Allow) D:\Steam\steamapps\common\Depth\Binaries\Win32\DepthGame.exe (Digital Confectioners, Ltd.) [File not signed]
FirewallRules: [{AC8CCB56-BD38-45FE-A594-970197471983}] => (Allow) D:\Steam\steamapps\common\Depth\Binaries\Win32\DepthGame.exe (Digital Confectioners, Ltd.) [File not signed]
FirewallRules: [{756867C5-9E4B-4442-A053-A1D8E1FD3A6E}] => (Allow) D:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{1F479B86-88CD-47FD-AC39-82F7200DC573}] => (Allow) D:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{744197F2-7592-4238-87A1-B302520F7FEF}] => (Allow) D:\TomTom\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [{135AB4E2-188C-4B1F-A5C8-F179FC6B793C}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{E129B31C-6E62-48F8-B9F6-1AD301F2F8C6}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{9E0FA1C7-0F30-4C64-B63C-3184A32FF929}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{C9C562AC-9868-4899-A8E8-AC52A1224E97}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{43A66E87-2A8F-4B97-A696-D6C9A3CDA165}] => (Allow) D:\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{26CCF022-2CDC-44E9-9B71-3D252C0D7019}] => (Allow) D:\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{30CA9B53-2D5D-43C8-9ED7-DB493E246376}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{EE85D16D-9CA3-48DB-96AC-1773DBF9B8AF}] => (Allow) D:\World_of_Tanks\WoTLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{D27FE992-CB68-47A1-B923-345A369108BF}D:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe] => (Allow) D:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [TCP Query User{84C90462-0F79-4392-AC95-01355AFCD5EF}D:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe] => (Allow) D:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [UDP Query User{401F8E16-E86F-44E9-B6CE-324EAA13377A}D:\uplay\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) D:\uplay\ubisoft game launcher\games\forhonor\forhonor.exe (Blue Byte GmbH -> Ubisoft)
FirewallRules: [TCP Query User{B7B66AC8-352B-42CA-9B0B-8DF35F5E76C9}D:\uplay\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) D:\uplay\ubisoft game launcher\games\forhonor\forhonor.exe (Blue Byte GmbH -> Ubisoft)
FirewallRules: [UDP Query User{29FD90BD-69DA-450D-BF0C-4EE79483CC62}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{92543E2B-E723-47F3-BFD2-D4D647557879}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{46F52CDB-D160-43A2-A403-2925E978DC7C}D:\world of tank\worldoftanks.exe] => (Allow) D:\world of tank\worldoftanks.exe No File
FirewallRules: [UDP Query User{293310FF-4EDE-4CA0-B7A6-C9E077842F93}D:\world of tank\worldoftanks.exe] => (Allow) D:\world of tank\worldoftanks.exe No File
FirewallRules: [{712A10FC-553E-408D-985C-C06487F195FE}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{9B787E1C-502C-404E-8A54-95836D3CD764}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{9F2B09F2-DB0F-4F29-9858-5B8047A8EEA7}C:\users\vojta\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vojta\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0A1D01AF-08E4-4AFF-B641-28DE5D71E086}C:\users\vojta\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vojta\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A672A5B3-224A-4D0E-B247-883F2CCCDEF1}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{43A553D2-A4D7-441E-8EE4-2229F09C5892}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E6703E5-4E7A-4333-8C80-2CFFE7CA7E4C}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{F686793A-0F0F-41CA-98E5-89E3C45614BB}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{3C8CAFE7-3135-4C77-AC5A-06CD4052DAAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F1C2400A-A1FC-4FDE-9CCD-7EB37B9B7F6D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2487CDE3-90A9-4817-845F-FE60A72B0B1B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{8AC1F2F2-F7E9-4AC7-82AC-C63ABB34668F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{417C63DD-A03F-44EC-A62E-D1B884EC2E37}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9C3590AD-B0C7-40FF-8CB9-F2CE671B6F2F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{45DCB8D1-5201-4DDF-A013-5BA68F170197}D:\world of tank\wotlauncher.exe] => (Allow) D:\world of tank\wotlauncher.exe No File
FirewallRules: [UDP Query User{91952CAA-8FE3-4F39-9302-EDC486895FA7}D:\world of tank\wotlauncher.exe] => (Allow) D:\world of tank\wotlauncher.exe No File
FirewallRules: [TCP Query User{F3A3CDC0-6700-4E34-8CB2-D1B7E0D3D160}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{C0BA385B-7E85-4FBC-8D74-44E5489EB20D}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{50BC6A5B-716A-4081-8706-2DDBDC27C7E3}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{8D8C67C4-E9CF-4A22-93C0-9437A93C52F5}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{04480A92-00E2-4902-946F-D66F9054DA4B}] => (Allow) D:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{40AD4A0A-3EB2-4137-BE5F-17040BBAB122}] => (Allow) D:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{9F93295A-42D6-4EE7-A381-FFFE91F72555}] => (Allow) D:\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{C3102FD3-6F97-481A-BD02-B10280E00FF5}] => (Allow) D:\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [TCP Query User{B213BED2-6223-4AF0-BBA7-563C30AC6E5B}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{1423B505-D36B-46C0-B6A2-06351101FF27}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{F011228E-420C-454B-9BFF-9A69007E05F1}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{B7935B9E-5F91-4BC4-B453-FF940382FF76}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{7C8F0ABE-6629-4A68-A08D-77FA88A0E5A2}D:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{AA8BFF78-C6CE-4ED5-B163-863506D2F84B}D:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{FC377F4F-B7A3-4856-885F-6F4E9ADD8187}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{7537DAC4-8BD3-44D6-AB55-FBB20C345AE6}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{52AD3323-729D-46AE-AB65-2F4942DA14E9}D:\world_of_tanks\win32\worldoftanks.exe] => (Block) D:\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{A1E38AEF-CD46-44A7-818D-8458EAA7A1C3}D:\world_of_tanks\win32\worldoftanks.exe] => (Block) D:\world_of_tanks\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9C8479AE-A0A4-428B-8F27-2B5D4957231E}] => (Allow) C:\Program Files\KeyShot8\bin\keyshot.exe (Luxion, Inc. -> Luxion)
FirewallRules: [{41883456-3493-42A8-A798-F94926281625}] => (Allow) C:\Program Files\KeyShot8\bin\keyshot_daemon.exe (Luxion, Inc. -> )
FirewallRules: [{F34953F2-9D82-4C85-A52B-6C177626D938}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C7B5988E-4D64-4935-8399-AE6E714194B1}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{F3C9A728-F621-45F6-8A9D-A20EA3980A69}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{6B31440D-89E0-4F90-8B36-B8E8E9AC4141}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{164E3F16-90D5-4E0E-9AF0-B842FF4055BF}] => (Allow) D:\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{45ACD3D8-AADF-4699-921F-930A7F3286F2}] => (Allow) D:\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{51B6F3B1-D8FE-43ED-A798-7B3E0993DF77}] => (Allow) C:\Program Files (x86)\wtfast\wtfast.exe (WTFast (AAA Internet Publishing Inc.) -> AAA Internet Publishing Inc.)
FirewallRules: [{7FFF4BDC-0EE2-4065-AE7E-447E0AD4BA6D}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{57B25517-0074-4598-9A15-4FE0D7DBF7BD}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{2CF5A0FB-2691-4477-900D-430715BCD5B7}] => (Allow) D:\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{1BEFC7D6-6D64-447E-BC26-9CC8CB24485A}] => (Allow) D:\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [TCP Query User{4AEDA780-6952-4CDE-AC1D-3E0DCAF016F7}C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe] => (Allow) C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe No File
FirewallRules: [UDP Query User{8A7FC222-6976-46E9-997F-654CEDEF525B}C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe] => (Allow) C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe No File
FirewallRules: [{A77C696F-7FF1-4266-9979-156A24D6ACDD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2F8F0C6A-7121-4E00-9F7A-0CFC1B85722A}] => (Allow) C:\Users\vojta\AppData\Local\Programs\Opera\67.0.3575.79\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{3F6061AE-83F2-4AC4-9EDC-AED35C27F7FE}D:\battlenet\destyny 2\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battlenet\destyny 2\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{36ABC737-5D77-48A2-9801-993F454623E0}D:\battlenet\destyny 2\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battlenet\destyny 2\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{EAC5DEE1-6DB6-4811-9BE1-B63C1A4CFA1C}] => (Allow) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DF13079A-0846-4EB8-98D0-2F94B1BA8D83}] => (Allow) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{C9BDFD21-8AD4-4C2A-8A4A-7393137D3D22}] => (Block) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{08BFD5BB-2109-4E25-BCDE-64984AED0F02}] => (Block) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E9FAB83E-5A40-462B-B03E-663502CCF064}] => (Allow) C:\Users\vojta\AppData\Local\Programs\Opera\67.0.3575.97\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{8EB5EBDA-CFFD-4C64-BA70-3C8370FFECE7}C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe] => (Block) C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe No File
FirewallRules: [UDP Query User{4322AF2F-09E0-4227-AACB-4554FDE20AE9}C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe] => (Block) C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe No File
FirewallRules: [TCP Query User{E52CECCC-F63C-40DA-96EF-49B70E13DEDB}D:\the sims 4\kiriku\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin\ts4_x64.exe] => (Allow) D:\the sims 4\kiriku\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{BDC1BCD2-3F85-4B6A-B4D8-87907D25450B}D:\the sims 4\kiriku\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin\ts4_x64.exe] => (Allow) D:\the sims 4\kiriku\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{460FE3AD-B894-4A87-9388-C25C6D78BEE4}] => (Block) D:\the sims 4\kiriku\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{66EE80A9-33EE-42D2-8226-48DA20EE21F4}] => (Block) D:\the sims 4\kiriku\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{33BF4FE5-0081-4168-BC93-EAD2B7D2CE22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E6C43A83-B90D-4181-A800-E10CCD3AAA1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0477DA98-9231-4E4F-AA3D-34051C4DCB05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{50AA0131-9202-4D06-B215-8BAAC3F769F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{50412B39-A04B-4EB2-87FC-274B8B34CC86}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\81.0.4044.61\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{CA7B4987-8DC9-4A59-8E90-9603933EEA9B}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D5E60BF5-9430-4291-AB44-28FEAC09D6D6}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5D5E06B4-E80C-4359-8454-1CF00FBDCDBA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9DAAA762-B373-4FBC-A352-BAF3BF88E231}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{11C17A23-4DA4-4D6C-BEEB-7BE3A6806DBA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5B6D7FB9-FBAC-4E98-9796-A0938291281C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

19-03-2020 13:04:32 Naplánovaný kontrolní bod
21-03-2020 15:10:24 Nainstalováno rozhraní DirectX
26-03-2020 03:02:56 Nainstalováno rozhraní DirectX
30-03-2020 00:48:31 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices ============

Name: ASMedia USB 3.1 eXtensible Host Controller - 1.10 (Microsoft)
Description: Hostitelský řadič USB kompatibilní s rozhraním xHCI
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Obecný hostitelský řadič USB xHCI
Service: USBXHCI
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/31/2020 09:06:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (268,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/31/2020 06:53:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11772,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/31/2020 03:01:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1060,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/31/2020 12:57:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3428,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/31/2020 12:21:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3344,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/31/2020 01:22:40 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2436,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/31/2020 01:12:31 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7412,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/31/2020 01:02:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15180,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (03/30/2020 11:43:33 PM) (Source: ACPI) (EventID: 5) (User: )
Description: AMLI: Systém ACPI BIOS se pokouší o zápis na nesprávnou adresu portu V/V (0x82), která se nachází v chráněném rozsahu adres 0x81 - 0x83. Následkem toho může dojít k nestabilitě systému. Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error: (03/30/2020 11:42:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (03/30/2020 11:42:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/30/2020 11:42:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Hi-Rez Studios Authenticate and Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/30/2020 11:42:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/30/2020 11:42:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/30/2020 11:42:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/30/2020 11:42:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2020-03-30 15:05:04.889
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {50320D49-C312-4909-A221-B1545469B779}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-7KBI6L7\vojta

Date: 2020-03-30 15:05:04.886
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\vojta\AppData\Roaming\Microsoft\Windows Activator\Windows Activator.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-7KBI6L7\vojta
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.313.406.0, AS: 1.313.406.0, NIS: 1.313.406.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-28 05:43:34.879
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Fuery.C!cl
ID: 2147718736
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\vojta\AppData\Local\Temp\1pekIMri.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7KBI6L7\vojta
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.313.229.0, AS: 1.313.229.0, NIS: 1.313.229.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-26 13:31:35.625
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Wacapew.C!ml
ID: 265744
Závažnost: Střední
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\vojta\AppData\Local\Temp\1pekIMri.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7KBI6L7\vojta
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.313.99.0, AS: 1.313.99.0, NIS: 1.313.99.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-26 13:20:13.671
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\vojta\AppData\Local\Temp\Rar$EXb148.3433\Windows Activator.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-7KBI6L7\vojta
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze bezpečnostních informací: AV: 1.313.99.0, AS: 1.313.99.0, NIS: 1.313.99.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-28 18:56:20.925
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.229.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-03-31 01:17:35.534
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.143.0.24\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-31 01:17:35.529
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.143.0.24\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-31 01:17:35.523
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.143.0.24\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-31 01:17:35.519
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.143.0.24\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-31 01:13:42.968
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.143.0.24\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-31 01:13:42.964
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.143.0.24\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-31 01:13:42.961
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.143.0.24\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-31 01:13:42.241
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.143.0.24\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F4 06/04/2017
Motherboard: Gigabyte Technology Co., Ltd. X299 AORUS Gaming 3-CF
Processor: Intel(R) Core(TM) i7-7740X CPU @ 4.30GHz
Percentage of memory in use: 32%
Total physical RAM: 16325.5 MB
Available physical RAM: 11058.66 MB
Total Virtual: 23749.5 MB
Available Virtual: 15319.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.03 GB) (Free:58.3 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:1863.02 GB) (Free:174.11 GB) NTFS

\\?\Volume{b2ee4b13-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: B2EE4B13)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Im_Ghost
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 bře 2020 19:34

Re: preventivní kontrola

#6 Příspěvek od Im_Ghost »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
Ran by vojta (administrator) on DESKTOP-7KBI6L7 (Gigabyte Technology Co., Ltd. X299 AORUS Gaming 3) (31-03-2020 22:07:16)
Running from C:\Users\vojta\Desktop
Loaded Profiles: vojta (Available Profiles: vojta)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Discord Inc. -> Discord Inc.) C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hi-Rez Studios) [File not signed] D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Inc -> Malwarebytes) D:\adwcleaner_8.0.3.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\vojta\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163776 2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Users\vojta\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3024920 2020-03-27] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [Steam] => D:\Steam\steam.exe [3370272 2020-03-27] (Valve -> Valve Corporation)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [Spotify] => C:\Users\vojta\AppData\Roaming\Spotify\Spotify.exe [22907112 2020-03-30] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [World of Tanks] => D:\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [MyDriveConnect.exe] => D:\TomTom\MyDrive Connect\TomTom MyDrive Connect.exe [2026216 2018-05-01] (TomTom International BV -> TomTom)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [EpicGamesLauncher] => D:\Epicgames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36054928 2019-11-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [GameCenter] => C:\Users\vojta\AppData\Local\GameCenter\GameCenter.exe [10377312 2020-03-30] (Mail.Ru LLC -> )
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [Discord] => C:\Users\vojta\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [Gaijin.Net Updater] => C:\Users\vojta\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-05-09] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [wtfast Tray] => C:\Program Files (x86)\wtfast\wtfast.exe [7644184 2019-12-04] (WTFast (AAA Internet Publishing Inc.) -> AAA Internet Publishing Inc.)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1749848 2020-03-14] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\MountPoints2: {028109c4-a53f-11e9-8298-1c1b0deaa91b} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00482ADA-5F0D-4141-B776-AEDBAA571AA3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04C80EFC-7733-4858-B93B-1FB8F1B11273} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)
Task: {05039F66-257B-48DD-B5D0-9AD65F51652A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {2406EFC6-D349-478E-9859-DB1E52B7F93D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {25DB7732-A95B-4797-80A6-454B4DA1BAB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-17] (Google Inc -> Google Inc.)
Task: {2701AE95-951E-41CB-9AC4-C7FB12ACC87B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {367D9640-DC4C-4035-8172-0A20ED1B53AC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {487CCCE6-E092-4CFC-A0CC-1E299FB02785} - System32\Tasks\Opera scheduled Autoupdate 1515426916 => C:\Users\vojta\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-19] (Opera Software AS -> Opera Software)
Task: {5E598567-351E-4D37-8D1D-AA7763B6D690} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60F87D2A-5544-4BC3-BD8E-6A402A19C924} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C577C42-DC5C-4AAF-A571-8DAA9487DB59} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-11] (Adobe Inc. -> Adobe)
Task: {7C6C3631-B7D2-47EA-B700-AE078032EDFA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {7D3CDE36-BF79-485A-B9C0-08D04DBD11B3} - System32\Tasks\Opera scheduled assistant Autoupdate 1581099927 => C:\Users\vojta\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-19] (Opera Software AS -> Opera Software)
Task: {7E824E08-AC5C-4154-B34B-3493E60F546B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-17] (Google Inc -> Google Inc.)
Task: {8FD8EB65-9CF3-40F9-A449-F06A15D2D97F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {9BFC1343-22F4-4FFD-B38F-87EFD1768577} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AD8E3996-F327-4409-A17E-0EE13D3BAA5E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B03B41AF-5248-421A-8453-98821C21A99C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B3EC493A-8DD9-41D2-A9F7-08463E1C49FF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDEDCE7B-D28F-49E9-8282-D6F1692370B1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC7FD5A5-5765-4E40-B513-42FDCD19B9EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E68496D7-BEDA-4DD5-8813-5B4409B4D63E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {EAAA7120-52DA-4959-B643-5D5DE71C46C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0B038D6-F778-4944-8BB9-615B26DFE55C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4E6662B-29B3-4BD7-80CC-621C44B3B96E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2029cd91-53a9-44c3-bbc7-b5746e42482f}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=37180
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {0954E21F-FD44-4E67-B3A0-2548E1F97CB6} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {27B62041-7DBC-4404-984C-30D897CE0B97} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {287C73C2-CE53-4300-B0F1-4BBB0232D016} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {430E30D9-C185-4734-8D5D-E49FC8CC89D1} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {A99E635C-38AC-4BEB-AE33-B2D5B5CDBF2E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {BF8CA802-96F7-4FAA-837D-799B154640E2} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__171217__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {CB70495D-BAA0-4E78-B1D1-0A99815D2510} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {CCED2869-6EB8-444C-AF8E-FBBCF4F72DD2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> {D81793D6-D134-4757-B219-EB2424BCB53B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-12] (Ivaylo Beltchev -> IvoSoft) [File not signed]

Edge:
======
Edge Notifications: HKU\S-1-5-21-1179111831-1948279992-4122349688-1001 -> hxxps://www.facebook.com

FireFox:
========
FF DefaultProfile: q8xv8cjp.default
FF ProfilePath: C:\Users\vojta\AppData\Roaming\Mozilla\Firefox\Profiles\q8xv8cjp.default [2020-03-31]
FF DownloadDir: D:\Filmy
FF Homepage: Mozilla\Firefox\Profiles\q8xv8cjp.default -> hxxps://www.google.cz/
FF NewTab: Mozilla\Firefox\Profiles\q8xv8cjp.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__171217__yaff
FF Notifications: Mozilla\Firefox\Profiles\q8xv8cjp.default -> hxxps://fastshare.cz; hxxps://www.lgshop.cz; hxxps://www.onlinevideoconverter.com; hxxps://www.faceit.com; hxxps://www.challengeme.gg; hxxps://www.pvpro.com; hxxps://cm-eu.wargaming.net; hxxps://www.freefilm.to
FF Extension: (No Name) - C:\Users\vojta\AppData\Roaming\Mozilla\Firefox\Profiles\q8xv8cjp.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default [2020-03-30]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/","hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-17]
CHR Extension: (Dokumenty) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-17]
CHR Extension: (Disk Google) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-17]
CHR Extension: (Seznam doplněk - Email) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-02-01]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-11]
CHR Extension: (YouTube) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-17]
CHR Extension: (Tabulky) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-17]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-31]
CHR Extension: (Heroes & Generals) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2018-08-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-01]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-02-01]
CHR Extension: (Gmail) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-13]
CHR Extension: (Chrome Media Router) - C:\Users\vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-01]

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Users\vojta\AppData\Local\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-26] (BattlEye Innovations e.K. -> )
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\81.0.4044.61\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
S3 HnGSteamService; D:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [788264 2020-02-18] (Reto-Moto ApS -> Reto-Moto ApS)
S3 npggsvc; C:\Windows\system32\GameMon.des [7677008 2017-10-16] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495280 2020-03-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3445552 2020-03-16] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2018-04-02] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [474256 2019-11-30] (Rockstar Games, Inc. -> Rockstar Games)
S3 Survarium Update Service; D:\Survivarium\Survarium\game\binaries\x86\survarium_service.exe [121992 2018-11-26] (LLC UKRAINIAN GAME TECHNOLOGYS -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_b44028fc7fdf4fca\e1d68x64.sys [599920 2019-09-13] (Intel(R) INTELND1820 -> Intel Corporation)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-17] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_63268710a2dc3648\nvlddmkm.sys [23439080 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R2 WtfEngineDrv; C:\WINDOWS\system32\Drivers\WtfEngineDrv.sys [41464 2019-12-04] (Initeks, OOO -> AAA Internet Publishing, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-31 22:07 - 2020-03-31 22:07 - 000028357 _____ C:\Users\vojta\Desktop\FRST.txt
2020-03-31 22:07 - 2020-03-31 22:07 - 000000000 ____D C:\FRST
2020-03-31 22:06 - 2020-03-31 22:06 - 002280448 _____ (Farbar) C:\Users\vojta\Desktop\FRST64.exe
2020-03-31 00:36 - 2020-03-31 00:36 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-03-30 23:48 - 2020-03-30 23:48 - 000000000 ____D C:\Users\vojta\Desktop\babička hudba
2020-03-30 20:40 - 2020-03-30 20:40 - 000000000 ____D C:\rsit
2020-03-30 20:40 - 2020-03-30 20:40 - 000000000 ____D C:\Program Files\trend micro
2020-03-30 20:39 - 2020-03-30 20:39 - 001222144 _____ C:\Users\vojta\Desktop\RSITx64.exe
2020-03-30 18:23 - 2020-03-30 18:23 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2020-03-30 12:22 - 2020-03-30 12:22 - 000000000 ___HD C:\OneDriveTemp
2020-03-30 00:45 - 2020-03-30 00:46 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-03-30 00:44 - 2020-03-19 07:11 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-30 00:44 - 2020-03-19 07:11 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-03-30 00:44 - 2020-03-19 07:11 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-30 00:44 - 2020-03-19 07:11 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-03-30 00:44 - 2020-03-19 07:11 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-03-30 00:44 - 2020-03-19 07:11 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-03-30 00:44 - 2020-03-19 07:11 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-30 00:44 - 2020-03-19 07:11 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-03-30 00:44 - 2020-03-19 07:11 - 000450464 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-03-30 00:44 - 2020-03-19 07:11 - 000348048 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-03-30 00:44 - 2020-03-19 07:10 - 011945072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-03-30 00:44 - 2020-03-19 07:10 - 010285680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-03-30 00:44 - 2020-03-19 07:10 - 000817056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-03-30 00:44 - 2020-03-19 07:10 - 000676448 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-03-30 00:44 - 2020-03-19 07:10 - 000544352 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 017600912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 015157664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 005856656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 005158304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 002072992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 001723280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444575.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 001564904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 001483168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444575.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 001480936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 001351568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 001142176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 001049488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 000811424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 000679840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 000655264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-03-30 00:44 - 2020-03-19 07:09 - 000546720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-03-30 00:44 - 2020-03-19 04:05 - 004196160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-03-30 00:44 - 2020-03-18 09:51 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-03-21 15:35 - 2020-03-21 15:36 - 000000000 ____D C:\Users\vojta\Documents\Call of Duty Modern Warfare
2020-03-21 15:11 - 2020-03-21 15:11 - 000000000 ____D C:\Users\vojta\AppData\Local\Electronic Arts
2020-03-14 14:59 - 2020-03-14 14:59 - 000000000 ____D C:\Users\vojta\Desktop\pozadi
2020-03-13 02:09 - 2020-03-13 02:09 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-13 02:09 - 2020-03-13 02:09 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-13 02:09 - 2020-03-13 02:09 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 02:09 - 2020-03-13 02:09 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-13 02:09 - 2020-03-13 02:09 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-13 02:09 - 2020-03-13 02:09 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-13 02:09 - 2020-03-13 02:09 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-13 02:09 - 2020-03-13 02:09 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-13 02:09 - 2020-03-13 02:09 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-13 02:09 - 2020-03-13 02:09 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-13 02:09 - 2020-03-13 02:09 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-11 00:46 - 2020-03-11 00:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-11 00:46 - 2020-03-11 00:46 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-11 00:46 - 2020-03-11 00:46 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-11 00:46 - 2020-03-11 00:46 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-11 00:46 - 2020-03-11 00:46 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-11 00:46 - 2020-03-11 00:46 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-11 00:46 - 2020-03-11 00:46 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-11 00:46 - 2020-03-11 00:46 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-11 00:46 - 2020-03-11 00:46 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-11 00:46 - 2020-03-11 00:46 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-11 00:46 - 2020-03-11 00:46 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-11 00:46 - 2020-03-11 00:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-11 00:46 - 2020-03-11 00:46 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-11 00:46 - 2020-03-11 00:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-11 00:41 - 2020-02-11 06:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-11 00:41 - 2020-02-11 06:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-10 15:39 - 2020-03-30 23:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-03-03 15:42 - 2020-03-31 01:44 - 000002176 _____ C:\Users\vojta\Desktop\Porofessor.gg.lnk
2020-03-03 15:42 - 2020-03-28 19:47 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-03-03 15:42 - 2020-03-03 15:42 - 000004408 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2020-03-03 15:42 - 2020-03-03 15:42 - 000000000 ____D C:\Users\vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2020-03-03 15:42 - 2020-03-03 15:42 - 000000000 ____D C:\ProgramData\Overwolf
2020-03-03 15:40 - 2020-03-30 23:44 - 000000000 ____D C:\Users\vojta\AppData\Local\Overwolf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-31 22:05 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-31 22:05 - 2018-03-25 15:56 - 000000000 ____D C:\Users\vojta\AppData\Roaming\discord
2020-03-31 22:05 - 2017-12-16 15:32 - 000000000 ____D C:\Users\vojta\AppData\Roaming\vlc
2020-03-31 20:58 - 2018-06-12 10:52 - 000000000 ____D C:\ProgramData\Origin
2020-03-31 20:57 - 2018-06-12 10:52 - 000000000 ____D C:\Users\vojta\AppData\Roaming\Origin
2020-03-31 18:46 - 2018-06-12 10:57 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-03-31 18:46 - 2018-06-12 10:52 - 000000000 ____D C:\Users\vojta\AppData\Local\Origin
2020-03-31 17:25 - 2019-09-17 19:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-31 12:25 - 2017-12-09 19:40 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-31 02:16 - 2017-12-09 19:29 - 000000000 ____D C:\Users\vojta\AppData\Local\ClassicShell
2020-03-31 01:13 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-31 00:38 - 2017-12-10 12:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-31 00:36 - 2017-12-10 12:11 - 000000000 ____D C:\Users\vojta\AppData\Local\TeamViewer
2020-03-30 23:49 - 2019-09-17 20:07 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-30 23:49 - 2019-03-19 13:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-03-30 23:49 - 2019-03-19 13:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-03-30 23:44 - 2019-02-01 00:31 - 000000000 ____D C:\Users\vojta\AppData\Local\GameCenter
2020-03-30 23:44 - 2017-12-10 18:39 - 000000000 ____D C:\Users\vojta\AppData\Local\Spotify
2020-03-30 23:44 - 2017-12-10 18:38 - 000000000 ____D C:\Users\vojta\AppData\Roaming\Spotify
2020-03-30 23:44 - 2017-12-09 19:26 - 000000000 ____D C:\Users\vojta\AppData\LocalLow\Mozilla
2020-03-30 23:43 - 2019-09-17 20:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-30 23:43 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-03-30 23:43 - 2017-12-17 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-03-30 23:43 - 2017-12-09 19:25 - 000000000 ___RD C:\Users\vojta\OneDrive
2020-03-30 23:42 - 2017-12-09 19:31 - 000000000 ____D C:\AdwCleaner
2020-03-30 12:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-30 12:33 - 2017-12-25 12:25 - 000000000 ____D C:\Users\vojta\AppData\Local\CrashDumps
2020-03-30 00:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Help
2020-03-30 00:45 - 2017-12-22 17:30 - 000000000 ____D C:\Users\vojta\AppData\Local\NVIDIA
2020-03-30 00:45 - 2017-12-09 19:40 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-03-30 00:41 - 2019-09-17 20:03 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2019-09-17 20:03 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2019-09-17 20:03 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2019-09-17 20:03 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2019-09-17 20:03 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2019-09-17 20:03 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2019-09-17 20:03 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2019-09-17 20:03 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2019-09-17 20:03 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2019-09-17 20:03 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-30 00:41 - 2017-12-09 19:40 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-03-30 00:41 - 2017-12-09 19:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-03-29 04:19 - 2018-05-23 22:23 - 000000000 ____D C:\Users\vojta\AppData\Local\D3DSCache
2020-03-28 19:46 - 2017-12-10 11:49 - 000000000 ____D C:\Program Files\WinRAR
2020-03-27 23:16 - 2020-02-07 20:25 - 000004254 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1581099927
2020-03-27 19:08 - 2019-02-18 13:40 - 000000000 ____D C:\Users\vojta\Documents\Electronic Arts
2020-03-27 09:47 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-26 14:20 - 2017-12-10 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-03-26 14:15 - 2017-12-10 11:50 - 000000000 ____D C:\Users\vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-03-25 03:56 - 2018-02-20 19:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-25 00:23 - 2017-12-09 20:56 - 000000000 ____D C:\Users\vojta\AppData\Roaming\TS3Client
2020-03-24 13:37 - 2018-06-12 10:56 - 000000000 ____D C:\Program Files (x86)\Origin
2020-03-24 00:40 - 2019-09-17 20:03 - 000004000 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1515426916
2020-03-24 00:40 - 2018-01-08 17:55 - 000001528 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-03-21 18:05 - 2018-11-17 18:34 - 000000000 ____D C:\Users\vojta\AppData\Local\Battle.net
2020-03-21 15:19 - 2019-08-28 19:31 - 000000000 ____D C:\Users\vojta\AppData\Roaming\EasyAntiCheat
2020-03-21 01:48 - 2019-09-17 20:03 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 01:48 - 2019-09-17 20:03 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 14:46 - 2019-09-17 20:03 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-03-19 23:26 - 2019-09-17 20:03 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1179111831-1948279992-4122349688-1001
2020-03-19 23:26 - 2019-09-17 20:00 - 000002365 _____ C:\Users\vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-19 04:06 - 2019-08-25 21:45 - 004927048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-03-18 09:51 - 2019-08-25 21:45 - 001682368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-03-18 09:51 - 2019-08-25 21:45 - 000223120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-03-18 09:51 - 2019-08-25 21:45 - 000056618 _____ C:\WINDOWS\system32\nvinfo.pb
2020-03-18 06:00 - 2017-12-09 19:41 - 005581800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-03-18 06:00 - 2017-12-09 19:41 - 002632680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-03-18 06:00 - 2017-12-09 19:41 - 001759216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-03-18 06:00 - 2017-12-09 19:41 - 001172464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-03-18 06:00 - 2017-12-09 19:41 - 000446264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-03-18 06:00 - 2017-12-09 19:41 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-03-18 06:00 - 2017-12-09 19:41 - 000074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-03-18 02:01 - 2019-09-17 20:03 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 02:00 - 2018-01-25 17:09 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 00:25 - 2017-12-17 14:03 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-18 00:25 - 2017-12-17 14:03 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-16 08:39 - 2017-12-09 19:41 - 008997147 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-03-13 02:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-13 02:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-13 02:09 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-11 14:48 - 2019-09-17 20:03 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-11 14:48 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-03-11 14:48 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-03-11 14:40 - 2019-09-17 19:58 - 001220296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-11 14:40 - 2017-12-09 19:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-11 14:40 - 2017-12-09 19:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-11 14:40 - 2017-12-09 19:23 - 000000000 ___RD C:\Users\vojta\3D Objects
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-11 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-11 01:14 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-11 00:50 - 2017-12-10 12:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-11 00:48 - 2017-12-10 12:36 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-10 19:16 - 2017-12-09 19:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== Files in the root of some directories ========

2018-12-21 13:07 - 2019-04-10 19:04 - 000002953 _____ () C:\Users\vojta\AppData\Roaming\downloads.json
2020-02-27 23:27 - 2020-02-29 15:17 - 000003823 _____ () C:\Users\vojta\AppData\Local\PlariumPlay.log
2018-04-02 20:13 - 2018-04-02 22:39 - 000007597 _____ () C:\Users\vojta\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: preventivní kontrola

#7 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\MountPoints2: {028109c4-a53f-11e9-8298-1c1b0deaa91b} - "E:\HiSuiteDownLoader.exe" 
FF NewTab: Mozilla\Firefox\Profiles\q8xv8cjp.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__171217__yaff
FF Extension: (No Name) - C:\Users\vojta\AppData\Roaming\Mozilla\Firefox\Profiles\q8xv8cjp.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
2020-03-30 23:43 - 2017-12-17 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
C:\ProgramData\Application Data\Lavasoft
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
AlternateDataStreams: C:\Users\vojta:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [236]
AlternateDataStreams: C:\Users\vojta\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\vojta\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [UDP Query User{BA898A34-C17C-411B-AE88-8A56D6BB5749}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [TCP Query User{E40048AA-4C74-43B2-AAE2-6F53651AD16B}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{15A6844F-44F9-4857-B0C4-9BF1EC958496}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{93F564A8-57BA-44B2-8069-FAA750F3F74F}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{718C750A-B07C-4D47-BC5F-495FE979A1AD}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{72EE9939-5F51-4030-B7B1-CDD850528939}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{464EAEEB-0F47-426F-9282-6E802DA767B6}D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{790A1404-7D2E-42B4-AE6A-5C5C26F7173E}D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1DE299EF-29F9-4251-865F-9079387A12D7}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9A282FEF-D4AF-492E-B8E2-CA6CB5B53170}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{AB88C947-E3BF-4B62-B251-D0083CEA5B1D}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [TCP Query User{0295E577-1CA6-4C19-9A88-982AABE2D455}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{6BD3B100-9BF9-4508-9EF2-8BF1360B1355}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{856B9DC0-01C5-4FF5-82D9-A6C759F3EAC1}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B3040E49-CF85-4F17-ACFC-21C9F983309A}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{B3357254-DAB1-4386-9B15-8DC6550B102E}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A032812E-30D6-4FC4-AB81-84CD997305BC}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{699B5A8F-FB18-4A5A-924C-54A0C2BA89E2}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{D153EDE3-F290-4C4F-AFAA-9216C585104C}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6A7908B0-81D1-4723-BB22-A53D6F6281F6}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C8832AC4-7F20-4F0E-AD37-83BB74CC402A}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{93DFBD85-2425-4407-B358-F35408977244}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C58916A0-7B56-4EFA-8D82-D8F59BE003A5}D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{299D1A29-ACA6-463E-9475-5D063BF8CA54}D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1570FA41-5DCF-4C9F-8C54-D30DD5F2BD73}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4D66587B-C83C-4E4E-9E00-3D96E118342E}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{F9BB2D63-01D4-464A-A153-6CE3484C407F}D:\the sims 4\the sims 4\game\bin\ts4.exe] => (Allow) D:\the sims 4\the sims 4\game\bin\ts4.exe No File
FirewallRules: [TCP Query User{ACA4CD66-5781-4441-9B8A-4BDFA5D48684}D:\the sims 4\the sims 4\game\bin\ts4.exe] => (Allow) D:\the sims 4\the sims 4\game\bin\ts4.exe No File
FirewallRules: [UDP Query User{FF854625-AE50-4E2B-85CB-B367711036A1}D:\origin\apex\r5apex.exe] => (Allow) D:\origin\apex\r5apex.exe No File
FirewallRules: [TCP Query User{03F13AE9-CFD7-4145-AC21-7EE4FED75ADF}D:\origin\apex\r5apex.exe] => (Allow) D:\origin\apex\r5apex.exe No File
FirewallRules: [UDP Query User{69EA6F45-D321-4C16-829E-A8CCBB8B09CD}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BCA426F2-95B4-46D0-AF8F-858867D7F599}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{4F168249-760A-42A4-B165-0FFC6663A421}D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{7BEF1FF6-B159-433F-8A81-B5B35C67E39C}D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{42ECEE35-164F-4907-8B4D-C0A6018573A5}D:\battlenet\destyny 2\destiny 2\destiny2.exe] => (Allow) D:\battlenet\destyny 2\destiny 2\destiny2.exe No File
FirewallRules: [TCP Query User{1FB741AB-A20D-4741-A7F5-A9EE2163CD3A}D:\battlenet\destyny 2\destiny 2\destiny2.exe] => (Allow) D:\battlenet\destyny 2\destiny 2\destiny2.exe No File
FirewallRules: [UDP Query User{29FD90BD-69DA-450D-BF0C-4EE79483CC62}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{92543E2B-E723-47F3-BFD2-D4D647557879}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{46F52CDB-D160-43A2-A403-2925E978DC7C}D:\world of tank\worldoftanks.exe] => (Allow) D:\world of tank\worldoftanks.exe No File
FirewallRules: [UDP Query User{293310FF-4EDE-4CA0-B7A6-C9E077842F93}D:\world of tank\worldoftanks.exe] => (Allow) D:\world of tank\worldoftanks.exe No File
FirewallRules: [TCP Query User{45DCB8D1-5201-4DDF-A013-5BA68F170197}D:\world of tank\wotlauncher.exe] => (Allow) D:\world of tank\wotlauncher.exe No File
FirewallRules: [UDP Query User{91952CAA-8FE3-4F39-9302-EDC486895FA7}D:\world of tank\wotlauncher.exe] => (Allow) D:\world of tank\wotlauncher.exe No File
FirewallRules: [TCP Query User{B213BED2-6223-4AF0-BBA7-563C30AC6E5B}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{1423B505-D36B-46C0-B6A2-06351101FF27}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{F011228E-420C-454B-9BFF-9A69007E05F1}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{B7935B9E-5F91-4BC4-B453-FF940382FF76}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{4AEDA780-6952-4CDE-AC1D-3E0DCAF016F7}C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe] => (Allow) C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe No File
FirewallRules: [UDP Query User{8A7FC222-6976-46E9-997F-654CEDEF525B}C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe] => (Allow) C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe No File
FirewallRules: [TCP Query User{8EB5EBDA-CFFD-4C64-BA70-3C8370FFECE7}C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe] => (Block) C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe No File
FirewallRules: [UDP Query User{4322AF2F-09E0-4227-AACB-4554FDE20AE9}C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe] => (Block) C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe No File

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Im_Ghost
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 bře 2020 19:34

Re: preventivní kontrola

#8 Příspěvek od Im_Ghost »

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by vojta (02-04-2020 14:51:55) Run:1
Running from C:\Users\vojta\Desktop
Loaded Profiles: vojta (Available Profiles: vojta)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\...\MountPoints2: {028109c4-a53f-11e9-8298-1c1b0deaa91b} - "E:\HiSuiteDownLoader.exe"
FF NewTab: Mozilla\Firefox\Profiles\q8xv8cjp.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__171217__yaff
FF Extension: (No Name) - C:\Users\vojta\AppData\Roaming\Mozilla\Firefox\Profiles\q8xv8cjp.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
2020-03-30 23:43 - 2017-12-17 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
C:\ProgramData\Application Data\Lavasoft
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\vojta:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [236]
AlternateDataStreams: C:\Users\vojta\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\vojta\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [UDP Query User{BA898A34-C17C-411B-AE88-8A56D6BB5749}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [TCP Query User{E40048AA-4C74-43B2-AAE2-6F53651AD16B}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{15A6844F-44F9-4857-B0C4-9BF1EC958496}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{93F564A8-57BA-44B2-8069-FAA750F3F74F}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{718C750A-B07C-4D47-BC5F-495FE979A1AD}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{72EE9939-5F51-4030-B7B1-CDD850528939}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{464EAEEB-0F47-426F-9282-6E802DA767B6}D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{790A1404-7D2E-42B4-AE6A-5C5C26F7173E}D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1DE299EF-29F9-4251-865F-9079387A12D7}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9A282FEF-D4AF-492E-B8E2-CA6CB5B53170}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{AB88C947-E3BF-4B62-B251-D0083CEA5B1D}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [TCP Query User{0295E577-1CA6-4C19-9A88-982AABE2D455}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\the sims 4\the sims 4\game\bin\ts4_x64.exe No File
FirewallRules: [UDP Query User{6BD3B100-9BF9-4508-9EF2-8BF1360B1355}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{856B9DC0-01C5-4FF5-82D9-A6C759F3EAC1}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B3040E49-CF85-4F17-ACFC-21C9F983309A}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{B3357254-DAB1-4386-9B15-8DC6550B102E}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A032812E-30D6-4FC4-AB81-84CD997305BC}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{699B5A8F-FB18-4A5A-924C-54A0C2BA89E2}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{D153EDE3-F290-4C4F-AFAA-9216C585104C}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6A7908B0-81D1-4723-BB22-A53D6F6281F6}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C8832AC4-7F20-4F0E-AD37-83BB74CC402A}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{93DFBD85-2425-4407-B358-F35408977244}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C58916A0-7B56-4EFA-8D82-D8F59BE003A5}D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{299D1A29-ACA6-463E-9475-5D063BF8CA54}D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1570FA41-5DCF-4C9F-8C54-D30DD5F2BD73}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4D66587B-C83C-4E4E-9E00-3D96E118342E}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{F9BB2D63-01D4-464A-A153-6CE3484C407F}D:\the sims 4\the sims 4\game\bin\ts4.exe] => (Allow) D:\the sims 4\the sims 4\game\bin\ts4.exe No File
FirewallRules: [TCP Query User{ACA4CD66-5781-4441-9B8A-4BDFA5D48684}D:\the sims 4\the sims 4\game\bin\ts4.exe] => (Allow) D:\the sims 4\the sims 4\game\bin\ts4.exe No File
FirewallRules: [UDP Query User{FF854625-AE50-4E2B-85CB-B367711036A1}D:\origin\apex\r5apex.exe] => (Allow) D:\origin\apex\r5apex.exe No File
FirewallRules: [TCP Query User{03F13AE9-CFD7-4145-AC21-7EE4FED75ADF}D:\origin\apex\r5apex.exe] => (Allow) D:\origin\apex\r5apex.exe No File
FirewallRules: [UDP Query User{69EA6F45-D321-4C16-829E-A8CCBB8B09CD}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BCA426F2-95B4-46D0-AF8F-858867D7F599}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{4F168249-760A-42A4-B165-0FFC6663A421}D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{7BEF1FF6-B159-433F-8A81-B5B35C67E39C}D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{42ECEE35-164F-4907-8B4D-C0A6018573A5}D:\battlenet\destyny 2\destiny 2\destiny2.exe] => (Allow) D:\battlenet\destyny 2\destiny 2\destiny2.exe No File
FirewallRules: [TCP Query User{1FB741AB-A20D-4741-A7F5-A9EE2163CD3A}D:\battlenet\destyny 2\destiny 2\destiny2.exe] => (Allow) D:\battlenet\destyny 2\destiny 2\destiny2.exe No File
FirewallRules: [UDP Query User{29FD90BD-69DA-450D-BF0C-4EE79483CC62}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{92543E2B-E723-47F3-BFD2-D4D647557879}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{46F52CDB-D160-43A2-A403-2925E978DC7C}D:\world of tank\worldoftanks.exe] => (Allow) D:\world of tank\worldoftanks.exe No File
FirewallRules: [UDP Query User{293310FF-4EDE-4CA0-B7A6-C9E077842F93}D:\world of tank\worldoftanks.exe] => (Allow) D:\world of tank\worldoftanks.exe No File
FirewallRules: [TCP Query User{45DCB8D1-5201-4DDF-A013-5BA68F170197}D:\world of tank\wotlauncher.exe] => (Allow) D:\world of tank\wotlauncher.exe No File
FirewallRules: [UDP Query User{91952CAA-8FE3-4F39-9302-EDC486895FA7}D:\world of tank\wotlauncher.exe] => (Allow) D:\world of tank\wotlauncher.exe No File
FirewallRules: [TCP Query User{B213BED2-6223-4AF0-BBA7-563C30AC6E5B}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{1423B505-D36B-46C0-B6A2-06351101FF27}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{F011228E-420C-454B-9BFF-9A69007E05F1}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{B7935B9E-5F91-4BC4-B453-FF940382FF76}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{4AEDA780-6952-4CDE-AC1D-3E0DCAF016F7}C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe] => (Allow) C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe No File
FirewallRules: [UDP Query User{8A7FC222-6976-46E9-997F-654CEDEF525B}C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe] => (Allow) C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe No File
FirewallRules: [TCP Query User{8EB5EBDA-CFFD-4C64-BA70-3C8370FFECE7}C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe] => (Block) C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe No File
FirewallRules: [UDP Query User{4322AF2F-09E0-4227-AACB-4554FDE20AE9}C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe] => (Block) C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 555
Average :
Sum : 2996205989
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe ========================

D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
File not signed
MD5: 2A456AFE195E6878EEC5E193EA383B15
Creation and modification date: 2018-09-26 09:44 - 2018-06-11 14:57
Size: 000009728
Attributes: ----A
Company Name: Hi-Rez Studios
Internal Name: HiPatchService.exe
Original Name: HiPatchService.exe
Product: HiPatchService
Description: HiPatchService
File Version: 6.0.3.2
Product Version: 6.0.3.2
Copyright: Copyright © Hi-Rez Studios 2011
VirusTotal: https://www.virustotal.com/file/0b4f17f ... 585400202/

====== End of File: ======

HKU\S-1-5-21-1179111831-1948279992-4122349688-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{028109c4-a53f-11e9-8298-1c1b0deaa91b} => removed successfully
"Firefox newtab" => removed successfully
C:\Users\vojta\AppData\Roaming\Mozilla\Firefox\Profiles\q8xv8cjp.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => moved successfully
C:\ProgramData\Application Data\Lavasoft => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
C:\Users\vojta => ":Heroes & Generals" ADS removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\vojta\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\vojta\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BA898A34-C17C-411B-AE88-8A56D6BB5749}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E40048AA-4C74-43B2-AAE2-6F53651AD16B}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{15A6844F-44F9-4857-B0C4-9BF1EC958496}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{93F564A8-57BA-44B2-8069-FAA750F3F74F}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{718C750A-B07C-4D47-BC5F-495FE979A1AD}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{72EE9939-5F51-4030-B7B1-CDD850528939}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{464EAEEB-0F47-426F-9282-6E802DA767B6}D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{790A1404-7D2E-42B4-AE6A-5C5C26F7173E}D:\league of legends\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1DE299EF-29F9-4251-865F-9079387A12D7}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9A282FEF-D4AF-492E-B8E2-CA6CB5B53170}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB88C947-E3BF-4B62-B251-D0083CEA5B1D}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0295E577-1CA6-4C19-9A88-982AABE2D455}D:\the sims 4\the sims 4\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6BD3B100-9BF9-4508-9EF2-8BF1360B1355}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{856B9DC0-01C5-4FF5-82D9-A6C759F3EAC1}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B3040E49-CF85-4F17-ACFC-21C9F983309A}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B3357254-DAB1-4386-9B15-8DC6550B102E}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A032812E-30D6-4FC4-AB81-84CD997305BC}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{699B5A8F-FB18-4A5A-924C-54A0C2BA89E2}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D153EDE3-F290-4C4F-AFAA-9216C585104C}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6A7908B0-81D1-4723-BB22-A53D6F6281F6}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C8832AC4-7F20-4F0E-AD37-83BB74CC402A}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{93DFBD85-2425-4407-B358-F35408977244}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C58916A0-7B56-4EFA-8D82-D8F59BE003A5}D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{299D1A29-ACA6-463E-9475-5D063BF8CA54}D:\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1570FA41-5DCF-4C9F-8C54-D30DD5F2BD73}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4D66587B-C83C-4E4E-9E00-3D96E118342E}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F9BB2D63-01D4-464A-A153-6CE3484C407F}D:\the sims 4\the sims 4\game\bin\ts4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ACA4CD66-5781-4441-9B8A-4BDFA5D48684}D:\the sims 4\the sims 4\game\bin\ts4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FF854625-AE50-4E2B-85CB-B367711036A1}D:\origin\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{03F13AE9-CFD7-4145-AC21-7EE4FED75ADF}D:\origin\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{69EA6F45-D321-4C16-829E-A8CCBB8B09CD}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BCA426F2-95B4-46D0-AF8F-858867D7F599}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4F168249-760A-42A4-B165-0FFC6663A421}D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7BEF1FF6-B159-433F-8A81-B5B35C67E39C}D:\league of legends\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{42ECEE35-164F-4907-8B4D-C0A6018573A5}D:\battlenet\destyny 2\destiny 2\destiny2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1FB741AB-A20D-4741-A7F5-A9EE2163CD3A}D:\battlenet\destyny 2\destiny 2\destiny2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{29FD90BD-69DA-450D-BF0C-4EE79483CC62}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{92543E2B-E723-47F3-BFD2-D4D647557879}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{46F52CDB-D160-43A2-A403-2925E978DC7C}D:\world of tank\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{293310FF-4EDE-4CA0-B7A6-C9E077842F93}D:\world of tank\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{45DCB8D1-5201-4DDF-A013-5BA68F170197}D:\world of tank\wotlauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{91952CAA-8FE3-4F39-9302-EDC486895FA7}D:\world of tank\wotlauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B213BED2-6223-4AF0-BBA7-563C30AC6E5B}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1423B505-D36B-46C0-B6A2-06351101FF27}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F011228E-420C-454B-9BFF-9A69007E05F1}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B7935B9E-5F91-4BC4-B453-FF940382FF76}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4AEDA780-6952-4CDE-AC1D-3E0DCAF016F7}C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8A7FC222-6976-46E9-997F-654CEDEF525B}C:\users\vojta\appdata\local\plarium\plariumplay\standaloneapps\raid\205\raid.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8EB5EBDA-CFFD-4C64-BA70-3C8370FFECE7}C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4322AF2F-09E0-4227-AACB-4554FDE20AE9}C:\users\vojta\appdata\local\temp\rar$exa17248.16594\the.sims.4.tiny.living.and.all.dlcs\the.sims.4.tiny.living.and.all.dlcs\game\bin_le\ts4.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42909044 B
Java, Flash, Steam htmlcache => 443737244 B
Windows/system/drivers => 4517544 B
Edge => 43611 B
Chrome => 675398 B
Firefox => 1103324542 B
Opera => 745221 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 7658 B
vojta => 4871673 B

RecycleBin => 294604 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End 1 Fixlog 14:52:19 ====
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: preventivní kontrola

#9 Příspěvek od Conder »

OK. Ako to vyzera s PC? Su nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Im_Ghost
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 bře 2020 19:34

Re: preventivní kontrola

#10 Příspěvek od Im_Ghost »

žadné problémy všechno jede v pohodě
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: preventivní kontrola

#11 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Im_Ghost
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 bře 2020 19:34

Re: preventivní kontrola

#12 Příspěvek od Im_Ghost »

# DelFix v1.013 - Logfile created 05/04/2020 at 22:21:46
# Updated 17/04/2016 by Xplode
# Username : vojta - DESKTOP-7KBI6L7
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\vojta\Desktop\Fixlog.txt
Deleted : C:\Users\vojta\Desktop\FRST64.exe
Deleted : C:\Users\vojta\Desktop\report_20191227_115322.zip
Deleted : C:\Users\vojta\Desktop\report_20191227_115349.zip
Deleted : C:\Users\vojta\Desktop\report_20191227_121624.zip
Deleted : C:\Users\vojta\Desktop\RSITx64.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: preventivní kontrola

#13 Příspěvek od Conder »

Toto je OK :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Im_Ghost
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 30 bře 2020 19:34

Re: preventivní kontrola

#14 Příspěvek od Im_Ghost »

Děkuju za kontrolu PC :)
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: preventivní kontrola

#15 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“