Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyskakující stránka

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Pete
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 led 2019 13:48

Vyskakující stránka

#1 Příspěvek od Pete »

Dobrý večer, už nějakou dobu mám problém při zapnutí PC.
Samovolně při startu se spustí internetový prohlížeč se stránkou obsahující různe reklamy, dnes to byl dokonce pornografický materiál.
dávám logy z FRST.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.04.2019 01
Ran by mojko (20-04-2019 23:05:17)
Running from C:\Users\mojko\OneDrive\Plocha
Windows 10 Pro Version 1803 17134.706 (X64) (2018-08-12 14:20:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-488830516-3087435467-1000753162-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-488830516-3087435467-1000753162-503 - Limited - Disabled)
Guest (S-1-5-21-488830516-3087435467-1000753162-501 - Limited - Disabled)
mojko (S-1-5-21-488830516-3087435467-1000753162-1001 - Administrator - Enabled) => C:\Users\mojko
WDAGUtilityAccount (S-1-5-21-488830516-3087435467-1000753162-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Brotherhood 1.03 (HKLM-x32\...\Assassins Creed - Brotherhood_is1) (Version: - )
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bioshock Infinite verze v1.1.25.5165 (HKLM-x32\...\Bioshock Infinite_is1) (Version: v1.1.25.5165 - (R.G.Danik1B9))
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dishonored - Game of the Year Edition (HKLM-x32\...\Dishonored - Game of the Year Edition_is1) (Version: - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden
Fallout 4 Complete Pack (HKLM-x32\...\Fallout 4 Complete Pack_is1) (Version: 1.7 - Bethesda Softworks)
GIMP 2.10.4 (HKLM\...\GIMP-2_is1) (Version: 2.10.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HP DeskJet 4530 series Nápověda (HKLM-x32\...\{6533E793-4E8D-4C7C-B287-4115DA1F40E3}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kingdoms and Castles Grand Buildings (HKLM-x32\...\Kingdoms and Castles Grand Buildings_is1) (Version: - )
Little Nightmares - Fox mask (HKLM-x32\...\1828170949_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Hideaway (HKLM-x32\...\1675156362_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Scarecrow sack (HKLM-x32\...\1268928435_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Tengu mask (HKLM-x32\...\1611302854_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - The Depths (HKLM-x32\...\1863057712_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - The Residence (HKLM-x32\...\1185734803_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Upside-down teapot (HKLM-x32\...\1352220891_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares (HKLM-x32\...\1433377508_is1) (Version: 1.0.43.1 - GOG.com)
Microsoft OneDrive (HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{756E195A-CB58-4B99-917F-0DDA0D881204}) (Version: 1.0.4.0 - Mojang)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Movavi Video Editor 14 Plus (x64) (HKLM\...\Movavi Video Editor 14 Plus (x64)) (Version: 14.5.0 - Movavi)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Ori and The Blind Forest - Definitive Edition (HKLM-x32\...\1384944984_is1) (Version: 2.0.0.2 - GOG.com)
Origin (HKLM-x32\...\Origin) (Version: 10.5.36.23506 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.94 - NVIDIA Corporation) Hidden
Papers, Please (HKLM-x32\...\Papers, Please_is1) (Version: - )
Prey (HKLM-x32\...\{ED1E7C2D-2BD8-4000-AD10-837ABB6A478F}_is1) (Version: - Bethesda Softworks)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Skype verze 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{93AB5884-7DE1-4F7E-881D-0AA548DD32E5}) (Version: 40.11.1122.1796 - HP Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{BC36C273-E8B5-4673-826C-13D8CA9458F6}) (Version: 40.11.1122.1796 - HP Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-488830516-3087435467-1000753162-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-08-12 19:45 - 2018-08-12 19:45 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed III:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed Unity:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Avalanche Studios:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Battlefield 1:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\BeamNG.drive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\CPY_SAVES:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\EA Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Fax:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Flower:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Klei:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Mirrors Edge Catalyst:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\My Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Rockstar Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Shadow of the Tomb Raider:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\StarCraft II:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Ubisoft:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\WB Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-08-12 14:56 - 2019-01-04 15:36 - 000000825 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mojko\OneDrive\Plocha\wallpaper\923008.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{41C405C2-0CCE-4260-BB67-78D45005528B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A6AE7618-23BF-457D-881E-B5CE6C2DEC0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E0EA4EB-63D3-4C6A-B1FF-A7DFFE645B81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9FAD99A5-D3D4-4D06-A90D-438A49156F2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4A2BE45-B956-4249-8043-02380225B4B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{600A3DAD-831F-4E9E-8C30-8B3BB8C0EAA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7FBF9637-3E56-464E-B05E-9D61BD037235}] => (Allow) C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A7C434DF-60AC-413E-A43E-9B2B67FF7FD0}] => (Allow) C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C5A8B7CF-9945-420C-B06C-19B3638C1693}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{151FD0DF-1C3E-4F46-BE7A-C366EE035F2A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [TCP Query User{4A905F54-9F7F-45EC-958A-A039405CB872}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [UDP Query User{76B2458E-1C2D-4DD2-8FBA-3846C337E183}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [TCP Query User{C8242197-060D-48B6-B250-4488D0F880ED}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{C6644D46-B35A-4D9A-B8A8-EE42C0722226}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [{88863386-3C9B-4569-90F4-80A2B8931728}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7D7BB168-1AF4-4398-A2FC-FF0340194B2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{73E6AD70-8CE2-404E-BC0D-8B386971B913}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [UDP Query User{97E8F56B-AC28-4F67-A8AE-4C677169D237}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [TCP Query User{46900934-BF72-49F4-893C-BB16896A203A}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [UDP Query User{01CC2A8E-4802-4021-BA95-1EB78055A6BC}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [TCP Query User{6C85634A-6C0A-42CA-9D19-34ABA0F4EEB0}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{7684144C-3AC9-489B-B072-93F906A72C06}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D4E19200-BBC8-42A5-A6BC-1050A17E00EE}D:\games\starcraft ii\support\sc2editor.exe] => (Allow) D:\games\starcraft ii\support\sc2editor.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{D5C4AE6C-3540-4A97-AA4F-CA4388D2FC58}D:\games\starcraft ii\support\sc2editor.exe] => (Allow) D:\games\starcraft ii\support\sc2editor.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{9DEEFEDB-E60E-47E9-8BF5-E415AB625B16}D:\games\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\games\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{B3830F29-E001-44AA-A73A-478C16235999}D:\games\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\games\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{8EAC5D8B-4E5B-4F18-BB5D-6F091AA06B8B}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{508640BB-E1EE-4A88-9BEC-CB242F290461}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{384E4CE7-7DB5-44A8-8A31-AEAE691680AC}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [{81E40E46-25AB-4180-9446-CC79674A82FE}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [TCP Query User{4CD6E5E0-9B8E-40CF-9F81-3F38747EC6E7}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{B33AA652-8201-4E63-84EE-82B96F29D1D6}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [{F76497B9-0A79-40A4-92A2-1436EFF6ECA5}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{1119F732-7E49-496C-B8C2-C16A3845E1BA}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{E61F3FDF-D7C8-43D0-9D20-F1F86F750D85}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{BD36437A-882E-49C7-ADFE-E62404A965AB}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{57D82849-6B0B-4447-AE64-21104729F864}] => (Allow) D:\Games\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{C97EBF01-6074-4E82-9F69-D3759969301C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{2279D176-215D-442C-9794-2B37E0AFDAD9}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [UDP Query User{3809BB5B-A0F9-4FC0-B3EC-029412B820E5}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [TCP Query User{7DAF7868-216C-435D-A3BB-0CCC4000A6F5}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [UDP Query User{6FF3E752-F569-4B14-BA41-7BEBD5C63C32}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [TCP Query User{B5C5DA34-C97B-44A5-BD09-C86B81AE6B35}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [UDP Query User{A9F0F0A6-0B3C-40F4-A0EC-974CD6AD1DD5}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [{FAAB2F4E-0DC9-4A13-82C1-7F04DE66AFC2}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{FEEBD061-1D32-4DDC-84A9-1D5FA8450064}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{84501E9F-55EB-4783-8040-8D79C7F693E4}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{A03D240A-C624-487F-8575-4A59608272A4}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{90488850-E521-4F17-8135-81D8EC8CCB01}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{363B3245-ACC2-456E-85AD-F6A3A5D3767E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18ABCD4D-8174-4095-9F25-27CE0C221C4A}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{AAD0DADC-9871-4621-95FF-E596D357A93C}] => (Allow) LPort=5357
FirewallRules: [{957D4225-9C62-486C-AF48-35271C86C7AC}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{14BBCB4F-3894-43A1-AD80-BED0BB7C8253}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1FA35AC1-E3AF-4F00-9C5D-1950DEC9E348}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D9822B67-8122-4DA8-ADC6-E6BF744F1BDC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{43F7AD49-67D7-43C4-B432-087EA72414CC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E2F751FC-1B1E-4317-AD56-684FC83A3118}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{F1E5FFE4-BC3E-4465-A3F6-E9BD404A5E1B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [TCP Query User{C587A408-2DAE-411F-90DF-949FDBD03470}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{8000F599-D4E0-4997-87F4-ADFA5F51013F}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{C36C9337-3A1A-4278-A33A-D13AB39E8522}D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [UDP Query User{7EB847A7-FB41-4C82-825B-48879FE0B670}D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [TCP Query User{FD53F35F-029F-46E1-A710-0CE98629D0B8}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [UDP Query User{4EABC687-2D8D-4FF2-BF40-C96231E156EE}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [TCP Query User{397E56F6-50A1-4D41-B368-425AEFB0D344}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{83D241CD-78F8-452F-9200-9AAF6657FD28}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{06189B38-3AE5-4D4C-843E-463735E36BDA}D:\games\assassins creed - brotherhood\acbsp.exe] => (Allow) D:\games\assassins creed - brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{DCA13E2C-D431-4B01-8619-24155976BB2B}D:\games\assassins creed - brotherhood\acbsp.exe] => (Allow) D:\games\assassins creed - brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{4349B2D4-9654-4756-9FB3-A667AA5B7CAC}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{3DFE1328-4071-4D20-A4A0-1B7DEF455723}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F5304ADA-D16F-40BD-A909-20C901BE3F33}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{6971210A-3040-4CE6-B545-7B9D1F50184F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{62895721-30E4-4921-9B2B-532B8B0B0E45}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{BB8119E2-E007-4369-809B-90B221758CDD}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{43559B02-E1FE-40C8-9D5F-3047F7992690}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{5ABD9258-BB07-4D26-A9A3-7015A456E2B6}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{D083DE7B-927D-4276-9AD8-9FAE8272360D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B4264688-430B-4CFF-A3D3-DA939E7739A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{73480E4E-7775-40AA-94AF-2AF467426656}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C2DC316E-6DFC-433A-A4A2-8683330F9A97}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{4A2A6B21-79B5-485D-8F08-6604A4169FB2}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{416E10BC-44BF-401E-8C13-9E75BBC7548D}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [TCP Query User{8EEEAB2D-D741-4EE1-8131-29446FD22D56}D:\games\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{0556E93E-F0E3-47D3-B659-07E9A91D7F77}D:\games\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{52DE904C-A5CB-435F-8E38-C09E3B7E45EF}D:\games\godot engine\godot_v3.1-stable_win64.exe] => (Allow) D:\games\godot engine\godot_v3.1-stable_win64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [UDP Query User{A7032EFF-4786-4CCD-90B7-001592677B3F}D:\games\godot engine\godot_v3.1-stable_win64.exe] => (Allow) D:\games\godot engine\godot_v3.1-stable_win64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [TCP Query User{525E9D48-2CC1-464F-8DFC-3505EE0DAE53}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [UDP Query User{F5E85EC0-4F79-4411-87A3-D63CD543A0D9}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [{A2A6B19B-BDF9-49C5-A800-661F610E5477}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{525933A2-98BD-447E-9959-DC0EA4F9406F}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{B50D890E-92ED-4174-A4D6-F0DB273F5AB0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E0E1AFA-D1DF-4AC3-A591-CECA92F54291}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{861D6157-CF55-4ED1-9948-AAB10C53AAC8}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{19DEC2B2-0FED-49AB-BD2F-872AD2548949}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{85605A5D-F9D7-4BFE-A2EE-9BFEAC823D8C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{0DB7129D-9D28-4376-8646-7DD8D8A5CEE3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{6D0D8231-136C-46A8-86B4-B91BAC4720A8}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{2EBF16F2-6A3C-4056-8721-AE5F2D8650FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4800FC86-CDAE-40CE-9AC8-B4CAAB543EB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2E220E5E-23E9-422F-976B-29ADA47D25FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B8FE358-C29C-4A21-9C90-539B2D12A84C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

01-04-2019 23:16:48 Instalační služba modulů systému Windows
05-04-2019 13:04:49 Windows Update
10-04-2019 18:05:03 Windows Update
19-04-2019 12:12:15 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2019 11:11:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 3108

Čas spuštění: 01d4f6f457e9627b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: e331d12f-4375-482a-8bd6-d167d9ee00f9

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/19/2019 08:55:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1080

Čas spuštění: 01d4f69687b1c611

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: 862947d7-195e-40af-b2b2-1854be5d04fc

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/14/2019 04:31:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1e2c

Čas spuštění: 01d4f2ce7adbac9a

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: 3104fe00-c797-4245-843f-4aeb34fb6c56

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/12/2019 10:44:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: fc8

Čas spuštění: 01d4f14988daaf0d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: 7356694e-fd03-40e6-b055-e4bc484c506e

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/10/2019 07:03:33 PM) (Source: ESENT) (EventID: 553) (User: )
Description: SettingSyncHost (7304,P,98) {3DC47919-E944-4ECD-B733-A0F12257424D}: Failed looking up restore-map entry for database C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032.

Error: (04/10/2019 07:03:33 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (7304,P,98) {3DC47919-E944-4ECD-B733-A0F12257424D}: Pokus o otevření souboru C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (04/10/2019 07:03:23 PM) (Source: ESENT) (EventID: 553) (User: )
Description: SettingSyncHost (7304,P,98) {EE425ADD-6386-463F-B69F-1044F75A1795}: Failed looking up restore-map entry for database C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032.

Error: (04/10/2019 07:03:23 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (7304,P,98) {EE425ADD-6386-463F-B69F-1044F75A1795}: Pokus o otevření souboru C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (04/20/2019 10:53:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/20/2019 10:52:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/20/2019 10:52:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/20/2019 10:52:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/20/2019 10:52:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/20/2019 10:51:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/20/2019 07:05:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DMT7107)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/20/2019 07:05:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DMT7107)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-04-03 17:02:38.313
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BD3D2381-0383-497B-AAF1-60926853B39F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-02 00:54:17.239
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8E73B0DF-62F6-41AD-9701-18505315E0BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 44%
Total physical RAM: 8135.29 MB
Available physical RAM: 4495.95 MB
Total Virtual: 10951.29 MB
Available Virtual: 6965.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.13 GB) (Free:97.71 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:121.06 GB) NTFS

\\?\Volume{0f4796b3-1dbe-4604-af63-5482cc792c8b}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{e8b04dcb-fe4b-4d7a-b06e-b11bc5931d6b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B1651AD0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.04.2019 01
Ran by mojko (administrator) on DESKTOP-DMT7107 (System manufacturer System Product Name) (20-04-2019 23:04:26)
Running from C:\Users\mojko\OneDrive\Plocha
Loaded Profiles: mojko (Available Profiles: mojko)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mojko\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mojko\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\FileCoAuth.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [HP DeskJet 4530 series (NET)] => C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [mojko] => explorer.exe hxxp://dipladoks.org <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01D482EB-C39B-466F-9C0B-0E9A9B333183} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D8419D2-DD91-463B-B3A1-FE98C5FA7D36} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {143A6F5C-2197-4177-8FC6-25DBC057C1AD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D3A2E6B-E229-4E79-AD9C-7CF8DA89440F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EE679C3-BDEC-4364-B78A-8FE88BBE8438} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe (Hewlett Packard -> HP Inc.)
Task: {20EB538D-DBB2-47E5-A3FD-BE8E6C475106} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36C868AC-05B8-42E8-A6A9-7A65D2D27B90} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40724DFE-532B-4B47-B333-DF84F1A43D21} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CF9AC85-01F4-4135-85CB-57B06D991509} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D7B0577-2E05-4535-898E-0F8D6A36E7C4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5B06DC8-55BB-417F-A63F-F601CF9B102B} - System32\Tasks\mojko => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v mojko /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION
Task: {B7529406-FB5A-4915-9BEC-68829953878E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {C561E2AA-238A-4EA6-8093-FFDB298A5DB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DBD0BCA1-B80F-4571-8974-96C2F22F0A63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {ED9A8DD8-954B-46D6-AB67-78723E97335F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F38CF806-1534-4233-90AD-D26F1CABD2D4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBC20847-8AAD-4EB8-89AF-4C2C846146A2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF0B7606-B0BA-4C51-B660-5511CDB25661} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84fc45a9-6178-453d-b7af-bf0ffa0bebef}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__180812
SearchScopes: HKU\S-1-5-21-488830516-3087435467-1000753162-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__180812&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?hl=cs
CHR StartupUrls: Default -> "hxxps://www.google.cz/?hl=cs"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default [2019-04-20]
CHR Extension: (Prezentace) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-12]
CHR Extension: (Dokumenty) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-12]
CHR Extension: (Disk Google) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-12]
CHR Extension: (Tabulky) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-12]
CHR Extension: (AdBlock) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-12]
CHR Extension: (Gmail) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-07] (BattlEye Innovations e.K. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2019-02-14] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476264 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6992f55a2cc4b209\nvlddmkm.sys [20371952 2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [52664 2017-11-07] (NVIDIA Corporation -> Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 UsbserFilt; C:\Windows\System32\drivers\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [333792 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-31] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-20 23:03 - 2019-04-20 23:04 - 000000000 ____D C:\FRST
2019-04-20 22:52 - 2019-04-20 22:52 - 000000000 ___HD C:\OneDriveTemp
2019-04-20 11:02 - 2019-04-20 11:02 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-04-13 22:00 - 2019-04-13 22:00 - 000000000 ___RD C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents
2019-04-13 22:00 - 2019-04-13 22:00 - 000000000 ____D C:\Users\mojko\OneDrive\Dokumenty\Fax
2019-04-12 17:59 - 2019-04-12 17:59 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-10 18:07 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 18:07 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-04-10 18:07 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-10 18:07 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 18:06 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-04-10 18:06 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-04-10 18:06 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-10 18:06 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-10 18:06 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-04-10 18:06 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-10 18:06 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-10 18:06 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-10 18:06 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-10 18:06 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-04-10 18:06 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-04-10 18:06 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-10 18:06 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-10 18:06 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-04-10 18:06 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-04-10 18:06 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-04-10 18:06 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-10 18:06 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-10 18:06 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-04-10 18:06 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-10 18:06 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-10 18:06 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-04-10 18:06 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-04-10 18:06 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-04-10 18:06 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-04-10 18:06 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-04-10 18:06 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-10 18:06 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-04-10 18:06 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-04-10 18:06 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-04-10 18:06 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-10 18:06 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-04-10 18:06 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-10 18:06 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-04-10 18:06 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-04-10 18:06 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-04-10 18:06 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-04-10 18:06 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-04-10 18:06 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-04-10 18:06 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-04-10 18:06 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 18:06 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-10 18:06 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-04-10 18:06 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-10 18:06 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-04-10 18:06 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 18:06 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-04-10 18:06 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-04-10 18:06 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-04-10 18:06 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-04-10 18:06 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-10 18:06 - 2019-04-02 08:22 - 000001312 _____ C:\Windows\system32\tcbres.wim
2019-04-10 18:06 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-04-10 18:06 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-04-10 18:06 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-04-10 18:06 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-04-10 18:06 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-10 18:06 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-04-10 18:06 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 18:06 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 18:06 - 2019-03-14 16:55 - 001786680 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 001626928 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 001038136 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-04-10 18:06 - 2019-03-14 16:52 - 001424696 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000954160 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000830264 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000827704 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2019-04-10 18:06 - 2019-03-14 16:52 - 000825144 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000749880 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000670008 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000164664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2019-04-10 18:06 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-10 18:06 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\appinfoext.dll
2019-04-10 18:06 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2019-04-10 18:06 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-04-10 18:06 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-04-10 18:06 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\RpcPing.exe
2019-04-10 18:06 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2019-04-10 18:06 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2019-04-10 18:06 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2019-04-10 18:06 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2019-04-10 18:06 - 2019-03-14 16:29 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2019-04-10 18:06 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-04-10 18:06 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-04-10 18:06 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2019-04-10 18:06 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcPing.exe
2019-04-10 18:06 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 18:06 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2019-04-10 18:06 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2019-04-10 18:06 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-04-10 18:06 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-04-10 18:06 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-04-10 18:06 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-04-10 18:06 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpr.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-04-10 18:06 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-04-10 18:06 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-10 18:06 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-04-10 18:06 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-04-10 18:06 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-04-10 18:06 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-04-10 18:06 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-04-10 18:06 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-04-10 18:06 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-04-10 18:06 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 18:06 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-10 18:06 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcmapi.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2019-04-10 18:06 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-04-10 18:06 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\negoexts.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-04-10 18:06 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-04-10 18:06 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-04-10 18:06 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-04-10 18:06 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-04-10 18:06 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-04-10 18:06 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\fcon.dll
2019-04-10 18:06 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-10 18:06 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2019-04-10 18:06 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-04-10 18:06 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\wcmapi.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 18:06 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-04-10 18:06 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\negoexts.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2019-04-10 18:06 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\ShellCommonCommonProxyStub.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-04-10 18:06 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-04-10 18:06 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-04-10 18:06 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-04-10 18:06 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-04-08 02:11 - 2019-04-08 02:11 - 000010650 _____ C:\Users\mojko\AppData\Local\recently-used.xbel
2019-03-31 19:53 - 2019-04-03 22:03 - 000000000 ____D C:\Users\mojko\AppData\Roaming\Origin
2019-03-31 19:02 - 2019-03-31 19:02 - 000000000 ____D C:\Users\mojko\OneDrive\Dokumenty\EA Games
2019-03-31 19:02 - 2019-03-31 19:02 - 000000000 ____D C:\Users\mojko\AppData\Local\EA Games

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-20 23:00 - 2018-08-12 16:18 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-20 22:57 - 2018-08-12 16:24 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-20 22:57 - 2018-08-12 14:59 - 000715034 _____ C:\Windows\system32\perfh005.dat
2019-04-20 22:57 - 2018-08-12 14:59 - 000144328 _____ C:\Windows\system32\perfc005.dat
2019-04-20 22:57 - 2018-08-12 14:55 - 000000000 ____D C:\Windows\INF
2019-04-20 22:52 - 2018-08-12 18:52 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-20 22:52 - 2018-08-12 18:20 - 000000000 ___RD C:\Users\mojko\OneDrive
2019-04-20 22:52 - 2018-08-12 14:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-20 22:51 - 2018-08-12 16:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-20 22:51 - 2018-08-12 16:18 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-20 19:05 - 2018-08-12 14:53 - 000524288 _____ C:\Windows\system32\config\BBI
2019-04-20 18:45 - 2018-08-12 19:03 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 19:03 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-20 18:45 - 2018-08-12 18:43 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-04-20 18:45 - 2018-08-12 18:35 - 000003398 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-20 18:45 - 2018-08-12 18:35 - 000003174 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-20 18:45 - 2018-08-12 18:21 - 000002858 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-488830516-3087435467-1000753162-1001
2019-04-20 18:43 - 2018-08-12 16:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-20 11:02 - 2018-08-12 19:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-04-20 11:02 - 2018-08-12 16:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-04-20 10:17 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\AppReadiness
2019-04-20 01:16 - 2018-08-12 20:09 - 000000000 ____D C:\Users\mojko\AppData\Roaming\vlc
2019-04-19 23:10 - 2019-03-19 21:03 - 000000000 ____D C:\Users\mojko\AppData\LocalLow\uTorrent
2019-04-19 23:10 - 2018-08-12 22:07 - 000000000 ____D C:\Users\mojko\AppData\Roaming\uTorrent
2019-04-19 23:04 - 2018-08-12 14:56 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-19 21:04 - 2018-09-18 16:21 - 000000000 ____D C:\Users\mojko\AppData\Local\Ubisoft Game Launcher
2019-04-17 22:09 - 2018-08-12 18:43 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-04-16 20:27 - 2018-08-13 16:30 - 000000000 ____D C:\Users\mojko\AppData\Local\Battle.net
2019-04-16 19:10 - 2018-08-13 16:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-04-12 18:02 - 2018-08-12 18:15 - 000002361 _____ C:\Users\mojko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-12 17:59 - 2018-08-12 18:43 - 000476264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-11 20:04 - 2018-08-12 18:35 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 18:32 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\system32\NDF
2019-04-10 18:52 - 2018-08-12 16:18 - 000270024 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\TextInput
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\bcastdvr
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-10 18:09 - 2018-08-12 14:53 - 000000000 ____D C:\Windows\CbsTemp
2019-04-10 18:06 - 2018-08-12 18:27 - 000000000 ____D C:\Windows\system32\MRT
2019-04-10 18:05 - 2018-08-12 18:27 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-09 00:10 - 2018-08-22 20:13 - 000000000 ____D C:\Users\mojko\AppData\Local\CrashDumps
2019-04-08 15:24 - 2018-08-20 16:25 - 000000000 ____D C:\Users\mojko\AppData\Roaming\.minecraft
2019-04-08 02:22 - 2019-03-15 16:14 - 000003584 _____ C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-04-08 02:12 - 2018-08-18 15:17 - 000000000 ____D C:\Users\mojko\AppData\Local\babl-0.1
2019-04-05 13:05 - 2018-11-16 00:48 - 000000000 ____D C:\Program Files\rempl
2019-04-04 02:51 - 2018-08-12 19:44 - 000000000 ____D C:\ProgramData\Origin
2019-04-03 17:44 - 2018-08-12 19:47 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-04-03 17:43 - 2018-08-12 19:45 - 000000000 ____D C:\Program Files (x86)\Origin
2019-04-03 17:43 - 2018-08-12 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-02 19:00 - 2018-08-12 19:03 - 002769264 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-04-02 19:00 - 2018-08-12 19:03 - 002149232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-04-02 19:00 - 2018-08-12 19:03 - 001322864 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2019-04-02 17:25 - 2018-08-12 19:03 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-04-01 19:51 - 2018-08-12 14:58 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-08-12 14:58 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-31 22:28 - 2018-09-11 21:27 - 000000000 ____D C:\Users\mojko\AppData\Local\gtk-2.0
2019-03-31 22:00 - 2018-08-12 16:18 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-03-31 21:50 - 2018-08-12 18:28 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-03-30 13:40 - 2018-08-12 18:52 - 000000000 ____D C:\Program Files\WinRAR
2019-03-29 02:17 - 2018-08-12 18:52 - 000000000 ____D C:\Users\mojko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-29 02:17 - 2018-08-12 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

==================== Files in the root of some directories =======

2019-03-15 16:14 - 2019-04-08 02:22 - 000003584 _____ () C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-04-08 02:11 - 2019-04-08 02:11 - 000010650 _____ () C:\Users\mojko\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2018-08-12 16:18
==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakující stránka

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pete
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 led 2019 13:48

Re: Vyskakující stránka

#3 Příspěvek od Pete »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-18.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-21-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 9
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

Deleted Adaware Secure Search

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2012 octets] - [21/04/2019 15:01:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakující stránka

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pete
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 led 2019 13:48

Re: Vyskakující stránka

#5 Příspěvek od Pete »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.04.2019 01
Ran by mojko (administrator) on DESKTOP-DMT7107 (21-04-2019 15:39:07)
Running from C:\Users\mojko\OneDrive\Plocha
Loaded Profiles: mojko (Available Profiles: mojko)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mojko\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mojko\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\FileCoAuth.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [HP DeskJet 4530 series (NET)] => C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Run: [mojko] => explorer.exe hxxp://dipladoks.org <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01D482EB-C39B-466F-9C0B-0E9A9B333183} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D8419D2-DD91-463B-B3A1-FE98C5FA7D36} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {143A6F5C-2197-4177-8FC6-25DBC057C1AD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D3A2E6B-E229-4E79-AD9C-7CF8DA89440F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EE679C3-BDEC-4364-B78A-8FE88BBE8438} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe (Hewlett Packard -> HP Inc.)
Task: {20EB538D-DBB2-47E5-A3FD-BE8E6C475106} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36C868AC-05B8-42E8-A6A9-7A65D2D27B90} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40724DFE-532B-4B47-B333-DF84F1A43D21} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CF9AC85-01F4-4135-85CB-57B06D991509} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D7B0577-2E05-4535-898E-0F8D6A36E7C4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5B06DC8-55BB-417F-A63F-F601CF9B102B} - System32\Tasks\mojko => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v mojko /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION
Task: {B7529406-FB5A-4915-9BEC-68829953878E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {C561E2AA-238A-4EA6-8093-FFDB298A5DB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DBD0BCA1-B80F-4571-8974-96C2F22F0A63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {ED9A8DD8-954B-46D6-AB67-78723E97335F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F38CF806-1534-4233-90AD-D26F1CABD2D4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBC20847-8AAD-4EB8-89AF-4C2C846146A2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF0B7606-B0BA-4C51-B660-5511CDB25661} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84fc45a9-6178-453d-b7af-bf0ffa0bebef}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?hl=cs
CHR StartupUrls: Default -> "hxxps://www.google.cz/?hl=cs"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default [2019-04-21]
CHR Extension: (Prezentace) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-12]
CHR Extension: (Dokumenty) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-12]
CHR Extension: (Disk Google) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-12]
CHR Extension: (Tabulky) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-12]
CHR Extension: (AdBlock) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-12]
CHR Extension: (Adaware Secure) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2019-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-12]
CHR Extension: (Gmail) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-02-07] (BattlEye Innovations e.K. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2019-02-14] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476264 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6992f55a2cc4b209\nvlddmkm.sys [20371952 2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [52664 2017-11-07] (NVIDIA Corporation -> Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 UsbserFilt; C:\Windows\System32\drivers\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [333792 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-31] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-21 14:59 - 2019-04-21 15:02 - 000000000 ____D C:\AdwCleaner
2019-04-21 10:23 - 2019-04-21 10:23 - 000000000 ___HD C:\OneDriveTemp
2019-04-20 23:03 - 2019-04-21 15:39 - 000000000 ____D C:\FRST
2019-04-20 11:02 - 2019-04-20 11:02 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-04-13 22:00 - 2019-04-13 22:00 - 000000000 ___RD C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents
2019-04-13 22:00 - 2019-04-13 22:00 - 000000000 ____D C:\Users\mojko\OneDrive\Dokumenty\Fax
2019-04-12 17:59 - 2019-04-12 17:59 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-10 18:07 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 18:07 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-04-10 18:07 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-10 18:07 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 18:06 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-04-10 18:06 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-04-10 18:06 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-10 18:06 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-10 18:06 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-04-10 18:06 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-10 18:06 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-10 18:06 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-10 18:06 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-10 18:06 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-04-10 18:06 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-10 18:06 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-04-10 18:06 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-10 18:06 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-10 18:06 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-04-10 18:06 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-04-10 18:06 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-04-10 18:06 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-10 18:06 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-10 18:06 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-04-10 18:06 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-10 18:06 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-10 18:06 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-04-10 18:06 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-04-10 18:06 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-04-10 18:06 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-04-10 18:06 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-04-10 18:06 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-04-10 18:06 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-10 18:06 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-04-10 18:06 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-04-10 18:06 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-04-10 18:06 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-10 18:06 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-04-10 18:06 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-10 18:06 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-04-10 18:06 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-04-10 18:06 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-04-10 18:06 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-04-10 18:06 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-04-10 18:06 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-04-10 18:06 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-04-10 18:06 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 18:06 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-10 18:06 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-04-10 18:06 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-10 18:06 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-04-10 18:06 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 18:06 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-04-10 18:06 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-04-10 18:06 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-04-10 18:06 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-04-10 18:06 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-10 18:06 - 2019-04-02 08:22 - 000001312 _____ C:\Windows\system32\tcbres.wim
2019-04-10 18:06 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-04-10 18:06 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-04-10 18:06 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-04-10 18:06 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-04-10 18:06 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-04-10 18:06 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-04-10 18:06 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-04-10 18:06 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-10 18:06 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-04-10 18:06 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 18:06 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 18:06 - 2019-03-14 16:55 - 001786680 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 001626928 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 001038136 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-04-10 18:06 - 2019-03-14 16:53 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-04-10 18:06 - 2019-03-14 16:52 - 001424696 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000954160 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000830264 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000827704 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2019-04-10 18:06 - 2019-03-14 16:52 - 000825144 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000749880 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000670008 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2019-04-10 18:06 - 2019-03-14 16:52 - 000164664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2019-04-10 18:06 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-10 18:06 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\appinfoext.dll
2019-04-10 18:06 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2019-04-10 18:06 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-04-10 18:06 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-04-10 18:06 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\RpcPing.exe
2019-04-10 18:06 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2019-04-10 18:06 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2019-04-10 18:06 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2019-04-10 18:06 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2019-04-10 18:06 - 2019-03-14 16:29 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2019-04-10 18:06 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-04-10 18:06 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-04-10 18:06 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2019-04-10 18:06 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcPing.exe
2019-04-10 18:06 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 18:06 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2019-04-10 18:06 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2019-04-10 18:06 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-04-10 18:06 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-04-10 18:06 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-04-10 18:06 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-04-10 18:06 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpr.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-04-10 18:06 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-04-10 18:06 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-04-10 18:06 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-10 18:06 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-04-10 18:06 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-04-10 18:06 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-04-10 18:06 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-04-10 18:06 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-04-10 18:06 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-04-10 18:06 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-04-10 18:06 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-04-10 18:06 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 18:06 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-10 18:06 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2019-04-10 18:06 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcmapi.dll
2019-04-10 18:06 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2019-04-10 18:06 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-04-10 18:06 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 18:06 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\negoexts.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-04-10 18:06 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-04-10 18:06 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-04-10 18:06 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-04-10 18:06 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-04-10 18:06 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-04-10 18:06 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-04-10 18:06 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-04-10 18:06 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\fcon.dll
2019-04-10 18:06 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-10 18:06 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-04-10 18:06 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2019-04-10 18:06 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-04-10 18:06 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\wcmapi.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2019-04-10 18:06 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 18:06 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-04-10 18:06 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\negoexts.dll
2019-04-10 18:06 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2019-04-10 18:06 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-10 18:06 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\ShellCommonCommonProxyStub.dll
2019-04-10 18:06 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-04-10 18:06 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-04-10 18:06 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-04-10 18:06 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-04-10 18:06 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-04-10 18:06 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-04-10 18:06 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-04-08 02:11 - 2019-04-08 02:11 - 000010650 _____ C:\Users\mojko\AppData\Local\recently-used.xbel
2019-03-31 19:53 - 2019-04-03 22:03 - 000000000 ____D C:\Users\mojko\AppData\Roaming\Origin
2019-03-31 19:02 - 2019-03-31 19:02 - 000000000 ____D C:\Users\mojko\OneDrive\Dokumenty\EA Games
2019-03-31 19:02 - 2019-03-31 19:02 - 000000000 ____D C:\Users\mojko\AppData\Local\EA Games

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-21 15:39 - 2018-08-12 14:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-21 15:08 - 2018-08-12 16:24 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-21 15:08 - 2018-08-12 14:59 - 000715034 _____ C:\Windows\system32\perfh005.dat
2019-04-21 15:08 - 2018-08-12 14:59 - 000144328 _____ C:\Windows\system32\perfc005.dat
2019-04-21 15:08 - 2018-08-12 14:55 - 000000000 ____D C:\Windows\INF
2019-04-21 15:04 - 2018-08-12 16:18 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-21 15:02 - 2018-08-12 18:52 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-21 15:02 - 2018-08-12 18:20 - 000000000 ___RD C:\Users\mojko\OneDrive
2019-04-21 15:02 - 2018-08-12 16:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-21 15:02 - 2018-08-12 14:53 - 000524288 _____ C:\Windows\system32\config\BBI
2019-04-21 14:42 - 2018-08-12 16:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-21 11:58 - 2018-08-12 19:03 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 19:03 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-21 11:58 - 2018-08-12 18:43 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-04-21 11:58 - 2018-08-12 18:35 - 000003398 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-21 11:58 - 2018-08-12 18:35 - 000003174 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-21 11:58 - 2018-08-12 18:21 - 000002858 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-488830516-3087435467-1000753162-1001
2019-04-20 22:51 - 2018-08-12 16:18 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-20 11:02 - 2018-08-12 19:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-04-20 11:02 - 2018-08-12 16:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-04-20 10:17 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\AppReadiness
2019-04-20 01:16 - 2018-08-12 20:09 - 000000000 ____D C:\Users\mojko\AppData\Roaming\vlc
2019-04-19 23:10 - 2019-03-19 21:03 - 000000000 ____D C:\Users\mojko\AppData\LocalLow\uTorrent
2019-04-19 23:10 - 2018-08-12 22:07 - 000000000 ____D C:\Users\mojko\AppData\Roaming\uTorrent
2019-04-19 23:04 - 2018-08-12 14:56 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-19 21:04 - 2018-09-18 16:21 - 000000000 ____D C:\Users\mojko\AppData\Local\Ubisoft Game Launcher
2019-04-17 22:09 - 2018-08-12 18:43 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-04-16 20:27 - 2018-08-13 16:30 - 000000000 ____D C:\Users\mojko\AppData\Local\Battle.net
2019-04-16 19:10 - 2018-08-13 16:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-04-12 18:02 - 2018-08-12 18:15 - 000002361 _____ C:\Users\mojko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-12 17:59 - 2018-08-12 18:43 - 000476264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-11 20:04 - 2018-08-12 18:35 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 18:32 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\system32\NDF
2019-04-10 18:52 - 2018-08-12 16:18 - 000270024 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\TextInput
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Windows\bcastdvr
2019-04-10 18:51 - 2018-08-12 14:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-10 18:09 - 2018-08-12 14:53 - 000000000 ____D C:\Windows\CbsTemp
2019-04-10 18:06 - 2018-08-12 18:27 - 000000000 ____D C:\Windows\system32\MRT
2019-04-10 18:05 - 2018-08-12 18:27 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-09 00:10 - 2018-08-22 20:13 - 000000000 ____D C:\Users\mojko\AppData\Local\CrashDumps
2019-04-08 15:24 - 2018-08-20 16:25 - 000000000 ____D C:\Users\mojko\AppData\Roaming\.minecraft
2019-04-08 02:22 - 2019-03-15 16:14 - 000003584 _____ C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-04-08 02:12 - 2018-08-18 15:17 - 000000000 ____D C:\Users\mojko\AppData\Local\babl-0.1
2019-04-05 13:05 - 2018-11-16 00:48 - 000000000 ____D C:\Program Files\rempl
2019-04-04 02:51 - 2018-08-12 19:44 - 000000000 ____D C:\ProgramData\Origin
2019-04-03 17:44 - 2018-08-12 19:47 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-04-03 17:43 - 2018-08-12 19:45 - 000000000 ____D C:\Program Files (x86)\Origin
2019-04-03 17:43 - 2018-08-12 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-02 19:00 - 2018-08-12 19:03 - 002769264 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-04-02 19:00 - 2018-08-12 19:03 - 002149232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-04-02 19:00 - 2018-08-12 19:03 - 001322864 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2019-04-02 17:25 - 2018-08-12 19:03 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-04-01 19:51 - 2018-08-12 14:58 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-08-12 14:58 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-31 22:28 - 2018-09-11 21:27 - 000000000 ____D C:\Users\mojko\AppData\Local\gtk-2.0
2019-03-31 22:00 - 2018-08-12 16:18 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-03-31 21:50 - 2018-08-12 18:28 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-03-30 13:40 - 2018-08-12 18:52 - 000000000 ____D C:\Program Files\WinRAR
2019-03-29 02:17 - 2018-08-12 18:52 - 000000000 ____D C:\Users\mojko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-29 02:17 - 2018-08-12 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

==================== Files in the root of some directories =======

2019-03-15 16:14 - 2019-04-08 02:22 - 000003584 _____ () C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-04-08 02:11 - 2019-04-08 02:11 - 000010650 _____ () C:\Users\mojko\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.04.2019 01
Ran by mojko (21-04-2019 15:39:51)
Running from C:\Users\mojko\OneDrive\Plocha
Windows 10 Pro Version 1803 17134.706 (X64) (2018-08-12 14:20:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-488830516-3087435467-1000753162-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-488830516-3087435467-1000753162-503 - Limited - Disabled)
Guest (S-1-5-21-488830516-3087435467-1000753162-501 - Limited - Disabled)
mojko (S-1-5-21-488830516-3087435467-1000753162-1001 - Administrator - Enabled) => C:\Users\mojko
WDAGUtilityAccount (S-1-5-21-488830516-3087435467-1000753162-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Brotherhood 1.03 (HKLM-x32\...\Assassins Creed - Brotherhood_is1) (Version: - )
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bioshock Infinite verze v1.1.25.5165 (HKLM-x32\...\Bioshock Infinite_is1) (Version: v1.1.25.5165 - (R.G.Danik1B9))
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dishonored - Game of the Year Edition (HKLM-x32\...\Dishonored - Game of the Year Edition_is1) (Version: - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden
Fallout 4 Complete Pack (HKLM-x32\...\Fallout 4 Complete Pack_is1) (Version: 1.7 - Bethesda Softworks)
GIMP 2.10.4 (HKLM\...\GIMP-2_is1) (Version: 2.10.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HP DeskJet 4530 series Nápověda (HKLM-x32\...\{6533E793-4E8D-4C7C-B287-4115DA1F40E3}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kingdoms and Castles Grand Buildings (HKLM-x32\...\Kingdoms and Castles Grand Buildings_is1) (Version: - )
Little Nightmares - Fox mask (HKLM-x32\...\1828170949_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Hideaway (HKLM-x32\...\1675156362_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Scarecrow sack (HKLM-x32\...\1268928435_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Tengu mask (HKLM-x32\...\1611302854_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - The Depths (HKLM-x32\...\1863057712_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - The Residence (HKLM-x32\...\1185734803_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Upside-down teapot (HKLM-x32\...\1352220891_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares (HKLM-x32\...\1433377508_is1) (Version: 1.0.43.1 - GOG.com)
Microsoft OneDrive (HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{756E195A-CB58-4B99-917F-0DDA0D881204}) (Version: 1.0.4.0 - Mojang)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Movavi Video Editor 14 Plus (x64) (HKLM\...\Movavi Video Editor 14 Plus (x64)) (Version: 14.5.0 - Movavi)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Ori and The Blind Forest - Definitive Edition (HKLM-x32\...\1384944984_is1) (Version: 2.0.0.2 - GOG.com)
Origin (HKLM-x32\...\Origin) (Version: 10.5.36.23506 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.94 - NVIDIA Corporation) Hidden
Papers, Please (HKLM-x32\...\Papers, Please_is1) (Version: - )
Prey (HKLM-x32\...\{ED1E7C2D-2BD8-4000-AD10-837ABB6A478F}_is1) (Version: - Bethesda Softworks)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Skype verze 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{93AB5884-7DE1-4F7E-881D-0AA548DD32E5}) (Version: 40.11.1122.1796 - HP Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{BC36C273-E8B5-4673-826C-13D8CA9458F6}) (Version: 40.11.1122.1796 - HP Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-488830516-3087435467-1000753162-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-08-12 19:45 - 2018-08-12 19:45 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-08-12 19:45 - 2018-08-12 19:45 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed III:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed Unity:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Avalanche Studios:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Battlefield 1:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\BeamNG.drive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\CPY_SAVES:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\EA Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Fax:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Flower:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Klei:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Mirrors Edge Catalyst:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\My Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Rockstar Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Shadow of the Tomb Raider:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\StarCraft II:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Ubisoft:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\WB Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-08-12 14:56 - 2019-01-04 15:36 - 000000825 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mojko\OneDrive\Plocha\wallpaper\923008.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{41C405C2-0CCE-4260-BB67-78D45005528B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A6AE7618-23BF-457D-881E-B5CE6C2DEC0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E0EA4EB-63D3-4C6A-B1FF-A7DFFE645B81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9FAD99A5-D3D4-4D06-A90D-438A49156F2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4A2BE45-B956-4249-8043-02380225B4B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{600A3DAD-831F-4E9E-8C30-8B3BB8C0EAA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7FBF9637-3E56-464E-B05E-9D61BD037235}] => (Allow) C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A7C434DF-60AC-413E-A43E-9B2B67FF7FD0}] => (Allow) C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C5A8B7CF-9945-420C-B06C-19B3638C1693}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{151FD0DF-1C3E-4F46-BE7A-C366EE035F2A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [TCP Query User{4A905F54-9F7F-45EC-958A-A039405CB872}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [UDP Query User{76B2458E-1C2D-4DD2-8FBA-3846C337E183}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [TCP Query User{C8242197-060D-48B6-B250-4488D0F880ED}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{C6644D46-B35A-4D9A-B8A8-EE42C0722226}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [{88863386-3C9B-4569-90F4-80A2B8931728}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7D7BB168-1AF4-4398-A2FC-FF0340194B2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{73E6AD70-8CE2-404E-BC0D-8B386971B913}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [UDP Query User{97E8F56B-AC28-4F67-A8AE-4C677169D237}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [TCP Query User{46900934-BF72-49F4-893C-BB16896A203A}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [UDP Query User{01CC2A8E-4802-4021-BA95-1EB78055A6BC}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [TCP Query User{6C85634A-6C0A-42CA-9D19-34ABA0F4EEB0}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{7684144C-3AC9-489B-B072-93F906A72C06}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D4E19200-BBC8-42A5-A6BC-1050A17E00EE}D:\games\starcraft ii\support\sc2editor.exe] => (Allow) D:\games\starcraft ii\support\sc2editor.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{D5C4AE6C-3540-4A97-AA4F-CA4388D2FC58}D:\games\starcraft ii\support\sc2editor.exe] => (Allow) D:\games\starcraft ii\support\sc2editor.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{9DEEFEDB-E60E-47E9-8BF5-E415AB625B16}D:\games\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\games\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{B3830F29-E001-44AA-A73A-478C16235999}D:\games\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\games\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{8EAC5D8B-4E5B-4F18-BB5D-6F091AA06B8B}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{508640BB-E1EE-4A88-9BEC-CB242F290461}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{384E4CE7-7DB5-44A8-8A31-AEAE691680AC}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [{81E40E46-25AB-4180-9446-CC79674A82FE}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [TCP Query User{4CD6E5E0-9B8E-40CF-9F81-3F38747EC6E7}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{B33AA652-8201-4E63-84EE-82B96F29D1D6}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [{F76497B9-0A79-40A4-92A2-1436EFF6ECA5}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{1119F732-7E49-496C-B8C2-C16A3845E1BA}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{E61F3FDF-D7C8-43D0-9D20-F1F86F750D85}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{BD36437A-882E-49C7-ADFE-E62404A965AB}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{57D82849-6B0B-4447-AE64-21104729F864}] => (Allow) D:\Games\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{C97EBF01-6074-4E82-9F69-D3759969301C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{2279D176-215D-442C-9794-2B37E0AFDAD9}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [UDP Query User{3809BB5B-A0F9-4FC0-B3EC-029412B820E5}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [TCP Query User{7DAF7868-216C-435D-A3BB-0CCC4000A6F5}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [UDP Query User{6FF3E752-F569-4B14-BA41-7BEBD5C63C32}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [TCP Query User{B5C5DA34-C97B-44A5-BD09-C86B81AE6B35}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [UDP Query User{A9F0F0A6-0B3C-40F4-A0EC-974CD6AD1DD5}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [{FAAB2F4E-0DC9-4A13-82C1-7F04DE66AFC2}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{FEEBD061-1D32-4DDC-84A9-1D5FA8450064}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{84501E9F-55EB-4783-8040-8D79C7F693E4}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{A03D240A-C624-487F-8575-4A59608272A4}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{90488850-E521-4F17-8135-81D8EC8CCB01}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{363B3245-ACC2-456E-85AD-F6A3A5D3767E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18ABCD4D-8174-4095-9F25-27CE0C221C4A}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{AAD0DADC-9871-4621-95FF-E596D357A93C}] => (Allow) LPort=5357
FirewallRules: [{957D4225-9C62-486C-AF48-35271C86C7AC}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{14BBCB4F-3894-43A1-AD80-BED0BB7C8253}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1FA35AC1-E3AF-4F00-9C5D-1950DEC9E348}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D9822B67-8122-4DA8-ADC6-E6BF744F1BDC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{43F7AD49-67D7-43C4-B432-087EA72414CC}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E2F751FC-1B1E-4317-AD56-684FC83A3118}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{F1E5FFE4-BC3E-4465-A3F6-E9BD404A5E1B}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [TCP Query User{C587A408-2DAE-411F-90DF-949FDBD03470}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{8000F599-D4E0-4997-87F4-ADFA5F51013F}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{C36C9337-3A1A-4278-A33A-D13AB39E8522}D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [UDP Query User{7EB847A7-FB41-4C82-825B-48879FE0B670}D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\games\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [TCP Query User{FD53F35F-029F-46E1-A710-0CE98629D0B8}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [UDP Query User{4EABC687-2D8D-4FF2-BF40-C96231E156EE}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [TCP Query User{397E56F6-50A1-4D41-B368-425AEFB0D344}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{83D241CD-78F8-452F-9200-9AAF6657FD28}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{06189B38-3AE5-4D4C-843E-463735E36BDA}D:\games\assassins creed - brotherhood\acbsp.exe] => (Allow) D:\games\assassins creed - brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{DCA13E2C-D431-4B01-8619-24155976BB2B}D:\games\assassins creed - brotherhood\acbsp.exe] => (Allow) D:\games\assassins creed - brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{4349B2D4-9654-4756-9FB3-A667AA5B7CAC}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{3DFE1328-4071-4D20-A4A0-1B7DEF455723}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F5304ADA-D16F-40BD-A909-20C901BE3F33}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{6971210A-3040-4CE6-B545-7B9D1F50184F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]
FirewallRules: [{62895721-30E4-4921-9B2B-532B8B0B0E45}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{BB8119E2-E007-4369-809B-90B221758CDD}] => (Allow) D:\Games\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{43559B02-E1FE-40C8-9D5F-3047F7992690}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{5ABD9258-BB07-4D26-A9A3-7015A456E2B6}] => (Allow) D:\Games\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{D083DE7B-927D-4276-9AD8-9FAE8272360D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B4264688-430B-4CFF-A3D3-DA939E7739A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{73480E4E-7775-40AA-94AF-2AF467426656}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C2DC316E-6DFC-433A-A4A2-8683330F9A97}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{4A2A6B21-79B5-485D-8F08-6604A4169FB2}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [UDP Query User{416E10BC-44BF-401E-8C13-9E75BBC7548D}D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe] => (Allow) D:\games\steamlibrary\steamapps\common\dayofinfamy\dayofinfamy_x64.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [TCP Query User{8EEEAB2D-D741-4EE1-8131-29446FD22D56}D:\games\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{0556E93E-F0E3-47D3-B659-07E9A91D7F77}D:\games\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{52DE904C-A5CB-435F-8E38-C09E3B7E45EF}D:\games\godot engine\godot_v3.1-stable_win64.exe] => (Allow) D:\games\godot engine\godot_v3.1-stable_win64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [UDP Query User{A7032EFF-4786-4CCD-90B7-001592677B3F}D:\games\godot engine\godot_v3.1-stable_win64.exe] => (Allow) D:\games\godot engine\godot_v3.1-stable_win64.exe (Prehensile Tales B.V. -> Godot Engine)
FirewallRules: [TCP Query User{525E9D48-2CC1-464F-8DFC-3505EE0DAE53}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [UDP Query User{F5E85EC0-4F79-4411-87A3-D63CD543A0D9}D:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) D:\games\prey\binaries\danielle\x64\release\prey.exe (Arkane Studios) [File not signed]
FirewallRules: [{A2A6B19B-BDF9-49C5-A800-661F610E5477}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{525933A2-98BD-447E-9959-DC0EA4F9406F}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{B50D890E-92ED-4174-A4D6-F0DB273F5AB0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E0E1AFA-D1DF-4AC3-A591-CECA92F54291}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{861D6157-CF55-4ED1-9948-AAB10C53AAC8}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{19DEC2B2-0FED-49AB-BD2F-872AD2548949}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{85605A5D-F9D7-4BFE-A2EE-9BFEAC823D8C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{2EBF16F2-6A3C-4056-8721-AE5F2D8650FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4800FC86-CDAE-40CE-9AC8-B4CAAB543EB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2E220E5E-23E9-422F-976B-29ADA47D25FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B8FE358-C29C-4A21-9C90-539B2D12A84C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B5EA6B78-3957-4229-8E73-FA06168D7AC8}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{7EA8D854-EACC-434F-9725-3584FB83E74F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]

==================== Restore Points =========================

05-04-2019 13:04:49 Windows Update
10-04-2019 18:05:03 Windows Update
19-04-2019 12:12:15 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2019 11:11:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 3108

Čas spuštění: 01d4f6f457e9627b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: e331d12f-4375-482a-8bd6-d167d9ee00f9

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/19/2019 08:55:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1080

Čas spuštění: 01d4f69687b1c611

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: 862947d7-195e-40af-b2b2-1854be5d04fc

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/14/2019 04:31:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1e2c

Čas spuštění: 01d4f2ce7adbac9a

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: 3104fe00-c797-4245-843f-4aeb34fb6c56

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/12/2019 10:44:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.5.5.45146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: fc8

Čas spuštění: 01d4f14988daaf0d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\mojko\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: 7356694e-fd03-40e6-b055-e4bc484c506e

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/10/2019 07:03:33 PM) (Source: ESENT) (EventID: 553) (User: )
Description: SettingSyncHost (7304,P,98) {3DC47919-E944-4ECD-B733-A0F12257424D}: Failed looking up restore-map entry for database C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032.

Error: (04/10/2019 07:03:33 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (7304,P,98) {3DC47919-E944-4ECD-B733-A0F12257424D}: Pokus o otevření souboru C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (04/10/2019 07:03:23 PM) (Source: ESENT) (EventID: 553) (User: )
Description: SettingSyncHost (7304,P,98) {EE425ADD-6386-463F-B69F-1044F75A1795}: Failed looking up restore-map entry for database C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032.

Error: (04/10/2019 07:03:23 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (7304,P,98) {EE425ADD-6386-463F-B69F-1044F75A1795}: Pokus o otevření souboru C:\Users\mojko\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (04/21/2019 03:03:03 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/21/2019 03:02:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/21/2019 03:02:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DMT7107)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-DMT7107\mojko (SID: S-1-5-21-488830516-3087435467-1000753162-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/21/2019 03:02:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2019 03:02:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2019 03:02:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (04/21/2019 03:02:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (04/21/2019 03:02:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2019-04-03 17:02:38.313
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BD3D2381-0383-497B-AAF1-60926853B39F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-02 00:54:17.239
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8E73B0DF-62F6-41AD-9701-18505315E0BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 44%
Total physical RAM: 8135.29 MB
Available physical RAM: 4520.02 MB
Total Virtual: 10951.29 MB
Available Virtual: 6851.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.13 GB) (Free:98.9 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:121.06 GB) NTFS

\\?\Volume{0f4796b3-1dbe-4604-af63-5482cc792c8b}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{e8b04dcb-fe4b-4d7a-b06e-b11bc5931d6b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B1651AD0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakující stránka

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\RuTask: {B5B06DC8-55BB-417F-A63F-F601CF9B102B} - System32\Tasks\mojko => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v mojko /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION
Task: {C561E2AA-238A-4EA6-8093-FFDB298A5DB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DBD0BCA1-B80F-4571-8974-96C2F22F0A63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
C:\Windows\LastGood.Tmp
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed III:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed Unity:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Avalanche Studios:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Battlefield 1:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\BeamNG.drive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\CPY_SAVES:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\EA Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Fax:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Flower:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Klei:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Mirrors Edge Catalyst:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\My Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Rockstar Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Shadow of the Tomb Raider:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\StarCraft II:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Ubisoft:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\WB Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
FirewallRules: [{A4A2BE45-B956-4249-8043-02380225B4B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{600A3DAD-831F-4E9E-8C30-8B3BB8C0EAA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{4A905F54-9F7F-45EC-958A-A039405CB872}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [UDP Query User{76B2458E-1C2D-4DD2-8FBA-3846C337E183}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [TCP Query User{C8242197-060D-48B6-B250-4488D0F880ED}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{C6644D46-B35A-4D9A-B8A8-EE42C0722226}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{46900934-BF72-49F4-893C-BB16896A203A}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [UDP Query User{01CC2A8E-4802-4021-BA95-1EB78055A6BC}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [{8EAC5D8B-4E5B-4F18-BB5D-6F091AA06B8B}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{508640BB-E1EE-4A88-9BEC-CB242F290461}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{384E4CE7-7DB5-44A8-8A31-AEAE691680AC}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [{81E40E46-25AB-4180-9446-CC79674A82FE}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [TCP Query User{4CD6E5E0-9B8E-40CF-9F81-3F38747EC6E7}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{B33AA652-8201-4E63-84EE-82B96F29D1D6}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [{F76497B9-0A79-40A4-92A2-1436EFF6ECA5}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{1119F732-7E49-496C-B8C2-C16A3845E1BA}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{E61F3FDF-D7C8-43D0-9D20-F1F86F750D85}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{BD36437A-882E-49C7-ADFE-E62404A965AB}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [TCP Query User{2279D176-215D-442C-9794-2B37E0AFDAD9}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [UDP Query User{3809BB5B-A0F9-4FC0-B3EC-029412B820E5}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [TCP Query User{B5C5DA34-C97B-44A5-BD09-C86B81AE6B35}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [UDP Query User{A9F0F0A6-0B3C-40F4-A0EC-974CD6AD1DD5}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [TCP Query User{C587A408-2DAE-411F-90DF-949FDBD03470}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{8000F599-D4E0-4997-87F4-ADFA5F51013F}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{FD53F35F-029F-46E1-A710-0CE98629D0B8}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [UDP Query User{4EABC687-2D8D-4FF2-BF40-C96231E156EE}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File

EmptyTemp:
End
Uložte do C:\Users\mojko\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pete
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 led 2019 13:48

Re: Vyskakující stránka

#7 Příspěvek od Pete »

Omlouvám se ale po zmáčknutí tlačítka Fix se počítač restartoval a žádný log se neobjevil. Nebo mám poslat text co je v FIXLIST?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakující stránka

#8 Příspěvek od Rudy »

Ano, pošlete.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pete
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 led 2019 13:48

Re: Vyskakující stránka

#9 Příspěvek od Pete »

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.04.2019 01
Ran by mojko (21-04-2019 20:23:58) Run:1
Running from C:\Users\mojko\OneDrive\Plocha
Loaded Profiles: mojko (Available Profiles: mojko)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\RuTask: {B5B06DC8-55BB-417F-A63F-F601CF9B102B} - System32\Tasks\mojko => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v mojko /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION
Task: {C561E2AA-238A-4EA6-8093-FFDB298A5DB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DBD0BCA1-B80F-4571-8974-96C2F22F0A63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
C:\Windows\LastGood.Tmp
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed III:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed Unity:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Avalanche Studios:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Battlefield 1:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\BeamNG.drive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\CPY_SAVES:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\EA Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Fax:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Flower:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Klei:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Mirrors Edge Catalyst:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\My Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Rockstar Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Shadow of the Tomb Raider:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\StarCraft II:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\Ubisoft:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\mojko\OneDrive\Dokumenty\WB Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
FirewallRules: [{A4A2BE45-B956-4249-8043-02380225B4B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{600A3DAD-831F-4E9E-8C30-8B3BB8C0EAA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{4A905F54-9F7F-45EC-958A-A039405CB872}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [UDP Query User{76B2458E-1C2D-4DD2-8FBA-3846C337E183}D:\games\starcraft ii\versions\base67188\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67188\sc2_x64.exe No File
FirewallRules: [TCP Query User{C8242197-060D-48B6-B250-4488D0F880ED}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{C6644D46-B35A-4D9A-B8A8-EE42C0722226}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{46900934-BF72-49F4-893C-BB16896A203A}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [UDP Query User{01CC2A8E-4802-4021-BA95-1EB78055A6BC}D:\games\starcraft ii\versions\base67926\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base67926\sc2_x64.exe No File
FirewallRules: [{8EAC5D8B-4E5B-4F18-BB5D-6F091AA06B8B}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{508640BB-E1EE-4A88-9BEC-CB242F290461}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe No File
FirewallRules: [{384E4CE7-7DB5-44A8-8A31-AEAE691680AC}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [{81E40E46-25AB-4180-9446-CC79674A82FE}] => (Allow) D:\Games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe No File
FirewallRules: [TCP Query User{4CD6E5E0-9B8E-40CF-9F81-3F38747EC6E7}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{B33AA652-8201-4E63-84EE-82B96F29D1D6}D:\games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [{F76497B9-0A79-40A4-92A2-1436EFF6ECA5}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{1119F732-7E49-496C-B8C2-C16A3845E1BA}] => (Allow) D:\Games\Battlefield 1\bf1Trial.exe No File
FirewallRules: [{E61F3FDF-D7C8-43D0-9D20-F1F86F750D85}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [{BD36437A-882E-49C7-ADFE-E62404A965AB}] => (Allow) D:\Games\Battlefield 1\bf1.exe No File
FirewallRules: [TCP Query User{2279D176-215D-442C-9794-2B37E0AFDAD9}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [UDP Query User{3809BB5B-A0F9-4FC0-B3EC-029412B820E5}D:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Allow) D:\games\murdered soul suspect\binaries\win64\murdered.exe No File
FirewallRules: [TCP Query User{B5C5DA34-C97B-44A5-BD09-C86B81AE6B35}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [UDP Query User{A9F0F0A6-0B3C-40F4-A0EC-974CD6AD1DD5}D:\games\borderlands - game of the year edition\binaries\borderlands.exe] => (Allow) D:\games\borderlands - game of the year edition\binaries\borderlands.exe No File
FirewallRules: [TCP Query User{C587A408-2DAE-411F-90DF-949FDBD03470}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [UDP Query User{8000F599-D4E0-4997-87F4-ADFA5F51013F}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{FD53F35F-029F-46E1-A710-0CE98629D0B8}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File
FirewallRules: [UDP Query User{4EABC687-2D8D-4FF2-BF40-C96231E156EE}D:\games\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter - call of the wild\thehuntercotw_f.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Ru{B5B06DC8-55BB-417F-A63F-F601CF9B102B}" => not found
"C:\Windows\HKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\RuSystem32\Tasks\mojko" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\TreeHKU\S-1-5-21-488830516-3087435467-1000753162-1001\...\Ru\mojko" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C561E2AA-238A-4EA6-8093-FFDB298A5DB0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C561E2AA-238A-4EA6-8093-FFDB298A5DB0}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBD0BCA1-B80F-4571-8974-96C2F22F0A63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBD0BCA1-B80F-4571-8974-96C2F22F0A63}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
C:\Windows\LastGood.Tmp => moved successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\mojko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed III => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Assassin's Creed Unity => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Avalanche Studios => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Battlefield 1 => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\BeamNG.drive => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\CPY_SAVES => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\EA Games => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Fax => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Flower => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Klei => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Mirrors Edge Catalyst => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\My Games => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Rockstar Games => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Scanned Documents => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS could not remove.
C:\Users\mojko\OneDrive\Dokumenty\Shadow of the Tomb Raider => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\StarCraft II => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\Ubisoft => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\mojko\OneDrive\Dokumenty\WB Games => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4A2BE45-B956-4249-8043-02380225B4B4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{600A3DAD-831F-4E9E-8C30-8B3BB8C0EAA7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4A905F54-9F7F-45EC-958A-A039405CB872}D:\games\starcraft ii\versions\base67188\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{76B2458E-1C2D-4DD2-8FBA-3846C337E183}D:\games\starcraft ii\versions\base67188\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C8242197-060D-48B6-B250-4488D0F880ED}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C6644D46-B35A-4D9A-B8A8-EE42C0722226}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{46900934-BF72-49F4-893C-BB16896A203A}D:\games\starcraft ii\versions\base67926\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{01CC2A8E-4802-4021-BA95-1EB78055A6BC}D:\games\starcraft ii\versions\base67926\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8EAC5D8B-4E5B-4F18-BB5D-6F091AA06B8B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{508640BB-E1EE-4A88-9BEC-CB242F290461}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{384E4CE7-7DB5-44A8-8A31-AEAE691680AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{81E40E46-25AB-4180-9446-CC79674A82FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4CD6E5E0-9B8E-40CF-9F81-3F38747EC6E7}D:\games\world of warcraft\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B33AA652-8201-4E63-84EE-82B96F29D1D6}D:\games\world of warcraft\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F76497B9-0A79-40A4-92A2-1436EFF6ECA5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1119F732-7E49-496C-B8C2-C16A3845E1BA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E61F3FDF-D7C8-43D0-9D20-F1F86F750D85}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD36437A-882E-49C7-ADFE-E62404A965AB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2279D176-215D-442C-9794-2B37E0AFDAD9}D:\games\murdered soul suspect\binaries\win64\murdered.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3809BB5B-A0F9-4FC0-B3EC-029412B820E5}D:\games\murdered soul suspect\binaries\win64\murdered.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B5C5DA34-C97B-44A5-BD09-C86B81AE6B35}D:\games\borderlands - game of the year edition\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A9F0F0A6-0B3C-40F4-A0EC-974CD6AD1DD5}D:\games\borderlands - game of the year edition\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C587A408-2DAE-411F-90DF-949FDBD03470}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8000F599-D4E0-4997-87F4-ADFA5F51013F}D:\games\runtime\jre-x64\1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FD53F35F-029F-46E1-A710-0CE98629D0B8}D:\games\thehunter - call of the wild\thehuntercotw_f.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4EABC687-2D8D-4FF2-BF40-C96231E156EE}D:\games\thehunter - call of the wild\thehuntercotw_f.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 643381189 B
Java, Flash, Steam htmlcache => 44770117 B
Windows/system/drivers => 48948 B
Edge => 5520329 B
Chrome => 508217853 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 122756 B
LocalService => 0 B
NetworkService => 14876 B
NetworkService => 0 B
mojko => 5556684 B

RecycleBin => 365358 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:24:16 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakující stránka

#10 Příspěvek od Rudy »

SDmazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pete
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 led 2019 13:48

Re: Vyskakující stránka

#11 Příspěvek od Pete »

Bohužel velká změna ne, vyskakuje jiná stránka s url "http://metagmae.org/page/"

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakující stránka

#12 Příspěvek od Rudy »

OK. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pete
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 led 2019 13:48

Re: Vyskakující stránka

#13 Příspěvek od Pete »

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by mojko on 22.04.2019 at 15:42:58,05.
Microsoft Windows 10 Pro 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\mojko\OneDrive\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.04.2019 15:44:26 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\mojko\AppData\Local\DBG deleted successfully
C:\Users\mojko\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
"C:\ProgramData\mntemp" deleted
"C:\Users\mojko\AppData\Local\AVAST Software\APM\kv_pam.db" not deleted
"C:\Users\mojko\AppData\Local\AVAST Software" not deleted
"C:\Users\mojko\AppData\Local\AVAST Software\APM" not deleted

==== Firefox XPI-files found: ======================

- __MSG_avastAppShortName__ - C:\Program Files\AVAST Software\Avast\SafePrice\FF\sp@avast.com.xpi
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF\wrc@avast.com.xpi

==== Chromium Look ======================

Google Chrome Version: 73.0.3683.103

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]
nladljmabboanhihfkjacnnkgjhnokhj - No path found[]

Avast Online Security - mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Adaware Secure - mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj
Chrome Media Router - mojko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\mojko\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\mojko\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache is not empty, a reboot is needed

==== Empty Chrome Cache ======================

C:\Users\mojko\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=41 folders=48 44822930 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\mojko\AppData\Local\Temp will be emptied at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\mojko\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\mojko\AppData\Local\AVAST Software\APM\kv_pam.db" not found
"C:\Users\mojko\AppData\Local\AVAST Software" not found
"C:\Users\mojko\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Microsoft" not found

==== EOF on 22.04.2019 at 16:04:28,41 ======================


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by mojko (Administrator) on 22.04.2019 at 16:06:22,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\Users\mojko\AppData\Roaming\3909 (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.04.2019 at 16:08:04,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakující stránka

#14 Příspěvek od Rudy »

OK. Změnilo se něco nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pete
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 led 2019 13:48

Re: Vyskakující stránka

#15 Příspěvek od Pete »

stránka pořád vyskakuje ale obsah se jí nedaří načíst.

Zamčeno