Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

BSOD Kernel, možná virus?

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
bojimso
2. Stupeň Varování
Příspěvky: 280
Registrován: 08 bře 2007 14:56

BSOD Kernel, možná virus?

#1 Příspěvek od bojimso »

Zdravím,

už delší dobu mi hází PC modré obrazovky a vůbec netuším, z čeho by to mohlo být. Přikládám logy.

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2020-06-29 06:45:56
Microsoft Windows 10 Home
System drive C: has 40 GB (18%) free of 228 GB
Total RAM: 8137 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:45:59, on 29.06.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKCU\..\Run: [OneDrive] "C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [TSMApplication] "C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Ubisoft Game Launcher] "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" -uplay_silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files (x86)\LightComp eDoklady Skenováni\iehelper.html
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3f536 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HPSmartDeviceAgentBase - Unknown owner - c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Adaptér výkonu rozhraní WMI (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11368 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-675a2de3-e0c3-4854-996a-68cf4c7dcb3b -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3ca43095-46c5-494a-9b77-2b3abd248fca -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d42e9834-6d8f-4e6a-85e3-29cc10f19402 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9c0cc2d2-211a-4287-b7b8-cceaa8a94ebb -LifetimeId:695df96e-01a9-4e3c-a098-143d1e6b2cbf -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain

"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="9E1824E3-6E43-A4FE-AD6D-58918FEA4701" /binpath="C:\Program Files\AVAST Software\Avast"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\system32\IProsetMonitor.exe
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k HPZ12
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost

C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc

rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20052.148.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\TiltWheelMouse.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
AvastUI.exe /nogui
"C:\Program Files (x86)\Gyazo\GyStation.exe"
"C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" -uplay_silent
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/UplayWebCore.exe" --type=renderer --no-sandbox --disable-features=TouchpadAndWheelScrollLatching --service-pipe-token=B6785D0D32CD49A4E8433F4210F9B84E --lang=en-US --locales-dir-path="C:/Program Files (x86)/Ubisoft/Ubisoft Game Launcher/locales/1/" --log-file="C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\debug.log" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=B6785D0D32CD49A4E8433F4210F9B84E --renderer-client-id=4 --mojo-platform-channel-handle=2460 /prefetch:1
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
dashost.exe {776bfa9c-7a78-4147-9faab55988834d0b}
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=7860,2041565709453498514,5697487025824945193,131072 --no-sandbox --log-file="C:\Users\David\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.4.2410)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=904268754221191647 --mojo-platform-channel-handle=8132 /prefetch:2

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\AUDIODG.EXE 0x710
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\David\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\David\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\David\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=83.0.4103.116 --initial-client-data=0xd8,0xdc,0xe0,0xb4,0xe4,0x7ffe299abd28,0x7ffe299abd38,0x7ffe299abd48
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --mojo-platform-channel-handle=1580 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1884 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --disable-gpu-compositing --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --disable-gpu-compositing --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --disable-gpu-compositing --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --disable-gpu-compositing --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --disable-gpu-compositing --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --disable-gpu-compositing --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --lang=cs --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=2332 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --disable-gpu-compositing --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9140 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --disable-gpu-compositing --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9144 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1584,9676460595443542499,16909018635438294367,131072 --disable-gpu-compositing --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\David\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default

prefs.js - "browser.startup.homepage" - "https://www.facebook.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=4.0.0-dev]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13 2177328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13 1522480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-14 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-17 16404224]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2013-04-09 241152]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-06-03 108136]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2018-11-02 3942936]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-02-07 1573224]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2018-10-04 1384840]
"Battle.net"=C:\Program Files (x86)\Battle.net\Battle.net.exe [2020-05-28 1136104]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-10-16 24552064]
"TSMApplication"=C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [2020-05-11 1623040]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2020-02-09 365160]
"Ubisoft Game Launcher"=C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe [2020-06-16 471360]

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.RTV1"=rtvcvfw64.dll
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-06-29 06:45:56 ----D---- C:\rsit
2020-06-22 14:51:31 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2020-06-22 14:23:17 ----A---- C:\WINDOWS\system32\aswBoot.exe
2020-06-15 21:41:41 ----D---- C:\ProgramData\obs-studio-hook
2020-06-15 20:24:40 ----D---- C:\Users\David\AppData\Roaming\BSplayer PRO
2020-06-15 20:24:39 ----D---- C:\Program Files (x86)\Webteh
2020-06-14 02:20:07 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2020-06-14 01:01:08 ----A---- C:\WINDOWS\SYSWOW64\wmpdxm.dll
2020-06-14 01:01:08 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2020-06-14 01:01:08 ----A---- C:\WINDOWS\SYSWOW64\FXSCOMEX.dll
2020-06-14 01:01:08 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2020-06-14 01:01:08 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-14 01:01:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2020-06-14 01:01:07 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2020-06-14 01:01:07 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2020-06-14 01:01:07 ----A---- C:\WINDOWS\system32\wmp.dll
2020-06-14 01:01:07 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-14 01:01:07 ----A---- C:\WINDOWS\system32\wbengine.exe
2020-06-14 01:01:07 ----A---- C:\WINDOWS\system32\WalletService.dll
2020-06-14 01:01:07 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-14 01:01:07 ----A---- C:\WINDOWS\system32\msra.exe
2020-06-14 01:01:07 ----A---- C:\WINDOWS\system32\fveapi.dll
2020-06-14 01:01:07 ----A---- C:\WINDOWS\system32\BdeUISrv.exe
2020-06-14 01:01:07 ----A---- C:\WINDOWS\system32\bdesvc.dll
2020-06-14 01:01:06 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2020-06-14 01:01:06 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2020-06-14 01:01:00 ----A---- C:\WINDOWS\SYSWOW64\WMNetMgr.dll
2020-06-14 01:01:00 ----A---- C:\WINDOWS\SYSWOW64\wmidx.dll
2020-06-14 01:01:00 ----A---- C:\WINDOWS\SYSWOW64\mswmdm.dll
2020-06-14 01:01:00 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2020-06-14 01:01:00 ----A---- C:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2020-06-14 01:01:00 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2020-06-14 01:01:00 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2020-06-14 01:01:00 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2020-06-14 01:01:00 ----A---- C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-14 01:01:00 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-06-14 01:00:59 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\SYSWOW64\PhotoScreensaver.scr
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\WMNetMgr.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\wmidx.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\mswmdm.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\mfds.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\mf.dll
2020-06-14 01:00:58 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2020-06-14 01:00:57 ----A---- C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\wkspbrokerAx.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\wavemsp.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\VAN.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\termmgr.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\SecurityCenterBrokerPS.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\psisdecd.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-06-14 01:00:56 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\wvc.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\WlanMM.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\tapi3.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\mmcndmgr.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\mmc.exe
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\devenum.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\cic.dll
2020-06-14 01:00:55 ----A---- C:\WINDOWS\SYSWOW64\cdosys.dll
2020-06-14 01:00:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2020-06-14 01:00:54 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-06-14 01:00:54 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-06-14 01:00:54 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-06-14 01:00:53 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2020-06-14 01:00:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-06-14 01:00:53 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\wiaaut.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\imapi2fs.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\imapi2.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\imapi.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\iassdo.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\iasrecst.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\iasnap.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2020-06-14 01:00:52 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\SYSWOW64\iasads.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\SYSWOW64\azroles.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\WorkFolders.exe
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\VAN.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\qedit.dll
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\FileHistory.exe
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\dsregcmd.exe
2020-06-14 01:00:46 ----A---- C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\wvc.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\WlanMM.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\wavemsp.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\termmgr.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\tapi3.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\rdpencom.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\quartz.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\qdvd.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\psisdecd.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\nshwfp.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\nltest.exe
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\nettrace.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\msTextPrediction.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\msimsg.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\msi.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\LocationApi.dll
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\FsIso.exe
2020-06-14 01:00:45 ----A---- C:\WINDOWS\system32\devenum.dll
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\mmc.exe
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\jscript9.dll
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\cic.dll
2020-06-14 01:00:44 ----A---- C:\WINDOWS\system32\cdosys.dll
2020-06-14 01:00:43 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-14 01:00:43 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-06-14 01:00:43 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2020-06-14 01:00:42 ----A---- C:\WINDOWS\system32\mshtmled.dll
2020-06-14 01:00:42 ----A---- C:\WINDOWS\system32\jscript.dll
2020-06-14 01:00:42 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2020-06-14 01:00:42 ----A---- C:\WINDOWS\system32\imapi2.dll
2020-06-14 01:00:42 ----A---- C:\WINDOWS\system32\imapi.dll
2020-06-14 01:00:42 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2020-06-14 01:00:42 ----A---- C:\WINDOWS\system32\edgehtml.dll
2020-06-14 01:00:42 ----A---- C:\WINDOWS\system32\dxtrans.dll
2020-06-14 01:00:41 ----A---- C:\WINDOWS\system32\wiaaut.dll
2020-06-14 01:00:41 ----A---- C:\WINDOWS\system32\werui.dll
2020-06-14 01:00:41 ----A---- C:\WINDOWS\system32\werconcpl.dll
2020-06-14 01:00:41 ----A---- C:\WINDOWS\system32\iassdo.dll
2020-06-14 01:00:41 ----A---- C:\WINDOWS\system32\iasrecst.dll
2020-06-14 01:00:41 ----A---- C:\WINDOWS\system32\iasnap.dll
2020-06-14 01:00:41 ----A---- C:\WINDOWS\system32\iasads.dll
2020-06-14 01:00:41 ----A---- C:\WINDOWS\system32\azroles.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\SYSWOW64\spwizeng.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\SYSWOW64\rdpviewerax.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\wwanmm.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\sdshext.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\sdrsvc.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\sdengin2.dll
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\sdclt.exe
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-06-14 01:00:40 ----A---- C:\WINDOWS\system32\diagperf.dll
2020-06-14 01:00:39 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2020-06-14 01:00:39 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2020-06-14 01:00:39 ----A---- C:\WINDOWS\SYSWOW64\netprofm.dll
2020-06-14 01:00:39 ----A---- C:\WINDOWS\SYSWOW64\msaatext.dll
2020-06-14 01:00:35 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2020-06-14 01:00:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2020-06-14 01:00:35 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2020-06-14 01:00:35 ----A---- C:\WINDOWS\SYSWOW64\DismApi.dll
2020-06-14 01:00:35 ----A---- C:\WINDOWS\SYSWOW64\Dism.exe
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\windowsperformancerecordercontrol.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2020-06-14 01:00:34 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-06-14 01:00:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-14 01:00:33 ----A---- C:\WINDOWS\SYSWOW64\wdigest.dll
2020-06-14 01:00:33 ----A---- C:\WINDOWS\SYSWOW64\psr.exe
2020-06-14 01:00:33 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2020-06-14 01:00:33 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2020-06-14 01:00:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-06-14 01:00:32 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-06-14 01:00:32 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2020-06-14 01:00:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-14 01:00:31 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-06-14 01:00:31 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2020-06-14 01:00:31 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2020-06-14 01:00:31 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2020-06-14 01:00:31 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollCtrl.exe
2020-06-14 01:00:31 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2020-06-14 01:00:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2020-06-14 01:00:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll
2020-06-14 01:00:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2020-06-14 01:00:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2020-06-14 01:00:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Preview.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\rdpsharercom.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\oleprn.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\InkObjCore.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\InkEd.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\BTAGService.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\SYSWOW64\atl.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\system32\spwizeng.dll
2020-06-14 01:00:29 ----A---- C:\WINDOWS\system32\comdlg32.dll
2020-06-14 01:00:28 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-06-14 01:00:28 ----A---- C:\WINDOWS\system32\rdpviewerax.dll
2020-06-14 01:00:28 ----A---- C:\WINDOWS\system32\pku2u.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\wlidcli.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\rtutils.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\RASMM.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\puiobj.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\npmproxy.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\NetworkStatus.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\netshell.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\netprofm.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\msaatext.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\gpsvc.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\gpapi.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\DismApi.dll
2020-06-14 01:00:23 ----A---- C:\WINDOWS\system32\Dism.exe
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\usermgr.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\tdh.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\RpcEpMap.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\gdi32full.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\DAMM.dll
2020-06-14 01:00:22 ----A---- C:\WINDOWS\system32\configmanager2.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\wpr.exe
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\WinTypes.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\wincorlib.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\wersvc.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\wermgr.exe
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\WerFault.exe
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\weretw.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\wer.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\schannel.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\lsasrv.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\Faultrep.dll
2020-06-14 01:00:21 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2020-06-14 01:00:20 ----A---- C:\WINDOWS\system32\wksprt.exe
2020-06-14 01:00:20 ----A---- C:\WINDOWS\system32\wdigest.dll
2020-06-14 01:00:20 ----A---- C:\WINDOWS\system32\twinui.dll
2020-06-14 01:00:20 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-14 01:00:20 ----A---- C:\WINDOWS\system32\combase.dll
2020-06-14 01:00:20 ----A---- C:\WINDOWS\system32\ci.dll
2020-06-14 01:00:14 ----A---- C:\WINDOWS\system32\taskschd.dll
2020-06-14 01:00:14 ----A---- C:\WINDOWS\system32\sppobjs.dll
2020-06-14 01:00:14 ----A---- C:\WINDOWS\system32\msctf.dll
2020-06-14 01:00:14 ----A---- C:\WINDOWS\system32\InkEd.dll
2020-06-14 01:00:13 ----A---- C:\WINDOWS\system32\sppsvc.exe
2020-06-14 01:00:13 ----A---- C:\WINDOWS\system32\shell32.dll
2020-06-14 01:00:13 ----A---- C:\WINDOWS\system32\psr.exe
2020-06-14 01:00:13 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-14 01:00:13 ----A---- C:\WINDOWS\system32\comsvcs.dll
2020-06-14 01:00:12 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2020-06-14 01:00:12 ----A---- C:\WINDOWS\system32\VSSVC.exe
2020-06-14 01:00:12 ----A---- C:\WINDOWS\system32\usosvc.dll
2020-06-14 01:00:12 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-06-14 01:00:12 ----A---- C:\WINDOWS\system32\swprv.dll
2020-06-14 01:00:12 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-14 01:00:12 ----A---- C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-14 01:00:12 ----A---- C:\WINDOWS\system32\daxexec.dll
2020-06-14 01:00:12 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\windows.storage.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\win32u.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\win32k.sys
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\rdpsharercom.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\NPSM.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\kerberos.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\InkObjCore.dll
2020-06-14 01:00:11 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\qmgr.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\d2d1.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\cdd.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-14 01:00:10 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\wlansvc.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\wlansec.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\wlanapi.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\win32spl.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\wifitask.exe
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\wfdprov.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\spoolsv.exe
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\provops.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\oleprn.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\netman.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\localspl.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\kernel32.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\dot3mm.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\BTAGService.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\audiosrv.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\atlthunk.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\atl.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\system32\AarSvc.dll
2020-06-14 01:00:09 ----A---- C:\WINDOWS\splwow64.exe
2020-06-14 01:00:08 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2020-06-14 00:49:48 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-06-14 00:49:48 ----A---- C:\WINDOWS\system32\poqexec.exe
2020-06-10 12:31:45 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2020-06-10 12:31:36 ----D---- C:\Program Files (x86)\Microsoft
2020-06-05 01:07:08 ----D---- C:\ProgramData\BlueStacks
2020-06-05 01:07:04 ----D---- C:\Program Files\BlueStacks
2020-06-03 20:04:55 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2020-06-03 20:04:55 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2020-06-01 21:56:54 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-06-01 21:53:09 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

======List of files/folders modified in the last 1 month======

2020-06-29 06:45:59 ----D---- C:\WINDOWS\Prefetch
2020-06-29 06:45:58 ----D---- C:\Program Files\trend micro
2020-06-29 06:39:53 ----D---- C:\WINDOWS\Temp
2020-06-29 06:39:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-06-29 06:15:49 ----D---- C:\WINDOWS\System32
2020-06-29 06:15:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-29 06:15:46 ----D---- C:\WINDOWS\INF
2020-06-29 06:10:01 ----D---- C:\ProgramData\NVIDIA
2020-06-29 06:09:59 ----D---- C:\WINDOWS\system32\drivers
2020-06-29 06:09:40 ----D---- C:\WINDOWS\system32\SleepStudy
2020-06-29 06:09:40 ----D---- C:\WINDOWS\Minidump
2020-06-29 06:09:38 ----D---- C:\Windows
2020-06-29 06:07:11 ----D---- C:\Users\David\AppData\Roaming\uTorrent
2020-06-29 05:23:00 ----D---- C:\WINDOWS\system32\sru
2020-06-28 20:47:03 ----RD---- C:\WINDOWS\Microsoft.NET
2020-06-28 20:47:00 ----D---- C:\WINDOWS\Logs
2020-06-28 05:49:18 ----D---- C:\Users\David\AppData\Roaming\slobs-client
2020-06-27 00:13:49 ----D---- C:\WINDOWS\AppReadiness
2020-06-27 00:13:38 ----HD---- C:\Program Files\WindowsApps
2020-06-26 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2020-06-26 01:04:05 ----D---- C:\WINDOWS\system32\config
2020-06-24 18:43:45 ----SHD---- C:\System Volume Information
2020-06-24 17:29:42 ----AD---- C:\Users\David\AppData\Roaming\Curse Client
2020-06-24 00:20:53 ----D---- C:\Users\David\AppData\Roaming\vlc
2020-06-22 14:40:49 ----D---- C:\WINDOWS\system32\catroot2
2020-06-22 14:23:28 ----D---- C:\WINDOWS\system32\Tasks
2020-06-22 14:23:17 ----HD---- C:\WINDOWS\ELAMBKUP
2020-06-19 15:43:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2020-06-19 04:27:37 ----AD---- C:\World of Warcraft
2020-06-18 00:28:09 ----D---- C:\Program Files (x86)\Steam
2020-06-17 20:24:09 ----D---- C:\WINDOWS\WinSxS
2020-06-15 21:41:41 ----HD---- C:\ProgramData
2020-06-15 21:41:28 ----D---- C:\Program Files\Streamlabs OBS
2020-06-15 20:48:23 ----D---- C:\Users\David\AppData\Roaming\foobar2000
2020-06-15 20:24:39 ----RD---- C:\Program Files (x86)
2020-06-14 01:54:27 ----D---- C:\WINDOWS\system32\DriverStore
2020-06-14 01:53:09 ----SD---- C:\WINDOWS\SYSWOW64\F12
2020-06-14 01:53:09 ----SD---- C:\WINDOWS\system32\F12
2020-06-14 01:53:09 ----SD---- C:\WINDOWS\system32\DiagSvcs
2020-06-14 01:53:09 ----D---- C:\WINDOWS\SYSWOW64\wbem
2020-06-14 01:53:09 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-06-14 01:53:09 ----D---- C:\WINDOWS\SYSWOW64\Dism
2020-06-14 01:53:09 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-06-14 01:53:09 ----D---- C:\WINDOWS\SYSWOW64\Com
2020-06-14 01:53:09 ----D---- C:\WINDOWS\SYSWOW64\AdvancedInstallers
2020-06-14 01:53:09 ----D---- C:\WINDOWS\SysWOW64
2020-06-14 01:53:09 ----D---- C:\WINDOWS\SystemResources
2020-06-14 01:53:09 ----D---- C:\WINDOWS\system32\wbem
2020-06-14 01:53:09 ----D---- C:\WINDOWS\system32\oobe
2020-06-14 01:53:09 ----D---- C:\WINDOWS\system32\en-US
2020-06-14 01:53:09 ----D---- C:\WINDOWS\system32\Dism
2020-06-14 01:53:09 ----D---- C:\WINDOWS\system32\cs-CZ
2020-06-14 01:53:09 ----D---- C:\WINDOWS\system32\Com
2020-06-14 01:53:09 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2020-06-14 01:53:08 ----D---- C:\WINDOWS\ShellExperiences
2020-06-14 01:53:08 ----D---- C:\WINDOWS\bcastdvr
2020-06-14 01:53:08 ----D---- C:\WINDOWS\apppatch
2020-06-14 01:53:08 ----D---- C:\Program Files\Windows Photo Viewer
2020-06-14 01:53:08 ----D---- C:\Program Files\Windows Media Player
2020-06-14 01:53:08 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2020-06-14 01:53:08 ----D---- C:\Program Files (x86)\Windows Media Player
2020-06-14 01:53:07 ----D---- C:\WINDOWS\system32\drivers\UMDF
2020-06-14 01:03:23 ----D---- C:\WINDOWS\CbsTemp
2020-06-14 01:00:09 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2020-06-12 06:10:53 ----D---- C:\WINDOWS\system32\NDF
2020-06-11 00:14:56 ----D---- C:\Users\David\AppData\Roaming\Skype
2020-06-10 12:31:38 ----SD---- C:\ProgramData\Microsoft
2020-06-05 23:03:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2020-06-05 01:10:11 ----RD---- C:\Program Files
2020-06-04 03:44:39 ----D---- C:\Program Files (x86)\MSI Afterburner
2020-05-30 04:37:18 ----AD---- C:\Program Files\UNP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2020-06-03 178768]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2020-06-03 60496]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2020-02-25 16304]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2020-06-03 84856]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2020-06-09 322256]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-03-12 40960]
R1 AsrAppCharger;AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [2011-11-07 17192]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2020-06-03 205896]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2020-06-03 235088]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2020-06-03 42784]
R1 aswNetHub;aswNetHub; C:\WINDOWS\system32\drivers\aswNetHub.sys [2020-06-03 506152]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2020-06-03 109280]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2020-06-03 851608]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2020-06-15 462592]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2020-04-20 153312]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2020-06-03 175208]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2020-06-03 216824]
R2 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv_bgp.sys [2020-04-07 315976]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-05-14 457216]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2020-06-22 214496]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 dtlitescsibus;@oem26.inf,%DisplayName%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2020-02-09 42256]
R3 dtliteusbbus;@oem37.inf,%DisplayName%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2020-02-09 59360]
R3 e1dexpress;@oem27.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [2019-02-04 567880]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-09-17 4603136]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2020-06-22 196456]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [2020-06-29 73368]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2020-06-07 248968]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2020-06-29 131728]
R3 MEIx64;@oem12.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
R3 NVHDA;@oem39.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-03-18 223120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_bd3f48c82942380f\nvlddmkm.sys [2020-05-18 23454448]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem15.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2020-06-07 19912]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2020-04-20 151352]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-03-12 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-15 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-14 117264]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-21 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-03-12 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-03-12 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-03-12 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-03-12 99328]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\System32\drivers\e1i65x64.sys [2019-03-19 553984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-21 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-04 64000]
S3 HPEWSFXBULK;HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [2016-09-13 29248]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-04-20 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-15 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2020-04-01 30336]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-14 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2017-08-27 14024]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-06-03 348968]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2020-06-03 1052984]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2020-06-18 142248]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_3f536;CDPUserSvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2015-05-07 272352]
R2 MBAMService;Malwarebytes Service; C:\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe [2020-03-11 6933272]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-03-18 850928]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2020-05-16 873272]
R2 OneSyncSvc_3f536;OneSyncSvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-06-03 6392728]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_3f536;cbdhsvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2020-02-09 4506728]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_3f536;PimIndexMaintenanceSvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S2 HPSmartDeviceAgentBase;HPSmartDeviceAgentBase; c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe [2017-10-25 68608]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_3f536;AarSvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_3f536;BcastDVRUserService_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_3f536;BluetoothUserService_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_3f536;CaptureService_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_3f536;ConsentUxUserSvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-05-14 380632]
S3 CredentialEnrollmentManagerUserSvc_3f536;CredentialEnrollmentManagerUserSvc_3f536; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-05-14 380632]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_3f536;DeviceAssociationBrokerSvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_3f536;DevicePickerUserSvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_3f536;DevicesFlowUserSvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-06-14 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-09-21 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\elevation_service.exe [2020-06-19 1287152]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_3f536;MessagingService_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.56\elevation_service.exe [2020-06-24 1507208]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-04-08 244936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2019-09-15 2431816]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_3f536;PrintWorkflowUserSvc_3f536; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2019-11-28 474256]

-----------------EOF-----------------

bojimso
2. Stupeň Varování
Příspěvky: 280
Registrován: 08 bře 2007 14:56

Re: BSOD Kernel, možná virus?

#2 Příspěvek od bojimso »

info.txt logfile of random's system information tool 1.10 2020-06-29 06:46:02

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A00000000000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{E296D50E-EFEB-48F5-9CBE-5A335AE2D49F}" "1029" "0"
64 Bit HP CIO Components Installer-->MsiExec.exe /I{50229C72-539F-4E65-BEB5-F0491C5074B7}
Adobe Flash Player 31 PPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe -maintain pepperplugin
APP Shop v1.0.21-->"C:\Program Files (x86)\ASRock Utility\APP Shop\unins000.exe"
ASRock App Charger v1.0.6-->"C:\Program Files\ASRock Utility\AsrAppCharger\unins000.exe"
Assassin's Creed Odyssey-->"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" uplay://uninstall/5059
Assassin's Creed Unity-->"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" uplay://uninstall/720
Audacity 2.2.1-->"C:\Program Files (x86)\Audacity\unins000.exe"
Avast Omni-->C:\Program Files\AVAST Software\Avast\setup\Instup.exe /control_panel
Batman - Arkham Origins-->"D:\Hry\Batman - Arkham Origins\unins000.exe"
Batman Arkham Knight v.1.0.4.5-->"D:\Hry\Batman Arkham Knight\unins000.exe"
Battle.net-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=battle.net --displayname="Battle.net"
BlueStacks App Player-->C:\Program Files\BlueStacks\BlueStacksUninstaller.exe -tmp
BS.Player PRO-->"C:\Program Files (x86)\Webteh\BSplayerPro\uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike: Global Offensive-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/730
CPUID CPU-Z 1.89-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
Curse-->MsiExec.exe /X{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2016 (KB3115407) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{3DBF9257-2612-4385-BCE3-E9D4C41CC8CB}" "1029" "0"
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Deus Ex - Human Revolution version 1.0-->"D:\Hry\Deus Ex - Human Revolution\unins000.exe"
Diablo III-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=diablo3_enus --displayname="Diablo III"
Epic Games Launcher Prerequisites (x64)-->MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF}
Epic Games Launcher-->MsiExec.exe /X{C69A2919-0662-4390-9418-67C931B44C18}
Fallout 4 v.1.1.30-->"D:\Hry\Fallout 4\unins000.exe"
foobar2000 v1.3.12-->"C:\Program Files (x86)\foobar2000\uninstall.exe" _?=C:\Program Files (x86)\foobar2000
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\setup.exe" --uninstall --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
gpedt.msc 1.0-->"C:\WINDOWS\unins000.exe"
Grand Theft Auto V-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/271590
GTA San Andreas-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Gyazo 3.4.1.0-->"C:\Program Files (x86)\Gyazo\unins000.exe"
Hearthstone-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=hs_beta --displayname="Hearthstone"
HPSmartDeviceAgentBase-->MsiExec.exe /I{F7270182-8AD0-420F-92A3-52438ED810A9}
Intel(R) Chipset Device Software-->MsiExec.exe /I{55398EAC-F58E-4F19-B553-BDF8B9EFD839}
Intel(R) Management Engine Components-->"C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
Intel(R) Management Engine Components-->MsiExec.exe /I{A4512F5C-D956-4AB0-8A07-EA7D9F8ABB2A}
Intel(R) ME UninstallLegacy-->MsiExec.exe /I{555B1C57-E71B-4775-BC1D-627EEF693F0D}
Intel(R) Network Connections 20.2.4001.0-->MsiExec.exe /i{638A518B-0D2E-4143-ACF8-F3D83D822E85} ARPREMOVE=1
Intel(R) Network Connections 20.2.4001.0-->MsiExec.exe /i{638A518B-0D2E-4143-ACF8-F3D83D822E85} ARPREMOVE=1
Intel(R) Rapid Storage Technology-->"C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall
Intel(R) Rapid Storage Technology-->MsiExec.exe /I{205AE40D-8AD7-4F29-A430-DD2168DA562D}
Intel® Chipset Device Software-->"C:\ProgramData\Package Cache\{c7f54569-0018-439c-809a-48046a4d4ebc}\SetupChipset.exe" /uninstall
JDownloader 2-->"C:\Users\David\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe"
LAME v3.99.3 (for Windows)-->"C:\Program Files (x86)\Lame For Audacity\unins000.exe"
Launcher Prerequisites (x64)-->"C:\ProgramData\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe" /uninstall
League of Legends-->msiexec.exe /x {657DFCCF-B080-44B1-9AEA-61676011A1AE}
League of Legends-->MsiExec.exe /X{657DFCCF-B080-44B1-9AEA-61676011A1AE}
Logitech-kameraindstillinger-->C:\Program Files (x86)\Common Files\LogiShrd\LogiUCDpp\uninstall.exe
Malwarebytes version 4.1.0.56-->"C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbuns.exe" /Uninstall
Microsoft Access MUI (Czech) 2016-->MsiExec.exe /X{90160000-0015-0405-1000-0000000FF1CE}
Microsoft DCF MUI (Czech) 2016-->MsiExec.exe /X{90160000-0090-0405-1000-0000000FF1CE}
Microsoft Excel MUI (Czech) 2016-->MsiExec.exe /X{90160000-0016-0405-1000-0000000FF1CE}
Microsoft Groove MUI (Czech) 2016-->MsiExec.exe /X{90160000-00BA-0405-1000-0000000FF1CE}
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)-->MsiExec.exe /I{B0169E83-757B-EF66-E2F0-391944D785BC}
Microsoft InfoPath MUI (Czech) 2016-->MsiExec.exe /X{90160000-0044-0405-1000-0000000FF1CE}
Microsoft Office 32-bit Components 2016-->MsiExec.exe /X{90160000-00C1-0000-1000-0000000FF1CE}
Microsoft Office Korrekturhilfen 2016 – Deutsch-->MsiExec.exe /X{90160000-001F-0407-1000-0000000FF1CE}
Microsoft Office OSM MUI (Czech) 2016-->MsiExec.exe /X{90160000-00E1-0405-1000-0000000FF1CE}
Microsoft Office OSM UX MUI (Czech) 2016-->MsiExec.exe /X{90160000-00E2-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2016-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2016-->MsiExec.exe /X{90160000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2016-->MsiExec.exe /X{90160000-002C-0405-1000-0000000FF1CE}
Microsoft Office Proofing Tools 2016 - English-->MsiExec.exe /X{90160000-001F-0409-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2016-->MsiExec.exe /X{90160000-00C1-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2016-->MsiExec.exe /X{90160000-006E-0405-1000-0000000FF1CE}
Microsoft OneNote MUI (Czech) 2016-->MsiExec.exe /X{90160000-00A1-0405-1000-0000000FF1CE}
Microsoft Outlook MUI (Czech) 2016-->MsiExec.exe /X{90160000-001A-0405-1000-0000000FF1CE}
Microsoft PowerPoint MUI (Czech) 2016-->MsiExec.exe /X{90160000-0018-0405-1000-0000000FF1CE}
Microsoft Publisher MUI (Czech) 2016-->MsiExec.exe /X{90160000-0019-0405-1000-0000000FF1CE}
Microsoft Skype for Business MUI (Czech) 2016-->MsiExec.exe /X{90160000-012B-0405-1000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821-->"C:\ProgramData\Package Cache\{6361b579-2795-4886-b2a8-53d5239b6452}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821-->"C:\ProgramData\Package Cache\{5bfc1380-fd35-4b85-9715-7351535d077e}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821-->MsiExec.exe /I{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821-->MsiExec.exe /I{0093C20C-273D-4397-B623-515CB8616CB9}
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821-->MsiExec.exe /I{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821-->MsiExec.exe /I{1E6FC929-567E-4D22-9206-C5B83F0A21B9}
Microsoft Word MUI (Czech) 2016-->MsiExec.exe /X{90160000-001B-0405-1000-0000000FF1CE}
Mozilla Firefox 75.0 (x64 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSI Afterburner 4.6.1-->"C:\Program Files (x86)\MSI Afterburner\uninstall.exe"
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština-->MsiExec.exe /X{90160000-001F-0405-1000-0000000FF1CE}
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina-->MsiExec.exe /X{90160000-001F-041B-1000-0000000FF1CE}
NVIDIA GeForce Experience 3.20.3.63-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač HD audia 1.3.38.26-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 446.14-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Systémový software PhysX 9.19.0218-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
OBS Studio-->C:\Program Files (x86)\obs-studio\uninstall.exe
Open Broadcaster Software-->C:\Program Files (x86)\OBS\uninstall.exe
Ori and the Blind Forest Definitive Edition-->"D:\Hry\Ori and the Blind Forest Definitive Edition\unins000.exe"
Overwatch-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=prometheus --displayname="Overwatch"
Overwolf-->"C:\Program Files (x86)\Overwolf\\OWUninstaller.exe" /S
Personify ChromaCam (remove only)-->C:\Program Files (x86)\Personify\ChromaCam\Uninstall Personify ChromaCam 1.1.6.7.exe
PixelHealer-->"C:\Program Files\Aurelitec\PixelHealer\uninstall.exe"
Print Conductor 5.4-->"C:\Program Files (x86)\Print Conductor\unins000.exe"
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Resident Evil 2-->"D:\Hry\Resident Evil 2\unins000.exe"
Resident Evil 7 Biohazard-->"D:\Hry\Resident Evil 7 Biohazard\unins000.exe"
RivaTuner Statistics Server 7.2.3-->"C:\Program Files (x86)\RivaTuner Statistics Server\uninstall.exe"
Rockstar Games Launcher-->"C:\Program Files\Rockstar Games\Launcher\uninstall.exe"
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5A84393A-E440-48A1-BB99-AD1244AC0C35}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{5A84393A-E440-48A1-BB99-AD1244AC0C35}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3085635) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0405-1000-0000000FF1CE}" "{0C1232DC-F66D-4C54-B5FB-FADF7C671AF0}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3115415) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{9BCB2776-3683-47A4-B0DF-586DBA0E3507}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3115415) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0405-1000-0000000FF1CE}" "{9BCB2776-3683-47A4-B0DF-586DBA0E3507}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3115415) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{9BCB2776-3683-47A4-B0DF-586DBA0E3507}" "1029" "0"
Security Update for Microsoft Office 2016 (KB3115415) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0405-1000-0000000FF1CE}" "{9BCB2776-3683-47A4-B0DF-586DBA0E3507}" "1029" "0"
Security Update for Microsoft OneNote 2016 (KB3115419) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{EBAFD092-D4C1-4739-8C25-F529AE42B7CF}" "1029" "0"
Security Update for Microsoft OneNote 2016 (KB3115419) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00A1-0405-1000-0000000FF1CE}" "{EBAFD092-D4C1-4739-8C25-F529AE42B7CF}" "1029" "0"
Security Update for Microsoft OneNote 2016 (KB3115419) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{EBAFD092-D4C1-4739-8C25-F529AE42B7CF}" "1029" "0"
Security Update for Microsoft Outlook 2016 (KB3115440) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{9C4F10E7-917F-453C-84C3-38A40E522473}" "1029" "0"
Security Update for Microsoft Outlook 2016 (KB3115440) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0405-1000-0000000FF1CE}" "{9C4F10E7-917F-453C-84C3-38A40E522473}" "1029" "0"
Security Update for Microsoft Publisher 2016 (KB2920680) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{1409AE9B-C1F4-497A-81D9-AFF2C1A7B106}" "1029" "0"
Security Update for Microsoft Publisher 2016 (KB2920680) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0019-0405-1000-0000000FF1CE}" "{1409AE9B-C1F4-497A-81D9-AFF2C1A7B106}" "1029" "0"
Security Update for Microsoft Publisher 2016 (KB2920680) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{1409AE9B-C1F4-497A-81D9-AFF2C1A7B106}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3115439) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{876D53BB-54F4-4C06-A9D7-0238722F77E9}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3115439) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0405-1000-0000000FF1CE}" "{876D53BB-54F4-4C06-A9D7-0238722F77E9}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3115439) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0405-1000-0000000FF1CE}" "{876D53BB-54F4-4C06-A9D7-0238722F77E9}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3115439) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{876D53BB-54F4-4C06-A9D7-0238722F77E9}" "1029" "0"
Security Update for Microsoft Word 2016 (KB3115439) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0405-1000-0000000FF1CE}" "{876D53BB-54F4-4C06-A9D7-0238722F77E9}" "1029" "0"
Skype™ 7.41-->MsiExec.exe /X{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}
Someday Youll Return-->"D:\Hry\Someday Youll Return\unins000.exe"
Speccy-->"C:\Program Files\Speccy\uninst.exe"
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
Streamlabs OBS-->"C:\Program Files\Streamlabs OBS\Uninstall Streamlabs OBS.exe" /allusers
Super Seducer-->D:\Hry\Super Seducer\uninstall.exe
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
The Walking Dead A New Frontier Episode 1-->"D:\Hry\The Walking Dead A New Frontier Episode 1\unins000.exe"
The Witcher: Enhanced Edition-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/20900
TradeSkillMaster Application version 1.0-->"C:\Program Files (x86)\TradeSkillMaster Application\unins000.exe"
Unturned-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/304930
Update for Microsoft Access 2016 (KB3115142) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{DD3CCB1F-8CB6-4EFD-8E11-36CE6C857DC9}" "1029" "0"
Update for Microsoft Access 2016 (KB3115142) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{DD3CCB1F-8CB6-4EFD-8E11-36CE6C857DC9}" "1029" "0"
Update for Microsoft Excel 2016 (KB3115438) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{1DD11C24-C2AD-495F-B816-3C29A702EC14}" "1029" "0"
Update for Microsoft Excel 2016 (KB3115438) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0016-0405-1000-0000000FF1CE}" "{1DD11C24-C2AD-495F-B816-3C29A702EC14}" "1029" "0"
Update for Microsoft Excel 2016 (KB3115438) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0405-1000-0000000FF1CE}" "{1DD11C24-C2AD-495F-B816-3C29A702EC14}" "1029" "0"
Update for Microsoft Excel 2016 (KB3115438) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0405-1000-0000000FF1CE}" "{1DD11C24-C2AD-495F-B816-3C29A702EC14}" "1029" "0"
Update for Microsoft Excel 2016 (KB3115438) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{1DD11C24-C2AD-495F-B816-3C29A702EC14}" "1029" "0"
Update for Microsoft Office 2016 (KB2910954) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{89B85BAE-5618-49A4-9C18-153202BDFC73}" "1029" "0"
Update for Microsoft Office 2016 (KB2910979) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{F556D361-9A36-47BC-94D8-9BC2C36EE333}" "1029" "0"
Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{D6AE0D54-13A7-4B0D-A862-8AEF7D4796A6}" "1029" "0"
Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{D6AE0D54-13A7-4B0D-A862-8AEF7D4796A6}" "1029" "0"
Update for Microsoft Office 2016 (KB2920684) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{4D4432EE-ECE1-42CA-8B93-0916170C8252}" "1029" "0"
Update for Microsoft Office 2016 (KB2920712) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{A73D1FF5-0819-44C7-9294-FBDD4BA2F43B}" "1029" "0"
Update for Microsoft Office 2016 (KB2920718) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0405-1000-0000000FF1CE}" "{8022705C-355F-4886-A2FA-5C7C54D21B09}" "1029" "0"
Update for Microsoft Office 2016 (KB2920718) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0407-1000-0000000FF1CE}" "{8022705C-355F-4886-A2FA-5C7C54D21B09}" "1029" "0"
Update for Microsoft Office 2016 (KB2920718) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0409-1000-0000000FF1CE}" "{8022705C-355F-4886-A2FA-5C7C54D21B09}" "1029" "0"
Update for Microsoft Office 2016 (KB2920718) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-041B-1000-0000000FF1CE}" "{8022705C-355F-4886-A2FA-5C7C54D21B09}" "1029" "0"
Update for Microsoft Office 2016 (KB2920720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{8683D594-A08C-451F-82C3-51D6FB730A6C}" "1029" "0"
Update for Microsoft Office 2016 (KB2920724) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{AA7A282E-E962-4C45-9A74-16C49FD88FF1}" "1029" "0"
Update for Microsoft Office 2016 (KB3114369) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B17EC43D-59DC-496B-8E86-BC46D995F0ED}" "1029" "0"
Update for Microsoft Office 2016 (KB3114708) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{E440F668-2E16-4412-A9C8-E6603EC2A1EE}" "1029" "0"
Update for Microsoft Office 2016 (KB3114709) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B0D12818-1641-422F-9EB4-AC05243A4DD8}" "1029" "0"
Update for Microsoft Office 2016 (KB3114903) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{92281B72-2A8C-40A4-BD15-58CCDF7DEDB1}" "1029" "0"
Update for Microsoft Office 2016 (KB3115081) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{78D7B4DE-619F-4312-9707-DF354A48D110}" "1029" "0"
Update for Microsoft Office 2016 (KB3115099) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{D7B201EB-BBD8-451C-B9F0-B71EA436953E}" "1029" "0"
Update for Microsoft Office 2016 (KB3115100) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5EA702B7-1613-4DCB-85E6-A9BD9327CE00}" "1029" "0"
Update for Microsoft Office 2016 (KB3115141) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{017D5158-921B-4578-A067-51B1824BC813}" "1029" "0"
Update for Microsoft Office 2016 (KB3115183) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{7DB2548E-8D37-4B11-825F-41687A9BF8D8}" "1029" "0"
Update for Microsoft Office 2016 (KB3115183) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{7DB2548E-8D37-4B11-825F-41687A9BF8D8}" "1029" "0"
Update for Microsoft Office 2016 (KB3115189) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B17883DD-F38B-4015-BA9E-62C5A08EF21C}" "1029" "0"
Update for Microsoft Office 2016 (KB3115270) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{0BBBB2AE-33C8-43AF-9404-AF93405B54E7}" "1029" "0"
Update for Microsoft Office 2016 (KB3115270) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0016-0405-1000-0000000FF1CE}" "{0BBBB2AE-33C8-43AF-9404-AF93405B54E7}" "1029" "0"
Update for Microsoft Office 2016 (KB3115277) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{99595D1D-0AAF-4442-8548-9DCE466BE30B}" "1029" "0"
Update for Microsoft Office 2016 (KB3115277) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{99595D1D-0AAF-4442-8548-9DCE466BE30B}" "1029" "0"
Update for Microsoft Office 2016 (KB3115282) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{122FCF65-71FF-4EB8-B6CB-B655D184A094}" "1029" "0"
Update for Microsoft Office 2016 (KB3115282) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{122FCF65-71FF-4EB8-B6CB-B655D184A094}" "1029" "0"
Update for Microsoft Office 2016 (KB3115406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{C1815A1B-6EA5-42E5-B2D3-2FF059D7EEAD}" "1029" "0"
Update for Microsoft Office 2016 (KB3115410) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{7592A91E-385A-41F6-9834-CC07836F13E8}" "1029" "0"
Update for Microsoft Office 2016 (KB3115410) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0405-1000-0000000FF1CE}" "{7592A91E-385A-41F6-9834-CC07836F13E8}" "1029" "0"
Update for Microsoft Office 2016 (KB3115410) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{7592A91E-385A-41F6-9834-CC07836F13E8}" "1029" "0"
Update for Microsoft Office 2016 (KB3115411) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{A4D3F38C-2511-44B3-BB16-14EC0047F208}" "1029" "0"
Update for Microsoft Office 2016 (KB3115411) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{A4D3F38C-2511-44B3-BB16-14EC0047F208}" "1029" "0"
Update for Microsoft Office 2016 (KB3115413) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{9517E83E-72A7-4CE2-840B-02963390076A}" "1029" "0"
Update for Microsoft Office 2016 (KB3115413) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{9517E83E-72A7-4CE2-840B-02963390076A}" "1029" "0"
Update for Microsoft Office 2016 (KB3115416) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B42996AB-548D-47EF-AAAE-A00027F480E8}" "1029" "0"
Update for Microsoft Office 2016 (KB3115417) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{06BD37C1-CD5F-4954-8015-240FFD6F7B41}" "1029" "0"
Update for Microsoft Office 2016 (KB3115421) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{6C450AEC-437D-4393-8598-D8E3E930B11B}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3115423) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{26BAFEBC-30B1-4A01-A087-D532502C835B}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3115423) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00BA-0405-1000-0000000FF1CE}" "{26BAFEBC-30B1-4A01-A087-D532502C835B}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3115423) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{26BAFEBC-30B1-4A01-A087-D532502C835B}" "1029" "0"
Update for Microsoft OneDrive for Business (KB3115423) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0405-1000-0000000FF1CE}" "{26BAFEBC-30B1-4A01-A087-D532502C835B}" "1029" "0"
Update for Microsoft PowerPoint 2016 (KB3115409) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{6F326E0E-7D40-4AC5-80F1-12AFB4770E56}" "1029" "0"
Update for Microsoft PowerPoint 2016 (KB3115409) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0405-1000-0000000FF1CE}" "{6F326E0E-7D40-4AC5-80F1-12AFB4770E56}" "1029" "0"
Update for Microsoft PowerPoint 2016 (KB3115409) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{6F326E0E-7D40-4AC5-80F1-12AFB4770E56}" "1029" "0"
Update for Microsoft Project 2016 (KB3115424) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{41574851-1A3F-4545-96E9-9D6F68224E32}" "1029" "0"
Update for Microsoft Project 2016 (KB3115424) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{41574851-1A3F-4545-96E9-9D6F68224E32}" "1029" "0"
Update for Microsoft Visio 2016 (KB3115405) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{6F4725F7-1D67-478E-8FD8-757E40C06AE6}" "1029" "0"
Update for Microsoft Visio 2016 (KB3115405) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{6F4725F7-1D67-478E-8FD8-757E40C06AE6}" "1029" "0"
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}" "1029" "0"
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}" "1029" "0"
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0405-1000-0000000FF1CE}" "{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}" "1029" "0"
Update for Windows 10 for x64-based Systems (KB4023057)-->MsiExec.exe /X{32DC821E-4A7D-4878-BEE8-337FA153D7F2}
Uplay-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
VLC media player-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VooPoo version 1.5.1.30-->"C:\Program Files (x86)\Gene\VooPoo\unins000.exe"
VueScan x64-->"C:\Program Files\VueScan\vuescan.exe" /remove
Warcraft III-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=w3 --displayname="Warcraft III"
Warframe-->MsiExec.exe /X{72BD42A9-6701-42EB-B77A-2AFC0C499F5E}
Watch_Dogs-->"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" uplay://uninstall/274
WinRAR 5.90 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft Classic-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=wow_classic --displayname="World of Warcraft Classic"
World of Warcraft-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=wow_enus --displayname="World of Warcraft"

======System event log======

Computer Name: DESKTOP-7D2FQ0G
Event Code: 7040
Message: Režim spuštění služby Služba inteligentního přenosu na pozadí byl změněn z spouštění na vyžádání na automatické spouštění.
Record Number: 39460
Source Name: Service Control Manager
Time Written: 20200205052350.821200-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-7D2FQ0G
Event Code: 10016
Message: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-7D2FQ0G\David (SID: S-1-5-21-3482348820-1896476200-1895645591-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Record Number: 39459
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20200205052339.967055-000
Event Type: Upozornění
User: DESKTOP-7D2FQ0G\David

Computer Name: DESKTOP-7D2FQ0G
Event Code: 10016
Message: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-7D2FQ0G\David (SID: S-1-5-21-3482348820-1896476200-1895645591-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Record Number: 39458
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20200205051753.936328-000
Event Type: Upozornění
User: DESKTOP-7D2FQ0G\David

Computer Name: DESKTOP-7D2FQ0G
Event Code: 16
Message: Historie přístupů do podregistru \??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-3482348820-1896476200-1895645591-1004-02052020061045267-UsrClass.dat byla vymazána aktualizací 1 klíčů a vytvořením 1 upravených stránek.
Record Number: 39457
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20200205051045.412428-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-7D2FQ0G
Event Code: 16
Message: Historie přístupů do podregistru \??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-3482348820-1896476200-1895645591-1004-02052020061045267-ntuser.dat byla vymazána aktualizací 12 klíčů a vytvořením 7 upravených stránek.
Record Number: 39456
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20200205051045.337938-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: DESKTOP-7D2FQ0G
Event Code: 256
Message: Služba Šifrování neinicializovala databázi katalogu. Chyba: -2147418113 (0x8000ffff) : Katastrofální selhání
.
Record Number: 5
Source Name: Microsoft-Windows-CAPI2
Time Written: 20190921113231.301343-000
Event Type: Chyba
User:

Computer Name: DESKTOP-7D2FQ0G
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 4
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20190921113218.819178-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-7D2FQ0G
Event Code: 5617
Message: Subsystémy služby WMI (Windows Management Instrumentation) byly úspěšně inicializovány.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20190921113203.185686-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-7D2FQ0G
Event Code: 5615
Message: Služba WMI (Windows Management Instrumentation) byla úspěšně spuštěna.
Record Number: 2
Source Name: Microsoft-Windows-WMI
Time Written: 20190921113202.646263-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-7D2FQ0G
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20190921113218.816208-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: DESKTOP-7D2FQ0G
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-21-3482348820-1896476200-1895645591-1002
Název účtu: David
Doména účtu: DESKTOP-7D2FQ0G
Přihlašovací ID: 0xF7381AD
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 1503579
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200624232503.740317-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-7D2FQ0G
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-21-3482348820-1896476200-1895645591-1002
Název účtu: David
Doména účtu: DESKTOP-7D2FQ0G
Přihlašovací ID: 0xF7381AD
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 1503578
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200624232503.739441-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-7D2FQ0G
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-21-3482348820-1896476200-1895645591-1002
Název účtu: David
Doména účtu: DESKTOP-7D2FQ0G
Přihlašovací ID: 0xF7381AD
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 1503577
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200624232503.739374-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-7D2FQ0G
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-21-3482348820-1896476200-1895645591-1002
Název účtu: David
Doména účtu: DESKTOP-7D2FQ0G
Přihlašovací ID: 0xF7381AD
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 1503576
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200624232503.739263-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-7D2FQ0G
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-21-3482348820-1896476200-1895645591-1002
Název účtu: David
Doména účtu: DESKTOP-7D2FQ0G
Přihlašovací ID: 0xF7381AD
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 1503575
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200624232503.130913-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"DriverData"=C:\Windows\System32\Drivers\DriverData
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"Path"=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
"PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules;C:\Program Files\Intel\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 94 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=5e03

-----------------EOF-----------------

bojimso
2. Stupeň Varování
Příspěvky: 280
Registrován: 08 bře 2007 14:56

Re: BSOD Kernel, možná virus?

#3 Příspěvek od bojimso »

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 93.89.159.2 1.1.1.1
Tcpip\..\Interfaces\{b34a42e0-d16e-4479-92c1-0376d21a5832}: [DhcpNameServer] 93.89.159.2 1.1.1.1

Internet Explorer:
==================
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-10]

FireFox:
========
FF DefaultProfile: 3911gjs4.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3911gjs4.default [2020-06-19]
FF Homepage: Mozilla\Firefox\Profiles\3911gjs4.default -> hxxps://www.facebook.com/
FF Notifications: Mozilla\Firefox\Profiles\3911gjs4.default -> hxxps://www.facebook.com
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=4.0.0-dev -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-12-10] (VideoLAN) [File not signed] [File is in use]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2020-06-29]
CHR DownloadDir: C:\Users\David\Desktop
CHR Notifications: Default -> hxxps://www.misthub.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://facebook.com/
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?hl=en&q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.cz_
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (BetterTTV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-06-22]
CHR Extension: (Video Downloader PLUS) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2020-06-15]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-13]
CHR Extension: (Darkness - Beautiful Dark Themes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\imilbobhamcfahccagbncamhpnbkaenm [2019-05-24]
CHR Extension: (Twitch Now) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2020-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Global Twitch Emotes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2020-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-29]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-06-03]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6392728 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1052984 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [142248 2020-06-18] (Avast Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-02-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 HPSmartDeviceAgentBase; c:\Program Files (x86)\HP\HPSmartDeviceAgentBase\Service\HPSmartDeviceAgentBase.exe [68608 2017-10-25] () [File not signed] [File is in use]
R2 MBAMService; C:\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-11] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [File not signed] [File is in use]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [873272 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431816 2019-09-15] (Overwolf Ltd -> Overwolf LTD)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [File not signed] [File is in use]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [474256 2019-11-28] (Rockstar Games, Inc. -> Rockstar Games)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205896 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235088 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178768 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60496 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175208 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [506152 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [462592 2020-06-15] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216824 2020-06-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [322256 2020-06-09] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-21] (Microsoft Corporation) [File not signed] [File is in use]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-02-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-02-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-04-20] (Malwarebytes Corporation -> Malwarebytes)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29248 2016-09-13] (Hewlett-Packard Company -> Hewlett Packard)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-22] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [196456 2020-06-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-06-29] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131728 2020-06-29] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_bd3f48c82942380f\nvlddmkm.sys [23454448 2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-29 06:49 - 2020-06-29 06:49 - 000012214 _____ C:\Users\David\Desktop\FRST.txt
2020-06-29 06:48 - 2020-06-29 06:49 - 000000000 ____D C:\FRST
2020-06-29 06:45 - 2020-06-29 06:46 - 000000000 ____D C:\rsit
2020-06-29 06:45 - 2020-06-29 06:45 - 002291712 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2020-06-29 06:45 - 2020-06-29 06:45 - 001222144 _____ C:\Users\David\Desktop\RSITx64.exe
2020-06-29 06:39 - 2020-06-29 06:39 - 000087112 _____ C:\Users\David\Desktop\bluescreenview-x64.zip
2020-06-29 06:09 - 2020-06-29 06:11 - 001211636 _____ C:\WINDOWS\Minidump\062920-7250-01.dmp
2020-06-29 06:09 - 2020-06-29 06:09 - 1140594067 _____ C:\WINDOWS\MEMORY.DMP
2020-06-29 05:52 - 2020-06-29 05:52 - 000018989 _____ C:\Users\David\Desktop\Doom-Patrol-S02E02(0000332868).zip
2020-06-29 05:51 - 2020-06-29 05:51 - 000017622 _____ C:\Users\David\Desktop\Doom-Patrol-S02E01(0000332867).zip
2020-06-29 05:51 - 2020-06-29 05:51 - 000016422 _____ C:\Users\David\Desktop\Doom-Patrol-S02E03(0000332869).zip
2020-06-29 05:49 - 2020-06-29 05:49 - 000000000 ____D C:\Users\David\AppData\LocalLow\uTorrent
2020-06-22 14:51 - 2020-06-22 14:51 - 000196456 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-06-22 14:41 - 2020-06-22 14:41 - 000002194 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Passwords.lnk
2020-06-22 14:23 - 2020-06-22 14:40 - 000002082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Omni.lnk
2020-06-22 14:23 - 2020-06-03 20:04 - 000335976 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-06-15 21:41 - 2020-06-15 21:41 - 000000000 ____D C:\ProgramData\obs-studio-hook
2020-06-15 20:30 - 2020-06-21 13:21 - 000004608 _____ C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-06-15 20:25 - 2020-06-15 20:25 - 000001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player PRO.lnk
2020-06-15 20:25 - 2020-06-15 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh
2020-06-15 20:24 - 2020-06-16 03:27 - 000000000 ____D C:\Users\David\AppData\Roaming\BSplayer PRO
2020-06-15 20:24 - 2020-06-15 20:24 - 000000000 ____D C:\Program Files (x86)\Webteh
2020-06-14 02:20 - 2020-06-29 06:09 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-06-14 01:52 - 2020-06-14 01:53 - 000886252 _____ C:\WINDOWS\Minidump\061420-12406-01.dmp
2020-06-14 01:01 - 2020-06-14 01:01 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-14 01:01 - 2020-06-14 01:01 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-14 01:01 - 2020-06-14 01:01 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-14 01:01 - 2020-06-14 01:01 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-14 01:01 - 2020-06-14 01:01 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-14 01:01 - 2020-06-14 01:01 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-14 01:00 - 2020-06-14 01:01 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-14 01:00 - 2020-06-14 01:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-14 01:00 - 2020-06-14 01:00 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-14 01:00 - 2020-06-14 01:00 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-14 01:00 - 2020-06-14 01:00 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-14 01:00 - 2020-06-14 01:00 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-14 01:00 - 2020-06-14 01:00 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-14 01:00 - 2020-06-14 01:00 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-14 01:00 - 2020-06-14 01:00 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-14 01:00 - 2020-06-14 01:00 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-14 01:00 - 2020-06-14 01:00 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-14 01:00 - 2020-06-14 01:00 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-14 01:00 - 2020-06-14 01:00 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-14 00:49 - 2020-05-15 06:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-14 00:49 - 2020-05-15 06:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-13 17:33 - 2020-02-11 22:35 - 000000000 ____D C:\Users\David\Desktop\H O N K
2020-06-10 12:31 - 2020-06-29 06:09 - 000131728 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-06-10 12:31 - 2020-06-26 01:07 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-10 12:31 - 2020-06-14 01:51 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-10 12:31 - 2020-06-14 01:51 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-05 01:07 - 2020-06-06 01:38 - 000000000 ____D C:\ProgramData\BlueStacks
2020-06-05 01:07 - 2020-06-05 01:07 - 000000000 ____D C:\Program Files\BlueStacks
2020-06-04 03:18 - 2020-06-26 19:07 - 000000000 ____D C:\Users\David\Desktop\Pat a Mat memes
2020-06-03 20:04 - 2020-06-03 20:04 - 000216824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-06-03 20:04 - 2020-06-03 20:04 - 000175208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-06-01 21:56 - 2020-06-01 21:56 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-06-01 21:53 - 2020-06-07 15:56 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-01 21:38 - 2020-06-01 21:38 - 000763716 _____ C:\WINDOWS\Minidump\060120-8359-01.dmp
2020-06-01 21:20 - 2020-06-01 21:21 - 000964268 _____ C:\WINDOWS\Minidump\060120-8750-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-29 06:46 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-29 06:45 - 2019-05-19 13:52 - 000000000 ____D C:\Program Files\trend micro
2020-06-29 06:15 - 2019-09-21 13:42 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-29 06:15 - 2019-03-19 13:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-06-29 06:15 - 2019-03-19 13:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-06-29 06:15 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-29 06:11 - 2017-09-18 22:03 - 000000000 ____D C:\Users\David\AppData\Local\AVAST Software
2020-06-29 06:10 - 2017-08-17 09:21 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-29 06:10 - 2016-10-24 21:54 - 000000000 ____D C:\Users\David\AppData\Local\Ubisoft Game Launcher
2020-06-29 06:10 - 2016-10-15 02:40 - 000000000 ____D C:\Users\David\AppData\Local\Battle.net
2020-06-29 06:09 - 2019-12-31 06:08 - 000000000 ____D C:\WINDOWS\Minidump
2020-06-29 06:09 - 2019-09-21 13:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-29 06:09 - 2019-09-21 13:34 - 000000000 ____D C:\Users\David
2020-06-29 06:09 - 2019-09-21 13:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-29 06:07 - 2016-10-14 22:22 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2020-06-29 05:22 - 2019-12-05 05:00 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-06-29 05:20 - 2019-09-21 13:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-06-28 05:49 - 2018-09-01 17:38 - 000000000 ____D C:\Users\David\AppData\Roaming\slobs-client
2020-06-27 17:57 - 2019-11-22 10:41 - 000093609 _____ C:\Users\David\Desktop\trollings.txt
2020-06-27 07:26 - 2016-10-15 02:52 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2020-06-27 00:13 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-27 00:13 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-26 10:47 - 2017-11-18 22:32 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2020-06-26 01:04 - 2019-09-21 13:41 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-06-24 20:09 - 2017-07-09 02:24 - 000000000 ____D C:\Users\David\AppData\Local\Overwolf
2020-06-24 17:29 - 2017-03-31 01:14 - 000000000 ____D C:\Users\David\AppData\Roaming\Curse Client
2020-06-24 00:20 - 2017-12-11 07:31 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2020-06-23 12:06 - 2017-03-23 18:53 - 000000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2020-06-22 22:55 - 2016-10-07 13:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-22 14:51 - 2020-04-02 00:22 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-22 14:40 - 2019-03-19 06:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-06-22 14:23 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-19 15:43 - 2020-04-08 22:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-06-19 15:43 - 2018-03-15 11:00 - 000000000 ____D C:\Users\David\AppData\LocalLow\Mozilla
2020-06-19 04:27 - 2016-12-26 15:43 - 000000000 ____D C:\World of Warcraft
2020-06-18 00:28 - 2016-10-21 01:59 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-16 15:03 - 2019-06-08 15:30 - 000000000 ____D C:\Users\David\Desktop\Likeš, Kraken a Vágus memes
2020-06-15 21:41 - 2020-04-27 12:03 - 000000000 ____D C:\Program Files\Streamlabs OBS
2020-06-15 20:48 - 2016-10-15 16:57 - 000000000 ____D C:\Users\David\AppData\Roaming\foobar2000
2020-06-15 16:05 - 2016-10-14 19:45 - 000462592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-06-14 01:54 - 2019-09-21 13:31 - 000436632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-14 01:54 - 2017-11-18 22:39 - 000000000 ___RD C:\Users\David\3D Objects
2020-06-14 01:54 - 2016-04-27 08:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-14 01:53 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-14 01:53 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-14 01:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-14 01:51 - 2020-05-22 10:21 - 000002920 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482348820-1896476200-1895645591-1005
2020-06-14 01:51 - 2019-09-21 13:41 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000003256 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3482348820-1896476200-1895645591-1004
2020-06-14 01:51 - 2019-09-21 13:41 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-14 01:51 - 2019-09-21 13:41 - 000002494 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2020-06-14 01:51 - 2019-09-21 13:41 - 000002280 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-06-14 01:03 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-14 01:00 - 2019-09-21 13:34 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-12 06:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-06-11 00:14 - 2016-10-16 17:34 - 000000000 ____D C:\Users\David\AppData\Roaming\Skype
2020-06-11 00:12 - 2016-10-20 22:47 - 000000000 ____D C:\Users\David\AppData\Local\Personify
2020-06-10 05:35 - 2020-02-10 22:56 - 000000000 _____ C:\WINDOWS\system32\last.dump
2020-06-09 23:52 - 2016-10-15 02:40 - 000000000 ____D C:\Users\David\AppData\Local\Blizzard Entertainment
2020-06-09 16:05 - 2016-10-14 19:45 - 000322256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-06-07 15:56 - 2019-09-19 01:41 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-05 23:03 - 2019-03-19 06:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2019-03-19 06:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-05 01:10 - 2019-12-05 04:56 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2020-06-05 01:10 - 2019-12-05 04:56 - 000001764 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2020-06-05 01:07 - 2016-10-14 19:34 - 000000000 ____D C:\Users\David\AppData\Local\NVIDIA
2020-06-05 01:05 - 2019-12-02 06:40 - 000000000 ____D C:\Users\Public\BlueStacks
2020-06-05 01:05 - 2019-12-02 06:40 - 000000000 ____D C:\Users\David\AppData\Local\BlueStacks
2020-06-05 01:04 - 2019-12-05 04:43 - 000000000 ____D C:\Users\David\AppData\Local\BlueStacksSetup
2020-06-04 03:44 - 2017-07-12 22:01 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-06-03 20:04 - 2020-04-22 03:11 - 000506152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-06-03 20:04 - 2019-01-14 17:24 - 000235088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-06-03 20:04 - 2019-01-10 04:28 - 000178768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-06-03 20:04 - 2019-01-10 04:28 - 000060496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-06-03 20:04 - 2018-11-04 19:16 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-06-03 20:04 - 2017-11-21 13:05 - 000205896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-06-03 20:04 - 2016-10-14 19:45 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-06-03 20:04 - 2016-10-14 19:45 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-06-03 20:04 - 2016-10-14 19:45 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-06-01 04:15 - 2017-11-20 23:21 - 000000000 ____D C:\Users\David\AppData\Local\PlaceholderTileLogoFolder
2020-05-30 04:37 - 2017-05-11 22:21 - 000000000 ____D C:\Program Files\UNP

==================== Files in the root of some directories ========

2017-08-02 23:57 - 2018-04-05 16:53 - 000000006 _____ () C:\Users\David\AppData\Roaming\.nfe_lock
2019-10-05 23:29 - 2019-10-17 11:56 - 042738921 _____ () C:\Users\David\AppData\Roaming\gta5_patch.bin
2019-10-05 23:29 - 2019-10-05 23:29 - 000332800 _____ () C:\Users\David\AppData\Roaming\patcher.dll
2020-06-15 20:30 - 2020-06-21 13:21 - 000004608 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-18 23:22 - 2016-12-18 23:22 - 000029696 _____ () C:\Users\David\AppData\Local\MSGBOX.EXE

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

bojimso
2. Stupeň Varování
Příspěvky: 280
Registrován: 08 bře 2007 14:56

Re: BSOD Kernel, možná virus?

#4 Příspěvek od bojimso »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2020
Ran by David (29-06-2020 06:50:33)
Running from C:\Users\David\Desktop
Windows 10 Home Version 1909 18363.900 (X64) (2019-09-21 11:41:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3482348820-1896476200-1895645591-500 - Administrator - Disabled)
David (S-1-5-21-3482348820-1896476200-1895645591-1002 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-3482348820-1896476200-1895645591-503 - Limited - Disabled)
Guest (S-1-5-21-3482348820-1896476200-1895645591-501 - Limited - Disabled)
Mamka (S-1-5-21-3482348820-1896476200-1895645591-1004 - Limited - Enabled) => C:\Users\bejja
WDAGUtilityAccount (S-1-5-21-3482348820-1896476200-1895645591-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{50229C72-539F-4E65-BEB5-F0491C5074B7}) (Version: 22.2.1 - HP Inc.) Hidden
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
APP Shop v1.0.21 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.21 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Omni (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Batman - Arkham Origins (HKLM-x32\...\Batman - Arkham Origins_is1) (Version: - )
Batman Arkham Knight v.1.0.4.5 (HKLM-x32\...\Batman Arkham Knight_is1) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.205.0.1006 - BlueStack Systems, Inc.)
Browser (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Overwolf_jgbnfkaeklillfmfafgkodhlcnfdgkmjmjngaaof) (Version: 1.0.0.0 - Overwolf app)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.75.1088 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Čeština do hry The Evil Within včetně 3 DLC v1.1 (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Čeština do hry The Evil Within včetně 3 DLC v1.1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1114 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Deus Ex - Human Revolution version 1.0 (HKLM-x32\...\{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1) (Version: 1.0 - Square Enix)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 4 v.1.1.30 (HKLM-x32\...\Fallout 4_is1) (Version: - )
foobar2000 v1.3.12 (HKLM-x32\...\foobar2000) (Version: 1.3.12 - Peter Pawlowski)
Game Summary (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 215.9.49 - Overwolf app)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Gyazo 3.4.1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
HearthArena Companion (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Overwolf_eldaohcjmecjpkpdhhoiolhhaeapcldppbdgbnbc) (Version: 1.5.0.2 - Overwolf app)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\HearthstoneDeckTracker) (Version: 1.6.9 - HearthSim)
HPSmartDeviceAgentBase (HKLM-x32\...\{F7270182-8AD0-420F-92A3-52438ED810A9}) (Version: 1.1.0.0 - HP Inc)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{657DFCCF-B080-44B1-9AEA-61676011A1AE}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Logitech-kameraindstillinger (HKLM-x32\...\LogiUCDPP) (Version: 1.1.87.0 - Logitech Europe S.A.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 75.0 (x64 cs) (HKLM\...\Mozilla Firefox 75.0 (x64 cs)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.7.2 - Mozilla)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Ori and the Blind Forest Definitive Edition (HKLM-x32\...\Ori and the Blind Forest Definitive Edition_is1) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.135.0.24 - Overwolf Ltd.)
Ovládací panel NVIDIA 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 446.14 - NVIDIA Corporation) Hidden
Personify ChromaCam (remove only) (HKLM-x32\...\Personify ChromaCam) (Version: 1.1.6.7 - Personify, Inc.)
PixelHealer (HKLM\...\PixelHealer) (Version: 1.5.0.30 - Aurelitec)
Print Conductor 5.4 (HKLM-x32\...\Print Conductor_is1) (Version: 5.4 - fCoder SIA)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7614 - Realtek Semiconductor Corp.)
Resident Evil 2 (HKLM-x32\...\Resident Evil 2_is1) (Version: - )
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version: - Capcom)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.16.196 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
Someday Youll Return (HKLM-x32\...\Someday Youll Return_is1) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.21.2 - General Workings, Inc.)
Super Seducer (HKLM\...\SKIDROW - Super Seducer) (Version: - SKIDROW)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Walking Dead A New Frontier Episode 1 (HKLM-x32\...\The Walking Dead A New Frontier Episode 1_is1) (Version: - )
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch (HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 4.0.0-dev - VideoLAN)
VooPoo version 1.5.1.30 (HKLM-x32\...\{63EEAD1F-3FC8-40F5-A415-E4BE098004C0}_is1) (Version: 1.5.1.30 - KunShan XW-TEC)
VueScan x64 (HKLM\...\VueScan x64) (Version: 9.7.13 - Hamrick Software)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Warframe (HKLM-x32\...\{72BD42A9-6701-42EB-B77A-2AFC0C499F5E}) (Version: 1.0.0 - Digital Extremes)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.170.800.0_x86__kgqvnymyfvs32 [2020-06-21] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-09] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-29] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-07] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3482348820-1896476200-1895645591-1002_Classes\CLSID\{9a338598-86a1-4119-8b66-9d52715b6a76}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-02-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed] [File is in use]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed] [File is in use]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed] [File is in use]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed] [File is in use]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-05-11 04:57 - 2020-05-11 04:56 - 000053760 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 000084992 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 000783360 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 000137216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 000047104 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 000039424 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 001861120 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 002002944 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 004101120 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 000009728 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 000075264 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2020-05-11 04:57 - 2020-05-11 04:56 - 000758784 _____ () [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2014-11-10 11:12 - 2019-04-17 22:39 - 085372416 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2019-04-17 22:39 - 2019-04-17 22:39 - 000043520 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libUbiCustomEvent.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000050688 _____ (HP Inc.) [File not signed] [File is in use] c:\windows\system32\hpzinw12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000066048 _____ (HP Inc.) [File not signed] [File is in use] c:\windows\system32\hpzipm12.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 002741248 _____ (Python Software Foundation) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2017-11-06 19:21 - 2019-04-17 22:39 - 000518144 _____ (The Chromium Authors) [File not signed] [File is in use] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\chrome_elf.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000848896 _____ (The ICU Project) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 001580032 _____ (The ICU Project) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 001079296 _____ (The ICU Project) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000036352 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000022016 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000029184 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000022016 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000381952 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000206848 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000218624 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000016384 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000308736 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000015360 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000287232 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 000991744 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 004182528 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 004877312 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2020-05-11 04:57 - 2020-05-11 04:56 - 004490752 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2019-09-24 12:02 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wp3662821-assassin-wallpapers.jpg
DNS Servers: 93.89.159.2 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3482348820-1896476200-1895645591-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{EA613B87-0798-4766-A039-C81BCAB8DFFE}C:\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{037281B6-55E4-4E6B-A41A-47FB34BA2F4D}C:\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{3AF034F5-FB2A-4042-9468-5CA7E033B4E7}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{05F735C0-7169-4805-A4E0-4555305419CD}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{2FFC3A6B-0473-4092-ABE1-5D39FD53A17E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F2405F33-0AF3-431E-9652-1707CA01F1D4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A1F83455-609A-47AF-9B5A-D69FC68CF4A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Millie\Millie.exe () [File not signed] [File is in use]
FirewallRules: [{6C593DAD-8395-4F11-A590-F76DDDC9FE92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Millie\Millie.exe () [File not signed] [File is in use]
FirewallRules: [UDP Query User{302C507C-4DA4-49AB-B64A-8352BC41950E}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{06AC170C-54F5-41D1-B2B9-6B5A0A08E0E1}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{10D5C4D9-2E6B-4B67-A476-5281B56C5955}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{502EF961-5B71-4A32-969F-BA5D52140A00}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{7EC9CC81-508D-4D45-8E81-DB52CCF2436E}C:\program files\microsoft office\office16\winword.exe] => (Allow) C:\program files\microsoft office\office16\winword.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{98050A6F-1373-48CC-83FA-4BBE97A3F9B5}C:\program files\microsoft office\office16\winword.exe] => (Allow) C:\program files\microsoft office\office16\winword.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3741751F-5BEE-45CB-837A-59E83B005968}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9B04128-D8B4-493D-B96B-5A6BAD2795ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{7DA08C82-AB8E-46FE-83A4-6CCF7A8EAA24}C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{0329B052-4C9E-40FD-AD0B-127686849CB4}C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe] => (Allow) C:\users\david\appdata\roaming\utorrent\updates\3.5.3_44494.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{32FF5D5F-AE6F-4F4E-9C6A-A44362281CD3}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{30431157-60F2-404A-B781-4FC5A1FE4407}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{AFC1F7F7-ED3C-4777-85B5-65678200DA35}C:\users\david\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\david\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{747FE15F-A487-4A02-A70A-A9E98014E198}C:\users\david\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\david\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{11522C14-B13A-4060-A2EB-03E1287F5182}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{4894D9CD-74EE-4F4D-B682-799DCF973BD9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{28C2D19F-C193-4A94-97AD-664B24F1C348}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{72CA7C7D-10FB-4D96-B4E3-9AC3B9BB9EDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{68FBEF50-D0C9-4B70-A3DA-FA8AB9F5C96E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{C03AB2BE-B25F-4357-9117-35F841408DDF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2D1F0F24-59F0-49DC-9CBA-9166ED79341E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{215B305F-3793-4710-866F-AAAFC4D5A75D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{9526E725-5332-4491-900A-A5B3E00C15F8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{95745F81-0967-4BC0-A61E-3A3E1F4555A8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0AFE615F-ABD8-45F3-9AE8-F7117FC64CDC}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{DE2DE3B5-8173-4FAC-896C-9FAC3AE29D46}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{42216372-4873-4D06-8A71-3F90277E2E73}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E09D3792-7521-4348-A40C-8F04F7EBBEC1}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{950A489C-6DC1-4369-A3DC-3DFAE6527798}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{60D42B90-ECC4-40D2-A604-71943C273C20}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{9587D4F0-7BDE-42AA-8234-5B4948E5084A}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed] [File is in use]
FirewallRules: [{320922C1-99B3-4866-95D5-6D0C8792482C}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed] [File is in use]
FirewallRules: [{52E113A4-D189-4112-826B-9019169D0858}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{B8A860D9-E58B-40DD-B63F-07CE2BEC9BA5}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{6F3AD882-084D-4F82-88D9-937FCC53BB4C}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed] [File is in use]
FirewallRules: [{42B2AA49-B47A-4C28-9490-87830D930524}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed] [File is in use]
FirewallRules: [TCP Query User{1A5E115A-10A8-458D-B3A0-0D08C151128D}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{A33F85DC-8C02-40B1-99C9-2E2A9F5F0587}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{ED2F8AD3-A6E8-4A1C-BE03-77568C5A9C31}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software) [File not signed] [File is in use]
FirewallRules: [{24DF0275-31DF-480F-95AD-E9A62D964EA7}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software) [File not signed] [File is in use]
FirewallRules: [{5A06E980-6786-4094-BB82-A017F5B88366}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{402159DD-49FA-48BE-83F6-0781AE48CA75}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{BD235299-EF0E-4922-B1EC-FC5A352AB385}] => (Allow) D:\Hry\Assassins Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{55507DCB-965C-4C75-9957-E8B41A17E22D}] => (Allow) D:\Hry\Assassins Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B2602FD4-B505-43D0-9D71-C082B6C1712F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4FF2A286-D65E-4C74-9C25-5578B0DE9A78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A19CD65-1C4C-47F5-A1D7-D10DFA7AA235}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1DFD6FE1-1D64-45AC-8661-A5E986962417}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6414835A-7A26-411C-A441-8FFFC5940233}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{77CE0203-E3EF-4DF7-B882-5ED42ED27B52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

10-06-2020 00:29:36 Windows Update
14-06-2020 00:49:33 Windows Update
21-06-2020 13:23:23 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: HID-compliant headset
Description: HID-compliant headset
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/29/2020 06:09:51 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_e6beb9d913147d17.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_2e6bf0b02790a61d.manifest.

Error: (06/29/2020 05:48:09 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_e6beb9d913147d17.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_2e6bf0b02790a61d.manifest.

Error: (06/29/2020 03:19:11 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_e6beb9d913147d17.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_2e6bf0b02790a61d.manifest.

Error: (06/28/2020 08:50:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_e6beb9d913147d17.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_2e6bf0b02790a61d.manifest.

Error: (06/28/2020 04:29:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_e6beb9d913147d17.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_2e6bf0b02790a61d.manifest.

Error: (06/28/2020 12:41:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_e6beb9d913147d17.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_2e6bf0b02790a61d.manifest.

Error: (06/27/2020 04:10:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_e6beb9d913147d17.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.900_none_2e6bf0b02790a61d.manifest.

Error: (06/27/2020 07:26:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Wow.exe, verze: 8.3.0.34769, časové razítko: 0x5ee2c4a6
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.815, časové razítko: 0xb29ecf52
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000072a6
ID chybujícího procesu: 0x3f44
Čas spuštění chybující aplikace: 0x01d64be580a808a0
Cesta k chybující aplikaci: C:\World of Warcraft\_retail_\Wow.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: f67411d1-45d7-47ee-862a-27b00e13881d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (06/29/2020 06:11:04 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x00000139 (0x0000000000000003, 0xfffff8031f5edc20, 0xfffff8031f5edb78, 0x0000000000000000). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: 9b9fb61e-7897-4647-9f46-67a548800a95

Error: (06/29/2020 06:10:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba RasMan závisí na službě SstpSvc, která neuspěla při spuštění v důsledku následující chyby:
Operace byla dokončena úspěšně.

Error: (06/29/2020 06:09:34 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (06/29/2020 06:09:41 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (5:56:52, ‎29.‎06.‎2020) bylo neočekávané.

Error: (06/28/2020 05:47:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/28/2020 05:14:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/28/2020 05:12:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/27/2020 06:51:01 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7D2FQ0G)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2020-06-29 06:50:15.877
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-29 06:50:15.871
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-29 06:48:42.487
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-29 06:48:42.482
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-29 06:48:37.359
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-29 06:48:37.355
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-29 06:48:23.125
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-29 06:48:23.113
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.80 01/26/2016
Motherboard: ASRock Z170 Extreme4
Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 56%
Total physical RAM: 8137.27 MB
Available physical RAM: 3531.67 MB
Total Virtual: 18377.27 MB
Available Virtual: 12144.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.18 GB) (Free:38.74 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:264.5 GB) NTFS

\\?\Volume{153a7e41-9717-4114-b409-806cd10646b5}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{a57f3c44-5d42-4e0e-a549-233e2a1c34ff}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS
\\?\Volume{138a95a2-35ad-430f-91a6-0617b595d599}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

bojimso
2. Stupeň Varování
Příspěvky: 280
Registrován: 08 bře 2007 14:56

Re: BSOD Kernel, možná virus?

#5 Příspěvek od bojimso »

Minidump 29.6..rar
(169.29 KiB) Staženo 507 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: BSOD Kernel, možná virus?

#6 Příspěvek od Rudy »

Zdravím!
Stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.instaluj.cz/crystaldiskinfo a přes Úpravy>kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bojimso
2. Stupeň Varování
Příspěvky: 280
Registrován: 08 bře 2007 14:56

Re: BSOD Kernel, možná virus?

#7 Příspěvek od bojimso »

Zdravím,

info je zde.

----------------------------------------------------------------------------
CrystalDiskInfo 8.6.2 (C) 2008-2020 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 18363] (x64)
Date : 2020/06/29 20:34:41

-- Controller Map ----------------------------------------------------------
+ Intel(R) 100 Series/C230 Chipset Family SATA AHCI Controller [ATA]
- ST1000DM003-1SB102
- KINGSTON SUV400S37240G
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST1000DM003-1SB102 : 1000,2 GB [0/0/0, pd1] - st
(2) KINGSTON SUV400S37240G : 240,0 GB [1/0/0, pd1]

----------------------------------------------------------------------------
(1) ST1000DM003-1SB102
----------------------------------------------------------------------------
Model : ST1000DM003-1SB102
Firmware : CC43
Serial Number : Z9A5PPPC
Disk Size : 1000,2 GB (8,4/137,4/1000,2/----)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 14911 hod.
Power On Count : 2237 krát
Temperature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _83 _63 __6 00000C431A68 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 _98 _98 _20 000000000976 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _82 _60 _45 00000B7F2B67 Počet chybných hledání
09 _83 _83 __0 000000003A3F Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _98 _98 _20 0000000008BD Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _71 _62 _40 00001D19001D Teplota toku vzduchu
C1 _99 _99 __0 000000000985 Počet cyklů načítání/vymazání
C2 _29 _15 __0 000F0000001D Teplota
C3 __2 __1 __0 00000C431A68 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 4C4600003A38 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 000603427E95 Total Host Writes
F2 100 253 __0 001187C45AF6 Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5A39 4135 5050 5043
020: 0000 0000 0000 4343 3433 2020 2020 5354 3130 3030
030: 444D 3030 332D 3153 4231 3032 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0006 00CC 004C
080: 01F0 0029 346B 7D69 4163 3469 BC49 4163 407F 0035
090: 0035 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 9261 4791 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 FDFF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0184 9400 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BFA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 53 3F 68 1A 43 0C 00 00 00 03 03
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 62 62 76
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 52 3C 67 2B 7F 0B 00 00 00 09 32
040: 00 53 53 3F 3A 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 62 62 BD 08 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 47 3E 1D 00 19 1D 00 00 00 C1 32 00 63 63 85
0B0: 09 00 00 00 00 00 C2 22 00 1D 0F 1D 00 00 00 0F
0C0: 00 00 C3 1A 00 02 01 68 1A 43 0C 00 00 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 F0 00 00 64 FD 38 3A 00 00 46 4C 34 F1 00
100: 00 64 FD 95 7E 42 03 06 00 00 F2 00 00 64 FD F6
110: 5A C4 87 11 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73
170: 03 00 01 00 01 69 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 80 0A 00 00 05 03 03 03 03 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 1B 83 48 FF D2 30 00 00
1B0: 00 00 00 00 01 00 84 02 95 7E 42 03 06 00 00 00
1C0: F6 5A C4 87 11 00 00 00 00 00 00 00 70 3B DB 07
1D0: 00 00 00 00 00 00 00 00 53 03 00 00 06 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07
1F0: 00 00 00 00 00 00 00 00 00 00 14 17 00 00 00 DB

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 2D 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
0B0: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
0C0: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 F0 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AF

----------------------------------------------------------------------------
(2) KINGSTON SUV400S37240G
----------------------------------------------------------------------------
Model : KINGSTON SUV400S37240G
Firmware : 0C3FD6SD
Serial Number : 50026B7667013CF2
Disk Size : 240,0 GB (8,4/137,4/240,0/----)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 468862128
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-4
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 14890 hod.
Power On Count : 2228 krát
Temperature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 0000h [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 __0 000000000000 Počet chyb čtení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
09 100 100 __0 000000003A2A Hodin v činnosti
0C 100 100 __0 0000000008B4 Počet cyklů zapnutí zařízení
64 100 100 __0 000001A305C0 Specifický pro výrobce
65 100 100 __0 0000003AA500 Specifický pro výrobce
AA 100 100 __0 000000000000 Specifický pro výrobce
AB 100 100 __0 000000000000 Specifický pro výrobce
AC 100 100 __0 000000000000 Specifický pro výrobce
AE 100 100 __0 00000000002C Specifický pro výrobce
AF 100 100 __0 000000000000 Specifický pro výrobce
B0 100 100 __0 000000000000 Specifický pro výrobce
B1 _73 _73 __0 00000000203B Specifický pro výrobce
B2 100 100 __0 000000000000 Specifický pro výrobce
B4 100 100 __0 000000000517 Specifický pro výrobce
B7 _91 _91 __0 00000000005B Specifický pro výrobce
BB 100 100 __0 000000000000 Specifický pro výrobce
C2 _29 100 __0 00270011001D Teplota
C3 100 100 __0 000000000000 Specifický pro výrobce
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C7 100 100 __0 000000000000 Specifický pro výrobce
C9 100 100 __0 000000000000 Specifický pro výrobce
CC 100 100 __0 000000000000 Specifický pro výrobce
E7 _78 _78 __0 000000000016 Specifický pro výrobce
E9 100 100 __0 00000000C4B1 Specifický pro výrobce
EA 100 100 __0 0000000056B9 Specifický pro výrobce
F1 100 100 __0 000000009068 Total Host Writes
F2 100 100 __0 000000014902 Total Host Reads
FA 100 100 __0 000000000000 Specifický pro výrobce

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3530 3032 3642 3736 3637 3031 3343 4632 2020 2020
020: 0000 0000 0000 3043 3346 4436 5344 4B49 4E47 5354
030: 4F4E 2053 5556 3430 3053 3337 3234 3047 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB B910
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4D18
070: 0000 0000 0000 0000 0000 001F E70E 0006 00CC 00CC
080: 0FFE 0028 746B 7409 4163 7069 B409 4167 407F 0002
090: 0002 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 44B0 1BF2 0000 0000 0000 0008 6003 0000 0550 3804
110: 4001 0000 0000 0000 0000 0000 0000 0000 0000 4358
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 4D52
130: 564C 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3737 3434 2020 2020 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0007 0001
170: 2020 2020 2020 2020 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0051 0000 0000 0000 0000 0000 0000
230: 44B0 1BF2 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B6A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 30 00 01 2F 00 64 64 00 00 00 00 00 00 00 05 33
010: 00 64 64 00 00 00 00 00 00 0A 09 32 00 64 64 2A
020: 3A 00 00 00 00 00 0C 32 00 64 64 B4 08 00 00 00
030: 00 00 64 32 00 64 64 C0 05 A3 01 00 00 00 65 32
040: 00 64 64 00 A5 3A 00 00 00 00 AA 32 00 64 64 00
050: 00 00 00 00 00 00 AB 32 00 64 64 00 00 00 00 00
060: 00 00 AC 32 00 64 64 00 00 00 00 00 00 00 AE 32
070: 00 64 64 2C 00 00 00 00 00 00 AF 32 00 64 64 00
080: 00 00 00 00 00 00 B0 32 00 64 64 00 00 00 00 00
090: 00 00 B1 32 00 49 49 3B 20 00 00 00 00 00 B2 02
0A0: 00 64 64 00 00 00 00 00 00 00 B4 02 00 64 64 17
0B0: 05 00 00 00 00 00 B7 32 00 5B 5B 5B 00 00 00 00
0C0: 00 00 BB 33 00 64 64 00 00 00 00 00 00 00 C2 22
0D0: 00 1D 64 1D 00 11 00 27 00 00 C3 32 00 64 64 00
0E0: 00 00 00 00 00 00 C4 32 00 64 64 00 00 00 00 00
0F0: 00 00 C5 32 00 64 64 00 00 00 00 00 00 00 C7 12
100: 00 64 64 00 00 00 00 00 00 00 C9 32 00 64 64 00
110: 00 00 00 00 00 00 CC 32 00 64 64 00 00 00 00 00
120: 00 00 E7 32 00 4E 4E 16 00 00 00 00 00 00 E9 32
130: 00 64 64 B1 C4 00 00 00 00 00 EA 32 00 64 64 B9
140: 56 00 00 00 00 00 F1 32 00 64 64 68 90 00 00 00
150: 00 00 F2 32 00 64 64 02 49 01 00 00 00 00 FA 32
160: 00 64 64 00 00 00 00 00 00 00 00 00 05 00 01 71
170: 03 00 01 00 02 05 00 00 00 00 00 00 00 00 00 00
180: 00 00 5B 00 00 00 00 00 00 00 00 00 29 01 00 00
190: 00 00 00 00 00 00 00 00 77 0B 00 00 00 00 00 00
1A0: 9A 26 16 0D 12 00 00 00 00 40 E5 5A 01 00 00 00
1B0: 00 00 00 00 00 00 00 00 0C 8E 4C 20 29 00 00 00
1C0: 89 CF 24 EB 06 00 00 00 17 05 00 00 02 00 00 00
1D0: 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 04 10 00 00 00 00 00 DE

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 00 01 00 00 00 00 00 00 00 00 00 00 00 05 0A
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 64 00 00 00 00 00 00 00 00 00 00 00 65 00
040: 00 00 00 00 00 00 00 00 00 00 AA 00 00 00 00 00
050: 00 00 00 00 00 00 AB 00 00 00 00 00 00 00 00 00
060: 00 00 AC 00 00 00 00 00 00 00 00 00 00 00 AE 00
070: 00 00 00 00 00 00 00 00 00 00 AF 00 00 00 00 00
080: 00 00 00 00 00 00 B0 00 00 00 00 00 00 00 00 00
090: 00 00 B1 00 00 00 00 00 00 00 00 00 00 00 B2 00
0A0: 00 00 00 00 00 00 00 00 00 00 B4 00 00 00 00 00
0B0: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
0C0: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0E0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0F0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C9 00 00 00 00 00
110: 00 00 00 00 00 00 CC 00 00 00 00 00 00 00 00 00
120: 00 00 E7 00 00 00 00 00 00 00 00 00 00 00 E9 00
130: 00 00 00 00 00 00 00 00 00 00 EA 00 00 00 00 00
140: 00 00 00 00 00 00 F1 00 00 00 00 00 00 00 00 00
150: 00 00 F2 00 00 00 00 00 00 00 00 00 00 00 FA 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 76

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: BSOD Kernel, možná virus?

#8 Příspěvek od Rudy »

Oba disky jsou OK. Přes příkazový řádek příkazem:
sfc /scannow
spusťte kontrolu a případnou opravu systémových souborů. Po skončení akce restartujte a vyzkoušejte PC v normálním provozu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bojimso
2. Stupeň Varování
Příspěvky: 280
Registrován: 08 bře 2007 14:56

Re: BSOD Kernel, možná virus?

#9 Příspěvek od bojimso »

Hotovo, přidávám LOG ze dneška ze souboru CBS.log ve složce C:\Windows\Logs\CBS , některé soubory byly poškozené.

2020-06-29 03:54:57, Info CBS TI: --- Initializing Trusted Installer ---
2020-06-29 03:54:57, Info CBS TI: Last boot time: 2020-06-22 14:40:37.674
2020-06-29 03:54:57, Info CBS Starting TrustedInstaller initialization.
2020-06-29 03:54:57, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2020-06-29 03:54:57, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2020-06-29 03:54:57, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 03:54:57, Info CBS Ending TrustedInstaller initialization.
2020-06-29 03:54:57, Info CBS Starting the TrustedInstaller main loop.
2020-06-29 03:54:57, Info CBS TrustedInstaller service starts successfully.
2020-06-29 03:54:57, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2020-06-29 03:54:57, Info CBS Startup processing thread terminated normally
2020-06-29 03:54:57, Info CBS TI: Startup Processing completes, release startup processing lock.
2020-06-29 03:54:57, Info CBS Starting TiWorker initialization.
2020-06-29 03:54:57, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2020-06-29 03:54:57, Info CBS Ending TiWorker initialization.
2020-06-29 03:54:57, Info CBS Starting the TiWorker main loop.
2020-06-29 03:54:57, Info CBS TiWorker starts successfully.
2020-06-29 03:54:57, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2020-06-29 03:54:57, Info CBS Universal Time is: 2020-06-29 01:54:57.586
2020-06-29 03:54:57, Info CBS Loaded Servicing Stack v10.0.18362.892 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.892_none_5efe5b5a590f76dc\cbscore.dll
2020-06-29 03:54:57, Info CBS Build: 18362.1.amd64fre.19h1_release.190318-1202
2020-06-29 03:54:57, Info CSI 00000001@2020/6/29:01:54:57.623 WcpInitialize: wcp.dll version 10.0.18362.892 (WinBuild.160101.0800)
2020-06-29 03:54:57, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:8
2020-06-29 03:54:57, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 03:54:57, Info CBS NonStart: Set pending store consistency check.
2020-06-29 03:54:57, Info CBS Maint: idle processing paused
2020-06-29 03:54:57, Info CBS Session: 30821816_1253299180 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2020-06-29 03:54:57, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 03:54:57, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 03:54:57, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2020-06-29 03:54:57, Info CBS Maint: idle processing paused
2020-06-29 03:54:57, Info CBS Session: 30821816_1253367494 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2020-06-29 03:54:57, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 03:54:57, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 03:54:57, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2020-06-29 03:54:58, Info CBS WU creates the package, AppID:<<PROCESS>>: CompatTelRunner.exe, UpdateID:{33D6CF13-224E-459B-AD4F-AF8C5E3CC469}, revision: 202
2020-06-29 03:54:58, Info CBS Read out cached applicability from TiLight for package: Mapping_Package_for_KB3089226_af-ZA_amd64~31bf3856ad364e35~amd64~~10.0.10240.0, ApplicableState: 0, CurrentState:0
2020-06-29 03:54:58, Info CBS WU creates the package, AppID:<<PROCESS>>: CompatTelRunner.exe, UpdateID:{33238534-6440-4232-9A18-E7A602E51BE6}, revision: 201
2020-06-29 03:54:58, Info CBS Read out cached applicability from TiLight for package: Package_for_KB3064238~31bf3856ad364e35~amd64~~10.0.1.2, ApplicableState: 0, CurrentState:0
2020-06-29 03:56:58, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2020-06-29 03:56:58, Info CBS Maint: idle processing paused
2020-06-29 03:56:58, Info CBS TiWorker signaled for shutdown, going to exit.
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 03:56:58, Info CBS Execution Engine Finalize
2020-06-29 03:56:58, Info CBS Execution Engine Finalize
2020-06-29 03:56:58, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2020-06-29 03:56:58, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2020-06-29 03:56:58, Info CBS Ending the TiWorker main loop.
2020-06-29 03:56:58, Info CBS Starting TiWorker finalization.
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 03:56:58, Info CBS CBS Engine already deactivated
2020-06-29 03:56:58, Info CBS CBS Engine already deactivated
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: CoreResourcesUnload
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: SessionManagerFinalize
2020-06-29 03:56:58, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 03:56:58, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:8
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: WcpUnload
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: DrupUnload
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: CfgMgr32Unload
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: DpxUnload
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: SrUnload
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: CbsEsdUnload
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: CbsEventUnregister
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: AppContainerUnload
2020-06-29 03:56:58, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2020-06-29 03:56:58, Info CBS Ending TiWorker finalization.
2020-06-29 03:56:58, Info CBS Ending the TrustedInstaller main loop.
2020-06-29 03:56:58, Info CBS Starting TrustedInstaller finalization.
2020-06-29 03:56:58, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 03:56:58, Info CBS Ending TrustedInstaller finalization.
2020-06-29 05:19:08, Info CBS TI: --- Initializing Trusted Installer ---
2020-06-29 05:19:08, Info CBS TI: Last boot time: 2020-06-22 14:40:37.674
2020-06-29 05:19:08, Info CBS Starting TrustedInstaller initialization.
2020-06-29 05:19:08, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2020-06-29 05:19:08, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2020-06-29 05:19:08, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 05:19:08, Info CBS Ending TrustedInstaller initialization.
2020-06-29 05:19:08, Info CBS Starting the TrustedInstaller main loop.
2020-06-29 05:19:08, Info CBS TrustedInstaller service starts successfully.
2020-06-29 05:19:08, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2020-06-29 05:19:08, Info CBS Startup processing thread terminated normally
2020-06-29 05:19:08, Info CBS TI: Startup Processing completes, release startup processing lock.
2020-06-29 05:19:08, Info CBS Starting TiWorker initialization.
2020-06-29 05:19:08, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2020-06-29 05:19:08, Info CBS Ending TiWorker initialization.
2020-06-29 05:19:08, Info CBS Starting the TiWorker main loop.
2020-06-29 05:19:08, Info CBS TiWorker starts successfully.
2020-06-29 05:19:08, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2020-06-29 05:19:08, Info CBS Universal Time is: 2020-06-29 03:19:08.836
2020-06-29 05:19:08, Info CBS Loaded Servicing Stack v10.0.18362.892 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.892_none_5efe5b5a590f76dc\cbscore.dll
2020-06-29 05:19:08, Info CBS Build: 18362.1.amd64fre.19h1_release.190318-1202
2020-06-29 05:19:08, Info CSI 00000001@2020/6/29:03:19:08.869 WcpInitialize: wcp.dll version 10.0.18362.892 (WinBuild.160101.0800)
2020-06-29 05:19:08, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:8
2020-06-29 05:19:08, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 05:19:08, Info CBS NonStart: Set pending store consistency check.
2020-06-29 05:19:08, Info CBS Maint: idle processing paused
2020-06-29 05:19:08, Info CBS Session: 30821828_226082739 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2020-06-29 05:19:08, Info CBS Maint: idle processing paused
2020-06-29 05:19:08, Info CBS Session: 30821828_226092504 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2020-06-29 05:19:09, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2020-06-29 05:19:09, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Appl:LCU package and revision compare set to explicit
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Maint: idle processing paused
2020-06-29 05:19:09, Info CBS Session: 30821828_230940045 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2020-06-29 05:19:09, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2020-06-29 05:19:09, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Appl:LCU package and revision compare set to explicit
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Maint: idle processing paused
2020-06-29 05:19:09, Info CBS Session: 30821828_234043722 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2020-06-29 05:19:09, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2020-06-29 05:19:09, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:19:09, Info CBS Appl:LCU package and revision compare set to explicit
2020-06-29 05:19:09, Info CBS Package Format: PSFX
2020-06-29 05:21:10, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2020-06-29 05:21:10, Info CBS Maint: idle processing paused
2020-06-29 05:21:10, Info CBS TiWorker signaled for shutdown, going to exit.
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 05:21:10, Info CBS Execution Engine Finalize
2020-06-29 05:21:10, Info CBS Execution Engine Finalize
2020-06-29 05:21:10, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2020-06-29 05:21:10, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2020-06-29 05:21:10, Info CBS Ending the TiWorker main loop.
2020-06-29 05:21:10, Info CBS Starting TiWorker finalization.
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 05:21:10, Info CBS CBS Engine already deactivated
2020-06-29 05:21:10, Info CBS CBS Engine already deactivated
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: CoreResourcesUnload
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: SessionManagerFinalize
2020-06-29 05:21:10, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 05:21:10, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:8
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: WcpUnload
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: DrupUnload
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: CfgMgr32Unload
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: DpxUnload
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: SrUnload
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: CbsEsdUnload
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: CbsEventUnregister
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: AppContainerUnload
2020-06-29 05:21:10, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2020-06-29 05:21:10, Info CBS Ending TiWorker finalization.
2020-06-29 05:21:10, Info CBS Ending the TrustedInstaller main loop.
2020-06-29 05:21:10, Info CBS Starting TrustedInstaller finalization.
2020-06-29 05:21:10, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 05:21:10, Info CBS Ending TrustedInstaller finalization.
2020-06-29 06:14:11, Info CBS TI: --- Initializing Trusted Installer ---
2020-06-29 06:14:11, Info CBS TI: Last boot time: 2020-06-29 06:09:33.500
2020-06-29 06:14:11, Info CBS Starting TrustedInstaller initialization.
2020-06-29 06:14:11, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2020-06-29 06:14:11, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2020-06-29 06:14:11, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 06:14:11, Info CBS Ending TrustedInstaller initialization.
2020-06-29 06:14:11, Info CBS Starting the TrustedInstaller main loop.
2020-06-29 06:14:11, Info CBS TrustedInstaller service starts successfully.
2020-06-29 06:14:11, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2020-06-29 06:14:11, Info CBS Startup processing thread terminated normally
2020-06-29 06:14:11, Info CBS TI: Startup Processing completes, release startup processing lock.
2020-06-29 06:14:11, Info CBS Starting TiWorker initialization.
2020-06-29 06:14:11, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2020-06-29 06:14:11, Info CBS Ending TiWorker initialization.
2020-06-29 06:14:11, Info CBS Starting the TiWorker main loop.
2020-06-29 06:14:11, Info CBS TiWorker starts successfully.
2020-06-29 06:14:11, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2020-06-29 06:14:11, Info CBS Universal Time is: 2020-06-29 04:14:11.691
2020-06-29 06:14:11, Info CBS Loaded Servicing Stack v10.0.18362.892 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.892_none_5efe5b5a590f76dc\cbscore.dll
2020-06-29 06:14:11, Info CBS Build: 18362.1.amd64fre.19h1_release.190318-1202
2020-06-29 06:14:11, Info CSI 00000001@2020/6/29:04:14:11.695 WcpInitialize: wcp.dll version 10.0.18362.892 (WinBuild.160101.0800)
2020-06-29 06:14:11, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:8
2020-06-29 06:14:11, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 06:14:11, Info CBS NonStart: Set pending store consistency check.
2020-06-29 06:14:11, Info CBS Maint: idle processing paused
2020-06-29 06:14:11, Info CBS Session: 30821835_3189358679 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2020-06-29 06:14:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 06:14:11, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 06:14:11, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2020-06-29 06:14:11, Info CBS Maint: idle processing paused
2020-06-29 06:14:11, Info CBS Session: 30821835_3189398572 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2020-06-29 06:14:11, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 06:14:11, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 06:14:11, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2020-06-29 06:16:11, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2020-06-29 06:16:11, Info CBS Maint: idle processing paused
2020-06-29 06:16:11, Info CBS TiWorker signaled for shutdown, going to exit.
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 06:16:11, Info CBS Execution Engine Finalize
2020-06-29 06:16:11, Info CBS Execution Engine Finalize
2020-06-29 06:16:11, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2020-06-29 06:16:11, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2020-06-29 06:16:11, Info CBS Ending the TiWorker main loop.
2020-06-29 06:16:11, Info CBS Starting TiWorker finalization.
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 06:16:11, Info CBS CBS Engine already deactivated
2020-06-29 06:16:11, Info CBS CBS Engine already deactivated
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: CoreResourcesUnload
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: SessionManagerFinalize
2020-06-29 06:16:11, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 06:16:11, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:8
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: WcpUnload
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: DrupUnload
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: CfgMgr32Unload
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: DpxUnload
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: SrUnload
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: CbsEsdUnload
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: CbsEventUnregister
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: AppContainerUnload
2020-06-29 06:16:11, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2020-06-29 06:16:11, Info CBS Ending TiWorker finalization.
2020-06-29 06:16:11, Info CBS Ending the TrustedInstaller main loop.
2020-06-29 06:16:11, Info CBS Starting TrustedInstaller finalization.
2020-06-29 06:16:11, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 06:16:11, Info CBS Ending TrustedInstaller finalization.
2020-06-29 06:30:03, Info CBS TI: --- Initializing Trusted Installer ---
2020-06-29 06:30:03, Info CBS TI: Last boot time: 2020-06-29 06:09:33.500
2020-06-29 06:30:03, Info CBS Starting TrustedInstaller initialization.
2020-06-29 06:30:03, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2020-06-29 06:30:03, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2020-06-29 06:30:03, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 06:30:03, Info CBS Ending TrustedInstaller initialization.
2020-06-29 06:30:03, Info CBS Starting the TrustedInstaller main loop.
2020-06-29 06:30:03, Info CBS TrustedInstaller service starts successfully.
2020-06-29 06:30:03, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2020-06-29 06:30:03, Info CBS Startup processing thread terminated normally
2020-06-29 06:30:03, Info CBS TI: Startup Processing completes, release startup processing lock.
2020-06-29 06:30:03, Info CBS Starting TiWorker initialization.
2020-06-29 06:30:03, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2020-06-29 06:30:03, Info CBS Ending TiWorker initialization.
2020-06-29 06:30:03, Info CBS Starting the TiWorker main loop.
2020-06-29 06:30:03, Info CBS TiWorker starts successfully.
2020-06-29 06:30:03, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2020-06-29 06:30:03, Info CBS Universal Time is: 2020-06-29 04:30:03.404
2020-06-29 06:30:03, Info CBS Loaded Servicing Stack v10.0.18362.892 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.892_none_5efe5b5a590f76dc\cbscore.dll
2020-06-29 06:30:03, Info CBS Build: 18362.1.amd64fre.19h1_release.190318-1202
2020-06-29 06:30:03, Info CSI 00000001@2020/6/29:04:30:03.408 WcpInitialize: wcp.dll version 10.0.18362.892 (WinBuild.160101.0800)
2020-06-29 06:30:03, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:8
2020-06-29 06:30:03, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 06:30:03, Info CBS NonStart: Set pending store consistency check.
2020-06-29 06:30:03, Info CBS Maint: idle processing paused
2020-06-29 06:30:03, Info CBS Session: 30821837_4116575330 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2020-06-29 06:30:03, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 06:30:03, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 06:30:03, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2020-06-29 06:30:03, Info CBS Maint: idle processing paused
2020-06-29 06:30:03, Info CBS Session: 30821837_4116595202 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2020-06-29 06:30:03, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 06:30:03, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 06:30:03, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2020-06-29 06:32:03, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2020-06-29 06:32:03, Info CBS Maint: idle processing paused
2020-06-29 06:32:03, Info CBS TiWorker signaled for shutdown, going to exit.
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 06:32:03, Info CBS Execution Engine Finalize
2020-06-29 06:32:03, Info CBS Execution Engine Finalize
2020-06-29 06:32:03, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2020-06-29 06:32:03, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2020-06-29 06:32:03, Info CBS Ending the TiWorker main loop.
2020-06-29 06:32:03, Info CBS Starting TiWorker finalization.
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 06:32:03, Info CBS CBS Engine already deactivated
2020-06-29 06:32:03, Info CBS CBS Engine already deactivated
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: CoreResourcesUnload
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: SessionManagerFinalize
2020-06-29 06:32:03, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 06:32:03, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:8
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: WcpUnload
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: DrupUnload
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: CfgMgr32Unload
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: DpxUnload
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: SrUnload
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: CbsEsdUnload
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: CbsEventUnregister
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: AppContainerUnload
2020-06-29 06:32:03, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2020-06-29 06:32:03, Info CBS Ending TiWorker finalization.
2020-06-29 06:32:03, Info CBS Ending the TrustedInstaller main loop.
2020-06-29 06:32:03, Info CBS Starting TrustedInstaller finalization.
2020-06-29 06:32:03, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 06:32:03, Info CBS Ending TrustedInstaller finalization.
2020-06-29 12:52:02, Info CBS TI: --- Initializing Trusted Installer ---
2020-06-29 12:52:02, Info CBS TI: Last boot time: 2020-06-29 06:09:33.500
2020-06-29 12:52:02, Info CBS Starting TrustedInstaller initialization.
2020-06-29 12:52:02, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2020-06-29 12:52:02, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2020-06-29 12:52:02, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 12:52:02, Info CBS Ending TrustedInstaller initialization.
2020-06-29 12:52:02, Info CBS Starting the TrustedInstaller main loop.
2020-06-29 12:52:02, Info CBS TrustedInstaller service starts successfully.
2020-06-29 12:52:02, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2020-06-29 12:52:02, Info CBS Startup processing thread terminated normally
2020-06-29 12:52:02, Info CBS TI: Startup Processing completes, release startup processing lock.
2020-06-29 12:52:02, Info CBS Starting TiWorker initialization.
2020-06-29 12:52:02, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2020-06-29 12:52:02, Info CBS Ending TiWorker initialization.
2020-06-29 12:52:02, Info CBS Starting the TiWorker main loop.
2020-06-29 12:52:02, Info CBS TiWorker starts successfully.
2020-06-29 12:52:02, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2020-06-29 12:52:02, Info CBS Universal Time is: 2020-06-29 10:52:02.851
2020-06-29 12:52:02, Info CBS Loaded Servicing Stack v10.0.18362.892 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.892_none_5efe5b5a590f76dc\cbscore.dll
2020-06-29 12:52:02, Info CBS Build: 18362.1.amd64fre.19h1_release.190318-1202
2020-06-29 12:52:02, Info CSI 00000001@2020/6/29:10:52:02.867 WcpInitialize: wcp.dll version 10.0.18362.892 (WinBuild.160101.0800)
2020-06-29 12:52:02, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:8
2020-06-29 12:52:02, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 12:52:02, Info CBS NonStart: Set pending store consistency check.
2020-06-29 12:52:02, Info CBS Maint: idle processing paused
2020-06-29 12:52:02, Info CBS Session: 30821891_1382797913 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2020-06-29 12:52:02, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 12:52:02, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 12:52:02, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2020-06-29 12:52:02, Info CBS Maint: idle processing paused
2020-06-29 12:52:02, Info CBS Session: 30821891_1382954136 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2020-06-29 12:52:02, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 12:52:02, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2020-06-29 12:52:02, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2020-06-29 12:52:06, Info CBS WU creates the package, AppID:UpdateOrchestrator, UpdateID:{33D6CF13-224E-459B-AD4F-AF8C5E3CC469}, revision: 202
2020-06-29 12:52:06, Info CBS Read out cached applicability from TiLight for package: Mapping_Package_for_KB3089226_af-ZA_amd64~31bf3856ad364e35~amd64~~10.0.10240.0, ApplicableState: 0, CurrentState:0
2020-06-29 12:52:06, Info CBS WU creates the package, AppID:UpdateOrchestrator, UpdateID:{795061F3-97C2-40A5-8277-982FE6FFD9CD}, revision: 200
2020-06-29 12:52:06, Info CBS Read out cached applicability from TiLight for package: Package_for_DotNetRollup~31bf3856ad364e35~amd64~~10.0.1.3178, ApplicableState: 112, CurrentState:112
2020-06-29 12:52:06, Info CBS WU creates the package, AppID:UpdateOrchestrator, UpdateID:{E39EAF57-AA06-4FA5-B4BA-713A639652E0}, revision: 200
2020-06-29 12:52:06, Info CBS Read out cached applicability from TiLight for package: Package_for_KB4561600~31bf3856ad364e35~amd64~~10.0.1.1, ApplicableState: 112, CurrentState:112
2020-06-29 12:52:06, Info CBS WU creates the package, AppID:UpdateOrchestrator, UpdateID:{33238534-6440-4232-9A18-E7A602E51BE6}, revision: 201
2020-06-29 12:52:06, Info CBS Read out cached applicability from TiLight for package: Package_for_KB3064238~31bf3856ad364e35~amd64~~10.0.1.2, ApplicableState: 0, CurrentState:0
2020-06-29 12:52:06, Info CBS WU creates the package, AppID:UpdateOrchestrator, UpdateID:{D7BA2F37-C50E-4634-BA99-329DEE3A2AD2}, revision: 203
2020-06-29 12:52:06, Info CBS Read out cached applicability from TiLight for package: Package_for_KB4497165~31bf3856ad364e35~amd64~~10.0.4.1, ApplicableState: 112, CurrentState:112
2020-06-29 12:54:06, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2020-06-29 12:54:06, Info CBS Maint: idle processing paused
2020-06-29 12:54:06, Info CBS TiWorker signaled for shutdown, going to exit.
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 12:54:06, Info CBS Execution Engine Finalize
2020-06-29 12:54:06, Info CBS Execution Engine Finalize
2020-06-29 12:54:06, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2020-06-29 12:54:06, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2020-06-29 12:54:06, Info CBS Ending the TiWorker main loop.
2020-06-29 12:54:06, Info CBS Starting TiWorker finalization.
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2020-06-29 12:54:06, Info CBS CBS Engine already deactivated
2020-06-29 12:54:06, Info CBS CBS Engine already deactivated
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: CoreResourcesUnload
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: SessionManagerFinalize
2020-06-29 12:54:06, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 12:54:06, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:8
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: WcpUnload
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: DrupUnload
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: CfgMgr32Unload
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: DpxUnload
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: SrUnload
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: CbsEsdUnload
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: CbsEventUnregister
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: AppContainerUnload
2020-06-29 12:54:06, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2020-06-29 12:54:06, Info CBS Ending TiWorker finalization.
2020-06-29 12:54:06, Info CBS Ending the TrustedInstaller main loop.
2020-06-29 12:54:06, Info CBS Starting TrustedInstaller finalization.
2020-06-29 12:54:06, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 12:54:06, Info CBS Ending TrustedInstaller finalization.
2020-06-29 21:04:43, Info CBS TI: --- Initializing Trusted Installer ---
2020-06-29 21:04:43, Info CBS TI: Last boot time: 2020-06-29 06:09:33.500
2020-06-29 21:04:43, Info CBS Starting TrustedInstaller initialization.
2020-06-29 21:04:43, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2020-06-29 21:04:43, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2020-06-29 21:04:43, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2020-06-29 21:04:43, Info CBS Ending TrustedInstaller initialization.
2020-06-29 21:04:43, Info CBS Starting the TrustedInstaller main loop.
2020-06-29 21:04:43, Info CBS TrustedInstaller service starts successfully.
2020-06-29 21:04:43, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2020-06-29 21:04:43, Info CBS Startup processing thread terminated normally
2020-06-29 21:04:43, Info CBS TI: Startup Processing completes, release startup processing lock.
2020-06-29 21:04:45, Info CBS Starting TiWorker initialization.
2020-06-29 21:04:45, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2020-06-29 21:04:45, Info CBS Ending TiWorker initialization.
2020-06-29 21:04:45, Info CBS Starting the TiWorker main loop.
2020-06-29 21:04:45, Info CBS TiWorker starts successfully.
2020-06-29 21:04:45, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2020-06-29 21:04:45, Info CBS TiWorker: Client requests SFP repair object.
2020-06-29 21:04:45, Info CBS Universal Time is: 2020-06-29 19:04:45.114
2020-06-29 21:04:45, Info CBS Loaded Servicing Stack v10.0.18362.892 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.892_none_5efe5b5a590f76dc\cbscore.dll
2020-06-29 21:04:45, Info CBS Build: 18362.1.amd64fre.19h1_release.190318-1202
2020-06-29 21:04:45, Info CSI 00000001@2020/6/29:19:04:45.156 WcpInitialize: wcp.dll version 10.0.18362.892 (WinBuild.160101.0800)
2020-06-29 21:04:45, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:8
2020-06-29 21:04:45, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:9
2020-06-29 21:04:45, Info CBS NonStart: Set pending store consistency check.
2020-06-29 21:04:45, Info CSI 00000002@2020/6/29:19:04:45.206 WcpInitialize: wcp.dll version 10.0.18362.892 (WinBuild.160101.0800)
2020-06-29 21:04:45, Info CBS Maint: idle processing paused
2020-06-29 21:04:45, Info CSI 00000003 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0x9664bfdcf0
2020-06-29 21:04:45, Info CSI 00000004 Poqexec successfully registered in [l:12 ml:13]'SetupExecute'
2020-06-29 21:04:45, Info CSI 00000005 CSI Store 1996280908032 initialized
2020-06-29 21:04:48, Info CSI 00000006 [SR] Verifying 100 components
2020-06-29 21:04:48, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:48, Info CSI 00000008 [SR] Verify complete
2020-06-29 21:04:48, Info CSI 00000009 [SR] Verifying 100 components
2020-06-29 21:04:48, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:48, Info CSI 0000000b [SR] Verify complete
2020-06-29 21:04:49, Info CSI 0000000c [SR] Verifying 100 components
2020-06-29 21:04:49, Info CSI 0000000d [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:49, Info CSI 0000000e [SR] Verify complete
2020-06-29 21:04:49, Info CSI 0000000f [SR] Verifying 100 components
2020-06-29 21:04:49, Info CSI 00000010 [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:49, Info CSI 00000011 [SR] Verify complete
2020-06-29 21:04:49, Info CSI 00000012 [SR] Verifying 100 components
2020-06-29 21:04:49, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:50, Info CSI 00000014 CSIPERF - FilePI Queue 132ms
2020-06-29 21:04:50, Info CSI 00000015 [SR] Verify complete
2020-06-29 21:04:50, Info CSI 00000016 [SR] Verifying 100 components
2020-06-29 21:04:50, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:50, Info CSI 00000018 [SR] Verify complete
2020-06-29 21:04:50, Info CSI 00000019 [SR] Verifying 100 components
2020-06-29 21:04:50, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:51, Info CSI 0000001b [SR] Verify complete
2020-06-29 21:04:51, Info CSI 0000001c [SR] Verifying 100 components
2020-06-29 21:04:51, Info CSI 0000001d [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:52, Info CSI 0000001e [SR] Verify complete
2020-06-29 21:04:52, Info CSI 0000001f [SR] Verifying 100 components
2020-06-29 21:04:52, Info CSI 00000020 [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:53, Info CSI 00000021 [SR] Verify complete
2020-06-29 21:04:53, Info CSI 00000022 [SR] Verifying 100 components
2020-06-29 21:04:53, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:55, Info CSI 00000024 [SR] Verify complete
2020-06-29 21:04:55, Info CSI 00000025 [SR] Verifying 100 components
2020-06-29 21:04:55, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2020-06-29 21:04:56, Info CSI 00000027 [SR] Verify complete
2020-06-29 21:04:56, Info CSI 00000028 [SR] Verifying 100 components
2020-06-29 21:04:56, Info CSI 00000029 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:01, Info CSI 0000002a [SR] Verify complete
2020-06-29 21:05:01, Info CSI 0000002b [SR] Verifying 100 components
2020-06-29 21:05:01, Info CSI 0000002c [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:05, Info CSI 0000002d [SR] Verify complete
2020-06-29 21:05:05, Info CSI 0000002e [SR] Verifying 100 components
2020-06-29 21:05:05, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:06, Info CSI 00000030 [SR] Verify complete
2020-06-29 21:05:06, Info CSI 00000031 [SR] Verifying 100 components
2020-06-29 21:05:06, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:07, Info CSI 00000033 [SR] Verify complete
2020-06-29 21:05:07, Info CSI 00000034 [SR] Verifying 100 components
2020-06-29 21:05:07, Info CSI 00000035 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:07, Info CSI 00000036 [SR] Verify complete
2020-06-29 21:05:07, Info CSI 00000037 [SR] Verifying 100 components
2020-06-29 21:05:07, Info CSI 00000038 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:08, Info CSI 00000039 CSIPERF - FilePI Queue 203ms
2020-06-29 21:05:08, Info CSI 0000003a [SR] Verify complete
2020-06-29 21:05:08, Info CSI 0000003b [SR] Verifying 100 components
2020-06-29 21:05:08, Info CSI 0000003c [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:09, Info CSI 0000003d [SR] Verify complete
2020-06-29 21:05:09, Info CSI 0000003e [SR] Verifying 100 components
2020-06-29 21:05:09, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:10, Info CSI 00000040 [SR] Verify complete
2020-06-29 21:05:10, Info CSI 00000041 [SR] Verifying 100 components
2020-06-29 21:05:10, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:11, Info CSI 00000043 [SR] Verify complete
2020-06-29 21:05:11, Info CSI 00000044 [SR] Verifying 100 components
2020-06-29 21:05:11, Info CSI 00000045 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:12, Info CSI 00000046 [SR] Verify complete
2020-06-29 21:05:12, Info CSI 00000047 [SR] Verifying 100 components
2020-06-29 21:05:12, Info CSI 00000048 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:12, Info CSI 00000049 [SR] Verify complete
2020-06-29 21:05:13, Info CSI 0000004a [SR] Verifying 100 components
2020-06-29 21:05:13, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:14, Info CSI 0000004c [SR] Verify complete
2020-06-29 21:05:14, Info CSI 0000004d [SR] Verifying 100 components
2020-06-29 21:05:14, Info CSI 0000004e [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:15, Info CSI 0000004f [SR] Verify complete
2020-06-29 21:05:15, Info CSI 00000050 [SR] Verifying 100 components
2020-06-29 21:05:15, Info CSI 00000051 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:16, Info CSI 00000052 [SR] Verify complete
2020-06-29 21:05:16, Info CSI 00000053 [SR] Verifying 100 components
2020-06-29 21:05:16, Info CSI 00000054 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:17, Info CSI 00000055 [SR] Verify complete
2020-06-29 21:05:17, Info CSI 00000056 [SR] Verifying 100 components
2020-06-29 21:05:17, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:18, Info CSI 00000058 [SR] Verify complete
2020-06-29 21:05:18, Info CSI 00000059 [SR] Verifying 100 components
2020-06-29 21:05:18, Info CSI 0000005a [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:19, Info CSI 0000005b [SR] Verify complete
2020-06-29 21:05:19, Info CSI 0000005c [SR] Verifying 100 components
2020-06-29 21:05:19, Info CSI 0000005d [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:21, Info CSI 0000005e CSIPERF - FilePI Queue 170ms
2020-06-29 21:05:21, Info CSI 0000005f CSIPERF - FilePI Queue 324ms
2020-06-29 21:05:21, Info CSI 00000060 [SR] Verify complete
2020-06-29 21:05:21, Info CSI 00000061 [SR] Verifying 100 components
2020-06-29 21:05:21, Info CSI 00000062 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:22, Info CSI 00000063 [SR] Verify complete
2020-06-29 21:05:22, Info CSI 00000064 [SR] Verifying 100 components
2020-06-29 21:05:22, Info CSI 00000065 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:23, Info CSI 00000066 [SR] Verify complete
2020-06-29 21:05:23, Info CSI 00000067 [SR] Verifying 100 components
2020-06-29 21:05:23, Info CSI 00000068 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:24, Info CSI 00000069 [SR] Verify complete
2020-06-29 21:05:24, Info CSI 0000006a [SR] Verifying 100 components
2020-06-29 21:05:24, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:24, Info CSI 0000006c CSIPERF - FilePI Queue 142ms
2020-06-29 21:05:25, Info CSI 0000006d [SR] Verify complete
2020-06-29 21:05:25, Info CSI 0000006e [SR] Verifying 100 components
2020-06-29 21:05:25, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:25, Info CSI 00000070 [SR] Verify complete
2020-06-29 21:05:25, Info CSI 00000071 [SR] Verifying 100 components
2020-06-29 21:05:25, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:26, Info CSI 00000073 [SR] Verify complete
2020-06-29 21:05:26, Info CSI 00000074 [SR] Verifying 100 components
2020-06-29 21:05:26, Info CSI 00000075 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:27, Info CSI 00000076 [SR] Verify complete
2020-06-29 21:05:27, Info CSI 00000077 [SR] Verifying 100 components
2020-06-29 21:05:27, Info CSI 00000078 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:28, Info CSI 00000079 [SR] Verify complete
2020-06-29 21:05:28, Info CSI 0000007a [SR] Verifying 100 components
2020-06-29 21:05:28, Info CSI 0000007b [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:28, Info CSI 0000007c [SR] Verify complete
2020-06-29 21:05:28, Info CSI 0000007d [SR] Verifying 100 components
2020-06-29 21:05:28, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:29, Info CSI 0000007f [SR] Verify complete
2020-06-29 21:05:29, Info CSI 00000080 [SR] Verifying 100 components
2020-06-29 21:05:29, Info CSI 00000081 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:30, Info CSI 00000082 [SR] Verify complete
2020-06-29 21:05:30, Info CSI 00000083 [SR] Verifying 100 components
2020-06-29 21:05:30, Info CSI 00000084 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:32, Info CSI 00000085 [SR] Verify complete
2020-06-29 21:05:32, Info CSI 00000086 [SR] Verifying 100 components
2020-06-29 21:05:32, Info CSI 00000087 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:33, Info CSI 00000088 CSIPERF - FilePI Queue 154ms
2020-06-29 21:05:33, Info CSI 00000089 [SR] Verify complete
2020-06-29 21:05:33, Info CSI 0000008a [SR] Verifying 100 components
2020-06-29 21:05:33, Info CSI 0000008b [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:34, Info CSI 0000008c [SR] Verify complete
2020-06-29 21:05:34, Info CSI 0000008d [SR] Verifying 100 components
2020-06-29 21:05:34, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:36, Info CSI 0000008f Warning: Overlap: Directory \??\C:\WINDOWS\System32\drivers\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:05:36, Info CSI 00000090 Warning: Overlap: Directory \??\C:\WINDOWS\System32\wbem\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:05:36, Info CSI 00000091 Warning: Overlap: Directory \??\C:\WINDOWS\help\mui\0409\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:05:36, Info CSI 00000092 [SR] Verify complete
2020-06-29 21:05:36, Info CSI 00000093 [SR] Verifying 100 components
2020-06-29 21:05:36, Info CSI 00000094 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:38, Info CSI 00000095 [SR] Verify complete
2020-06-29 21:05:38, Info CSI 00000096 [SR] Verifying 100 components
2020-06-29 21:05:38, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:40, Info CSI 00000098 CSIPERF - FilePI Queue 161ms
2020-06-29 21:05:40, Info CSI 00000099 [SR] Verify complete
2020-06-29 21:05:40, Info CSI 0000009a [SR] Verifying 100 components
2020-06-29 21:05:40, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:41, Info CSI 0000009c [SR] Verify complete
2020-06-29 21:05:41, Info CSI 0000009d [SR] Verifying 100 components
2020-06-29 21:05:41, Info CSI 0000009e [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:42, Info CSI 0000009f CSIPERF - FilePI Queue 226ms
2020-06-29 21:05:42, Info CSI 000000a0 [SR] Verify complete
2020-06-29 21:05:42, Info CSI 000000a1 [SR] Verifying 100 components
2020-06-29 21:05:42, Info CSI 000000a2 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:43, Info CSI 000000a3 CSIPERF - FilePI Queue 132ms
2020-06-29 21:05:43, Info CSI 000000a4 [SR] Verify complete
2020-06-29 21:05:43, Info CSI 000000a5 [SR] Verifying 100 components
2020-06-29 21:05:43, Info CSI 000000a6 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:44, Info CSI 000000a7 [SR] Verify complete
2020-06-29 21:05:44, Info CSI 000000a8 [SR] Verifying 100 components
2020-06-29 21:05:44, Info CSI 000000a9 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:45, Info CSI 000000aa [SR] Verify complete
2020-06-29 21:05:45, Info CSI 000000ab [SR] Verifying 100 components
2020-06-29 21:05:45, Info CSI 000000ac [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:45, Info CSI 000000ad [SR] Verify complete
2020-06-29 21:05:45, Info CSI 000000ae [SR] Verifying 100 components
2020-06-29 21:05:45, Info CSI 000000af [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:46, Info CSI 000000b0 [SR] Verify complete
2020-06-29 21:05:46, Info CSI 000000b1 [SR] Verifying 100 components
2020-06-29 21:05:46, Info CSI 000000b2 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:47, Info CSI 000000b3 CSIPERF - FilePI Queue 105ms
2020-06-29 21:05:47, Info CSI 000000b4 [SR] Verify complete
2020-06-29 21:05:47, Info CSI 000000b5 [SR] Verifying 100 components
2020-06-29 21:05:47, Info CSI 000000b6 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:49, Info CSI 000000b7 CSIPERF - FilePI Queue 138ms
2020-06-29 21:05:49, Info CSI 000000b8 [SR] Verify complete
2020-06-29 21:05:49, Info CSI 000000b9 [SR] Verifying 100 components
2020-06-29 21:05:49, Info CSI 000000ba [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:50, Info CSI 000000bb [SR] Verify complete
2020-06-29 21:05:51, Info CSI 000000bc [SR] Verifying 100 components
2020-06-29 21:05:51, Info CSI 000000bd [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:51, Info CSI 000000be [SR] Verify complete
2020-06-29 21:05:51, Info CSI 000000bf [SR] Verifying 100 components
2020-06-29 21:05:51, Info CSI 000000c0 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:52, Info CSI 000000c1 [SR] Verify complete
2020-06-29 21:05:52, Info CSI 000000c2 [SR] Verifying 100 components
2020-06-29 21:05:52, Info CSI 000000c3 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:53, Info CSI 000000c4 [SR] Verify complete
2020-06-29 21:05:53, Info CSI 000000c5 [SR] Verifying 100 components
2020-06-29 21:05:53, Info CSI 000000c6 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:54, Info CSI 000000c7 [SR] Verify complete
2020-06-29 21:05:54, Info CSI 000000c8 [SR] Verifying 100 components
2020-06-29 21:05:54, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:54, Info CSI 000000ca CSIPERF - FilePI Queue 218ms
2020-06-29 21:05:55, Info CSI 000000cb [SR] Verify complete
2020-06-29 21:05:55, Info CSI 000000cc [SR] Verifying 100 components
2020-06-29 21:05:55, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:56, Info CSI 000000ce [SR] Verify complete
2020-06-29 21:05:56, Info CSI 000000cf [SR] Verifying 100 components
2020-06-29 21:05:56, Info CSI 000000d0 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:57, Info CSI 000000d1 [SR] Verify complete
2020-06-29 21:05:57, Info CSI 000000d2 [SR] Verifying 100 components
2020-06-29 21:05:57, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction
2020-06-29 21:05:59, Info CSI 000000d4 CSIPERF - FilePI Queue 216ms
2020-06-29 21:05:59, Info CSI 000000d5 CSIPERF - FilePI Queue 382ms
2020-06-29 21:06:00, Info CSI 000000d6 [SR] Verify complete
2020-06-29 21:06:00, Info CSI 000000d7 [SR] Verifying 100 components
2020-06-29 21:06:00, Info CSI 000000d8 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:00, Info CSI 000000d9 [SR] Verify complete
2020-06-29 21:06:01, Info CSI 000000da [SR] Verifying 100 components
2020-06-29 21:06:01, Info CSI 000000db [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:01, Info CSI 000000dc [SR] Verify complete
2020-06-29 21:06:01, Info CSI 000000dd [SR] Verifying 100 components
2020-06-29 21:06:01, Info CSI 000000de [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:02, Info CSI 000000df [SR] Verify complete
2020-06-29 21:06:02, Info CSI 000000e0 [SR] Verifying 100 components
2020-06-29 21:06:02, Info CSI 000000e1 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:03, Info CSI 000000e2 [SR] Verify complete
2020-06-29 21:06:03, Info CSI 000000e3 [SR] Verifying 100 components
2020-06-29 21:06:03, Info CSI 000000e4 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:04, Info CSI 000000e5 [SR] Verify complete
2020-06-29 21:06:04, Info CSI 000000e6 [SR] Verifying 100 components
2020-06-29 21:06:04, Info CSI 000000e7 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:05, Info CSI 000000e8 [SR] Verify complete
2020-06-29 21:06:05, Info CSI 000000e9 [SR] Verifying 100 components
2020-06-29 21:06:05, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:06, Info CSI 000000eb [SR] Verify complete
2020-06-29 21:06:06, Info CSI 000000ec [SR] Verifying 100 components
2020-06-29 21:06:06, Info CSI 000000ed [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:06, Info CSI 000000ee [SR] Verify complete
2020-06-29 21:06:07, Info CSI 000000ef [SR] Verifying 100 components
2020-06-29 21:06:07, Info CSI 000000f0 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:07, Info CSI 000000f1 [SR] Verify complete
2020-06-29 21:06:07, Info CSI 000000f2 [SR] Verifying 100 components
2020-06-29 21:06:07, Info CSI 000000f3 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:08, Info CSI 000000f4 [SR] Verify complete
2020-06-29 21:06:08, Info CSI 000000f5 [SR] Verifying 100 components
2020-06-29 21:06:08, Info CSI 000000f6 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:09, Info CSI 000000f7 [SR] Verify complete
2020-06-29 21:06:09, Info CSI 000000f8 [SR] Verifying 100 components
2020-06-29 21:06:09, Info CSI 000000f9 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:10, Info CSI 000000fa [SR] Verify complete
2020-06-29 21:06:10, Info CSI 000000fb [SR] Verifying 100 components
2020-06-29 21:06:10, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:10, Info CSI 000000fd [SR] Verify complete
2020-06-29 21:06:10, Info CSI 000000fe [SR] Verifying 100 components
2020-06-29 21:06:10, Info CSI 000000ff [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:11, Info CSI 00000100 [SR] Verify complete
2020-06-29 21:06:11, Info CSI 00000101 [SR] Verifying 100 components
2020-06-29 21:06:11, Info CSI 00000102 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:12, Info CSI 00000103 [SR] Verify complete
2020-06-29 21:06:12, Info CSI 00000104 [SR] Verifying 100 components
2020-06-29 21:06:12, Info CSI 00000105 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:12, Info CSI 00000106 [SR] Verify complete
2020-06-29 21:06:13, Info CSI 00000107 [SR] Verifying 100 components
2020-06-29 21:06:13, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:13, Info CSI 00000109 [SR] Verify complete
2020-06-29 21:06:13, Info CSI 0000010a [SR] Verifying 100 components
2020-06-29 21:06:13, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:14, Info CSI 0000010c [SR] Verify complete
2020-06-29 21:06:14, Info CSI 0000010d [SR] Verifying 100 components
2020-06-29 21:06:14, Info CSI 0000010e [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:15, Info CSI 0000010f [SR] Verify complete
2020-06-29 21:06:15, Info CSI 00000110 [SR] Verifying 100 components
2020-06-29 21:06:15, Info CSI 00000111 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:16, Info CSI 00000112 [SR] Verify complete
2020-06-29 21:06:16, Info CSI 00000113 [SR] Verifying 100 components
2020-06-29 21:06:16, Info CSI 00000114 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:16, Info CSI 00000115 [SR] Verify complete
2020-06-29 21:06:16, Info CSI 00000116 [SR] Verifying 100 components
2020-06-29 21:06:16, Info CSI 00000117 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:17, Info CSI 00000118 [SR] Verify complete
2020-06-29 21:06:17, Info CSI 00000119 [SR] Verifying 100 components
2020-06-29 21:06:17, Info CSI 0000011a [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:18, Info CSI 0000011b CSIPERF - FilePI Queue 121ms
2020-06-29 21:06:18, Info CSI 0000011c [SR] Verify complete
2020-06-29 21:06:18, Info CSI 0000011d [SR] Verifying 100 components
2020-06-29 21:06:18, Info CSI 0000011e [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:19, Info CSI 0000011f [SR] Verify complete
2020-06-29 21:06:19, Info CSI 00000120 [SR] Verifying 100 components
2020-06-29 21:06:19, Info CSI 00000121 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:21, Info CSI 00000122 CSIPERF - FilePI Queue 103ms
2020-06-29 21:06:21, Info CSI 00000123 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:06:21, Info CSI 00000124 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:06:21, Info CSI 00000125 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:06:21, Info CSI 00000126 CSIPERF - FilePI Queue 110ms
2020-06-29 21:06:21, Info CSI 00000127 [SR] Verify complete
2020-06-29 21:06:22, Info CSI 00000128 [SR] Verifying 100 components
2020-06-29 21:06:22, Info CSI 00000129 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:23, Info CSI 0000012a [SR] Verify complete
2020-06-29 21:06:23, Info CSI 0000012b [SR] Verifying 100 components
2020-06-29 21:06:23, Info CSI 0000012c [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:24, Info CSI 0000012d [SR] Verify complete
2020-06-29 21:06:24, Info CSI 0000012e [SR] Verifying 100 components
2020-06-29 21:06:24, Info CSI 0000012f [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:25, Info CSI 00000130 [SR] Verify complete
2020-06-29 21:06:25, Info CSI 00000131 [SR] Verifying 100 components
2020-06-29 21:06:25, Info CSI 00000132 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:26, Info CSI 00000133 CSIPERF - FilePI Queue 107ms
2020-06-29 21:06:26, Info CSI 00000134 [SR] Verify complete
2020-06-29 21:06:26, Info CSI 00000135 [SR] Verifying 100 components
2020-06-29 21:06:26, Info CSI 00000136 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:27, Info CSI 00000137 [SR] Verify complete
2020-06-29 21:06:27, Info CSI 00000138 [SR] Verifying 100 components
2020-06-29 21:06:27, Info CSI 00000139 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:28, Info CSI 0000013a [SR] Verify complete
2020-06-29 21:06:28, Info CSI 0000013b [SR] Verifying 100 components
2020-06-29 21:06:28, Info CSI 0000013c [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:29, Info CSI 0000013d [SR] Verify complete
2020-06-29 21:06:29, Info CSI 0000013e [SR] Verifying 100 components
2020-06-29 21:06:29, Info CSI 0000013f [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:30, Info CSI 00000140 [SR] Verify complete
2020-06-29 21:06:30, Info CSI 00000141 [SR] Verifying 100 components
2020-06-29 21:06:30, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:31, Info CSI 00000143 CSIPERF - FilePI Queue 117ms
2020-06-29 21:06:31, Info CSI 00000144 CSIPERF - FilePI Queue 102ms
2020-06-29 21:06:32, Info CSI 00000145 [SR] Verify complete
2020-06-29 21:06:32, Info CSI 00000146 [SR] Verifying 100 components
2020-06-29 21:06:32, Info CSI 00000147 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:33, Info CSI 00000148 [SR] Verify complete
2020-06-29 21:06:33, Info CSI 00000149 [SR] Verifying 100 components
2020-06-29 21:06:33, Info CSI 0000014a [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:33, Info CSI 0000014b [SR] Verify complete
2020-06-29 21:06:34, Info CSI 0000014c [SR] Verifying 100 components
2020-06-29 21:06:34, Info CSI 0000014d [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:34, Info CSI 0000014e [SR] Verify complete
2020-06-29 21:06:34, Info CSI 0000014f [SR] Verifying 100 components
2020-06-29 21:06:34, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:35, Info CSI 00000151 [SR] Verify complete
2020-06-29 21:06:35, Info CSI 00000152 [SR] Verifying 100 components
2020-06-29 21:06:35, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:36, Info CSI 00000154 [SR] Verify complete
2020-06-29 21:06:36, Info CSI 00000155 [SR] Verifying 100 components
2020-06-29 21:06:36, Info CSI 00000156 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:37, Info CSI 00000157 CSIPERF - FilePI Queue 166ms
2020-06-29 21:06:37, Info CSI 00000158 [SR] Verify complete
2020-06-29 21:06:37, Info CSI 00000159 [SR] Verifying 100 components
2020-06-29 21:06:37, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:38, Info CSI 0000015b [SR] Verify complete
2020-06-29 21:06:38, Info CSI 0000015c [SR] Verifying 100 components
2020-06-29 21:06:38, Info CSI 0000015d [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:39, Info CSI 0000015e [SR] Verify complete
2020-06-29 21:06:40, Info CSI 0000015f [SR] Verifying 100 components
2020-06-29 21:06:40, Info CSI 00000160 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:40, Info CSI 00000161 [SR] Verify complete
2020-06-29 21:06:40, Info CSI 00000162 [SR] Verifying 100 components
2020-06-29 21:06:40, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:42, Info CSI 00000164 [SR] Verify complete
2020-06-29 21:06:42, Info CSI 00000165 [SR] Verifying 100 components
2020-06-29 21:06:42, Info CSI 00000166 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:42, Info CSI 00000167 [SR] Verify complete
2020-06-29 21:06:42, Info CSI 00000168 [SR] Verifying 100 components
2020-06-29 21:06:42, Info CSI 00000169 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:43, Info CSI 0000016a [SR] Verify complete
2020-06-29 21:06:43, Info CSI 0000016b [SR] Verifying 100 components
2020-06-29 21:06:43, Info CSI 0000016c [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:43, Info CSI 0000016d [SR] Verify complete
2020-06-29 21:06:44, Info CSI 0000016e [SR] Verifying 100 components
2020-06-29 21:06:44, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:44, Info CSI 00000170 [SR] Verify complete
2020-06-29 21:06:44, Info CSI 00000171 [SR] Verifying 100 components
2020-06-29 21:06:44, Info CSI 00000172 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:45, Info CSI 00000173 [SR] Verify complete
2020-06-29 21:06:45, Info CSI 00000174 [SR] Verifying 100 components
2020-06-29 21:06:45, Info CSI 00000175 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:46, Info CSI 00000176 [SR] Verify complete
2020-06-29 21:06:46, Info CSI 00000177 [SR] Verifying 100 components
2020-06-29 21:06:46, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:47, Info CSI 00000179 [SR] Verify complete
2020-06-29 21:06:47, Info CSI 0000017a [SR] Verifying 100 components
2020-06-29 21:06:47, Info CSI 0000017b [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:48, Info CSI 0000017c CSIPERF - FilePI Queue 174ms
2020-06-29 21:06:48, Info CSI 0000017d [SR] Verify complete
2020-06-29 21:06:48, Info CSI 0000017e [SR] Verifying 100 components
2020-06-29 21:06:48, Info CSI 0000017f [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:49, Info CSI 00000180 [SR] Verify complete
2020-06-29 21:06:49, Info CSI 00000181 [SR] Verifying 100 components
2020-06-29 21:06:49, Info CSI 00000182 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:50, Info CSI 00000183 [SR] Verify complete
2020-06-29 21:06:50, Info CSI 00000184 [SR] Verifying 100 components
2020-06-29 21:06:50, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:50, Info CSI 00000186 [SR] Verify complete
2020-06-29 21:06:50, Info CSI 00000187 [SR] Verifying 100 components
2020-06-29 21:06:50, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:51, Info CSI 00000189 [SR] Verify complete
2020-06-29 21:06:51, Info CSI 0000018a [SR] Verifying 100 components
2020-06-29 21:06:51, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:52, Info CSI 0000018c [SR] Verify complete
2020-06-29 21:06:52, Info CSI 0000018d [SR] Verifying 100 components
2020-06-29 21:06:52, Info CSI 0000018e [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:53, Info CSI 0000018f [SR] Verify complete
2020-06-29 21:06:53, Info CSI 00000190 [SR] Verifying 100 components
2020-06-29 21:06:53, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:54, Info CSI 00000192 [SR] Verify complete
2020-06-29 21:06:54, Info CSI 00000193 [SR] Verifying 100 components
2020-06-29 21:06:54, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:54, Info CSI 00000195 [SR] Verify complete
2020-06-29 21:06:54, Info CSI 00000196 [SR] Verifying 100 components
2020-06-29 21:06:54, Info CSI 00000197 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:55, Info CSI 00000198 [SR] Verify complete
2020-06-29 21:06:55, Info CSI 00000199 [SR] Verifying 100 components
2020-06-29 21:06:55, Info CSI 0000019a [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:56, Info CSI 0000019b [SR] Verify complete
2020-06-29 21:06:56, Info CSI 0000019c [SR] Verifying 100 components
2020-06-29 21:06:56, Info CSI 0000019d [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:56, Info CSI 0000019e [SR] Verify complete
2020-06-29 21:06:56, Info CSI 0000019f [SR] Verifying 100 components
2020-06-29 21:06:56, Info CSI 000001a0 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:57, Info CSI 000001a1 [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpEngine.dll from store
2020-06-29 21:06:58, Info CSI 000001a2 [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpAsBase.vdm from store
2020-06-29 21:06:58, Info CSI 000001a3 [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpAsDlta.vdm from store
2020-06-29 21:06:58, Info CSI 000001a4 [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpAvBase.vdm from store
2020-06-29 21:06:58, Info CSI 000001a5 [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpAvDlta.vdm from store
2020-06-29 21:06:58, Info CSI 000001a6 CSIPERF - FilePI Queue 412ms
2020-06-29 21:06:58, Info CSI 000001a7 [SR] Verify complete
2020-06-29 21:06:58, Info CSI 000001a8 [SR] Verifying 100 components
2020-06-29 21:06:58, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
2020-06-29 21:06:59, Info CSI 000001aa [SR] Verify complete
2020-06-29 21:06:59, Info CSI 000001ab [SR] Verifying 100 components
2020-06-29 21:06:59, Info CSI 000001ac [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:00, Info CSI 000001ad [SR] Verify complete
2020-06-29 21:07:00, Info CSI 000001ae [SR] Verifying 100 components
2020-06-29 21:07:00, Info CSI 000001af [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:01, Info CSI 000001b0 [SR] Verify complete
2020-06-29 21:07:01, Info CSI 000001b1 [SR] Verifying 100 components
2020-06-29 21:07:01, Info CSI 000001b2 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:01, Info CSI 000001b3 [SR] Verify complete
2020-06-29 21:07:01, Info CSI 000001b4 [SR] Verifying 100 components
2020-06-29 21:07:01, Info CSI 000001b5 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:02, Info CSI 000001b6 [SR] Verify complete
2020-06-29 21:07:02, Info CSI 000001b7 [SR] Verifying 100 components
2020-06-29 21:07:02, Info CSI 000001b8 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:02, Info CSI 000001b9 [SR] Verify complete
2020-06-29 21:07:03, Info CSI 000001ba [SR] Verifying 100 components
2020-06-29 21:07:03, Info CSI 000001bb [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:03, Info CSI 000001bc [SR] Verify complete
2020-06-29 21:07:03, Info CSI 000001bd [SR] Verifying 100 components
2020-06-29 21:07:03, Info CSI 000001be [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:04, Info CSI 000001bf [SR] Verify complete
2020-06-29 21:07:04, Info CSI 000001c0 [SR] Verifying 100 components
2020-06-29 21:07:04, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:04, Info CSI 000001c2 [SR] Verify complete
2020-06-29 21:07:04, Info CSI 000001c3 [SR] Verifying 100 components
2020-06-29 21:07:04, Info CSI 000001c4 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:05, Info CSI 000001c5 [SR] Verify complete
2020-06-29 21:07:05, Info CSI 000001c6 [SR] Verifying 100 components
2020-06-29 21:07:05, Info CSI 000001c7 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:06, Info CSI 000001c8 [SR] Verify complete
2020-06-29 21:07:06, Info CSI 000001c9 [SR] Verifying 100 components
2020-06-29 21:07:06, Info CSI 000001ca [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:06, Info CSI 000001cb [SR] Verify complete
2020-06-29 21:07:07, Info CSI 000001cc [SR] Verifying 100 components
2020-06-29 21:07:07, Info CSI 000001cd [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:07, Info CSI 000001ce CSIPERF - FilePI Queue 116ms
2020-06-29 21:07:07, Info CSI 000001cf [SR] Verify complete
2020-06-29 21:07:08, Info CSI 000001d0 [SR] Verifying 100 components
2020-06-29 21:07:08, Info CSI 000001d1 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:08, Info CSI 000001d2 [SR] Verify complete
2020-06-29 21:07:08, Info CSI 000001d3 [SR] Verifying 100 components
2020-06-29 21:07:08, Info CSI 000001d4 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:09, Info CSI 000001d5 [SR] Verify complete
2020-06-29 21:07:09, Info CSI 000001d6 [SR] Verifying 100 components
2020-06-29 21:07:09, Info CSI 000001d7 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:10, Info CSI 000001d8 [SR] Verify complete
2020-06-29 21:07:10, Info CSI 000001d9 [SR] Verifying 100 components
2020-06-29 21:07:10, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:11, Info CSI 000001db [SR] Verify complete
2020-06-29 21:07:11, Info CSI 000001dc [SR] Verifying 100 components
2020-06-29 21:07:11, Info CSI 000001dd [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:11, Info CSI 000001de [SR] Verify complete
2020-06-29 21:07:12, Info CSI 000001df [SR] Verifying 100 components
2020-06-29 21:07:12, Info CSI 000001e0 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:12, Info CSI 000001e1 [SR] Verify complete
2020-06-29 21:07:12, Info CSI 000001e2 [SR] Verifying 100 components
2020-06-29 21:07:12, Info CSI 000001e3 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:13, Info CSI 000001e4 [SR] Verify complete
2020-06-29 21:07:13, Info CSI 000001e5 [SR] Verifying 100 components
2020-06-29 21:07:13, Info CSI 000001e6 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:15, Info CSI 000001e7 [SR] Verify complete
2020-06-29 21:07:15, Info CSI 000001e8 [SR] Verifying 100 components
2020-06-29 21:07:15, Info CSI 000001e9 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:15, Info CSI 000001ea Warning: Overlap: Directory \??\C:\WINDOWS\SysWOW64\drivers\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:07:15, Info CSI 000001eb Warning: Overlap: Directory \??\C:\WINDOWS\SysWOW64\wbem\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:07:15, Info CSI 000001ec Warning: Overlap: Directory \??\C:\WINDOWS\help\mui\0409\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.18362.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:07:15, Info CSI 000001ed [SR] Verify complete
2020-06-29 21:07:15, Info CSI 000001ee [SR] Verifying 100 components
2020-06-29 21:07:15, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:16, Info CSI 000001f0 [SR] Verify complete
2020-06-29 21:07:16, Info CSI 000001f1 [SR] Verifying 100 components
2020-06-29 21:07:16, Info CSI 000001f2 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:17, Info CSI 000001f3 [SR] Verify complete
2020-06-29 21:07:17, Info CSI 000001f4 [SR] Verifying 100 components
2020-06-29 21:07:17, Info CSI 000001f5 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:17, Info CSI 000001f6 [SR] Verify complete
2020-06-29 21:07:17, Info CSI 000001f7 [SR] Verifying 100 components
2020-06-29 21:07:17, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:18, Info CSI 000001f9 [SR] Verify complete
2020-06-29 21:07:18, Info CSI 000001fa [SR] Verifying 100 components
2020-06-29 21:07:18, Info CSI 000001fb [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:19, Info CSI 000001fc CSIPERF - FilePI Queue 101ms
2020-06-29 21:07:19, Info CSI 000001fd CSIPERF - FilePI Queue 149ms
2020-06-29 21:07:19, Info CSI 000001fe [SR] Verify complete
2020-06-29 21:07:20, Info CSI 000001ff [SR] Verifying 100 components
2020-06-29 21:07:20, Info CSI 00000200 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:21, Info CSI 00000201 [SR] Verify complete
2020-06-29 21:07:21, Info CSI 00000202 [SR] Verifying 100 components
2020-06-29 21:07:21, Info CSI 00000203 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:22, Info CSI 00000204 [SR] Verify complete
2020-06-29 21:07:22, Info CSI 00000205 [SR] Verifying 100 components
2020-06-29 21:07:22, Info CSI 00000206 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:23, Info CSI 00000207 [SR] Verify complete
2020-06-29 21:07:23, Info CSI 00000208 [SR] Verifying 100 components
2020-06-29 21:07:23, Info CSI 00000209 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:24, Info CSI 0000020a [SR] Verify complete
2020-06-29 21:07:24, Info CSI 0000020b [SR] Verifying 100 components
2020-06-29 21:07:24, Info CSI 0000020c [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:25, Info CSI 0000020d [SR] Verify complete
2020-06-29 21:07:25, Info CSI 0000020e [SR] Verifying 100 components
2020-06-29 21:07:25, Info CSI 0000020f [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:26, Info CSI 00000210 [SR] Verify complete
2020-06-29 21:07:26, Info CSI 00000211 [SR] Verifying 100 components
2020-06-29 21:07:26, Info CSI 00000212 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:27, Info CSI 00000213 CSIPERF - FilePI Queue 128ms
2020-06-29 21:07:27, Info CSI 00000214 [SR] Verify complete
2020-06-29 21:07:27, Info CSI 00000215 [SR] Verifying 100 components
2020-06-29 21:07:27, Info CSI 00000216 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:28, Info CSI 00000217 [SR] Verify complete
2020-06-29 21:07:28, Info CSI 00000218 [SR] Verifying 100 components
2020-06-29 21:07:28, Info CSI 00000219 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:29, Info CSI 0000021a [SR] Verify complete
2020-06-29 21:07:29, Info CSI 0000021b [SR] Verifying 100 components
2020-06-29 21:07:29, Info CSI 0000021c [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:29, Info CSI 0000021d [SR] Verify complete
2020-06-29 21:07:30, Info CSI 0000021e [SR] Verifying 100 components
2020-06-29 21:07:30, Info CSI 0000021f [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:30, Info CSI 00000220 [SR] Verify complete
2020-06-29 21:07:30, Info CSI 00000221 [SR] Verifying 100 components
2020-06-29 21:07:30, Info CSI 00000222 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:31, Info CSI 00000223 [SR] Verify complete
2020-06-29 21:07:31, Info CSI 00000224 [SR] Verifying 100 components
2020-06-29 21:07:31, Info CSI 00000225 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:32, Info CSI 00000226 Warning: Overlap: Directory \??\C:\Program Files (x86)\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:07:32, Info CSI 00000227 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:07:32, Info CSI 00000228 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:07:32, Info CSI 00000229 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.18362.900, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2020-06-29 21:07:32, Info CSI 0000022a [SR] Verify complete
2020-06-29 21:07:32, Info CSI 0000022b [SR] Verifying 100 components
2020-06-29 21:07:32, Info CSI 0000022c [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:33, Info CSI 0000022d [SR] Verify complete
2020-06-29 21:07:33, Info CSI 0000022e [SR] Verifying 100 components
2020-06-29 21:07:33, Info CSI 0000022f [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:34, Info CSI 00000230 [SR] Verify complete
2020-06-29 21:07:34, Info CSI 00000231 [SR] Verifying 100 components
2020-06-29 21:07:34, Info CSI 00000232 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:35, Info CSI 00000233 [SR] Verify complete
2020-06-29 21:07:35, Info CSI 00000234 [SR] Verifying 100 components
2020-06-29 21:07:35, Info CSI 00000235 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:36, Info CSI 00000236 [SR] Verify complete
2020-06-29 21:07:36, Info CSI 00000237 [SR] Verifying 100 components
2020-06-29 21:07:36, Info CSI 00000238 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:36, Info CSI 00000239 CSIPERF - FilePI Queue 135ms
2020-06-29 21:07:37, Info CSI 0000023a [SR] Verify complete
2020-06-29 21:07:37, Info CSI 0000023b [SR] Verifying 100 components
2020-06-29 21:07:37, Info CSI 0000023c [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:37, Info CSI 0000023d [SR] Verify complete
2020-06-29 21:07:38, Info CSI 0000023e [SR] Verifying 100 components
2020-06-29 21:07:38, Info CSI 0000023f [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:38, Info CSI 00000240 [SR] Verify complete
2020-06-29 21:07:38, Info CSI 00000241 [SR] Verifying 100 components
2020-06-29 21:07:38, Info CSI 00000242 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:39, Info CSI 00000243 [SR] Verify complete
2020-06-29 21:07:39, Info CSI 00000244 [SR] Verifying 100 components
2020-06-29 21:07:39, Info CSI 00000245 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:40, Info CSI 00000246 [SR] Verify complete
2020-06-29 21:07:40, Info CSI 00000247 [SR] Verifying 100 components
2020-06-29 21:07:40, Info CSI 00000248 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:41, Info CSI 00000249 [SR] Verify complete
2020-06-29 21:07:41, Info CSI 0000024a [SR] Verifying 100 components
2020-06-29 21:07:41, Info CSI 0000024b [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:42, Info CSI 0000024c [SR] Verify complete
2020-06-29 21:07:42, Info CSI 0000024d [SR] Verifying 100 components
2020-06-29 21:07:42, Info CSI 0000024e [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:43, Info CSI 0000024f [SR] Verify complete
2020-06-29 21:07:43, Info CSI 00000250 [SR] Verifying 100 components
2020-06-29 21:07:43, Info CSI 00000251 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:43, Info CSI 00000252 [SR] Verify complete
2020-06-29 21:07:44, Info CSI 00000253 [SR] Verifying 100 components
2020-06-29 21:07:44, Info CSI 00000254 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:44, Info CSI 00000255 [SR] Verify complete
2020-06-29 21:07:45, Info CSI 00000256 [SR] Verifying 100 components
2020-06-29 21:07:45, Info CSI 00000257 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:45, Info CSI 00000258 [SR] Verify complete
2020-06-29 21:07:45, Info CSI 00000259 [SR] Verifying 100 components
2020-06-29 21:07:45, Info CSI 0000025a [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:46, Info CSI 0000025b [SR] Verify complete
2020-06-29 21:07:46, Info CSI 0000025c [SR] Verifying 100 components
2020-06-29 21:07:46, Info CSI 0000025d [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:47, Info CSI 0000025e Hashes for file member [l:12]'mscormmc.dll' do not match.
Expected: {l:32 ml:33 b:0a7002ddb80379b6e5965c91e0286cd87db22bfdc61b0d1e743e5eeb8b570edc}.
Actual: {l:32 b:714e7020fd3892f6a4b205cf36496089e3015caa0e389982e2004ac3623cb694}.
2020-06-29 21:07:47, Info CSI 0000025f [SR] Repairing corrupted file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2020-06-29 21:07:47, Info CSI 00000260 [SR] Verify complete
2020-06-29 21:07:47, Info CSI 00000261 [SR] Verifying 100 components
2020-06-29 21:07:47, Info CSI 00000262 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:47, Info CSI 00000263 [SR] Verify complete
2020-06-29 21:07:47, Info CSI 00000264 [SR] Verifying 100 components
2020-06-29 21:07:47, Info CSI 00000265 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:48, Info CSI 00000266 CSIPERF - FilePI Queue 144ms
2020-06-29 21:07:48, Info CSI 00000267 [SR] Verify complete
2020-06-29 21:07:48, Info CSI 00000268 [SR] Verifying 100 components
2020-06-29 21:07:48, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:49, Info CSI 0000026a [SR] Verify complete
2020-06-29 21:07:49, Info CSI 0000026b [SR] Verifying 100 components
2020-06-29 21:07:49, Info CSI 0000026c [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:50, Info CSI 0000026d [SR] Verify complete
2020-06-29 21:07:50, Info CSI 0000026e [SR] Verifying 82 components
2020-06-29 21:07:50, Info CSI 0000026f [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:51, Info CSI 00000270 [SR] Verify complete
2020-06-29 21:07:51, Info CSI 00000271 [SR] Repairing 3 components
2020-06-29 21:07:51, Info CSI 00000272 [SR] Beginning Verify and Repair transaction
2020-06-29 21:07:51, Info CSI 00000273 Hashes for file member [l:12]'mscormmc.dll' do not match.
Expected: {l:32 ml:33 b:0a7002ddb80379b6e5965c91e0286cd87db22bfdc61b0d1e743e5eeb8b570edc}.
Actual: {l:32 b:714e7020fd3892f6a4b205cf36496089e3015caa0e389982e2004ac3623cb694}.
2020-06-29 21:07:51, Info CSI 00000274 [SR] Repairing corrupted file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2020-06-29 21:07:51, Info CSI 00000275 [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpAsBase.vdm from store
2020-06-29 21:07:51, Info CSI 00000276 [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpAsDlta.vdm from store
2020-06-29 21:07:52, Info CSI 00000277 [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpAvBase.vdm from store
2020-06-29 21:07:52, Info CSI 00000278 [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpAvDlta.vdm from store
2020-06-29 21:07:52, Info CSI 00000279 CSIPERF - FilePI Queue 382ms
2020-06-29 21:07:52, Info CSI 0000027a [SR] Repairing corrupted file \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\\MpEngine.dll from store
2020-06-29 21:07:52, Info CSI 0000027b [SR] Repair complete
2020-06-29 21:07:52, Info CSI 0000027c [SR] Committing transaction
2020-06-29 21:07:52, Info CSI 0000027d Creating NT transaction (seq 1)
2020-06-29 21:07:52, Info CSI 0000027e Created NT transaction (seq 1) result 0x00000000, handle @0x810
2020-06-29 21:07:52, Info CSI 0000027f@2020/6/29:19:07:52.259 Beginning NT transaction commit...
2020-06-29 21:07:52, Info CSI 00000280@2020/6/29:19:07:52.268 CSI perf trace:
CSIPERF:TXCOMMIT;9761
2020-06-29 21:07:52, Info CSI 00000281 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: BSOD Kernel, možná virus?

#10 Příspěvek od Rudy »

OK. Nyní vyzkoušejte PC v běžném provozu a v případě problému se ozvěte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bojimso
2. Stupeň Varování
Příspěvky: 280
Registrován: 08 bře 2007 14:56

Re: BSOD Kernel, možná virus?

#11 Příspěvek od bojimso »

Dobře, nechal bych to otevřené třeba do konce týdne a potom bych napsal, jak to dopadlo, zatím děkuji :all_coholic:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: BSOD Kernel, možná virus?

#12 Příspěvek od Rudy »

Samozřejmě nechám. Ozvěte se. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bojimso
2. Stupeň Varování
Příspěvky: 280
Registrován: 08 bře 2007 14:56

Re: BSOD Kernel, možná virus?

#13 Příspěvek od bojimso »

Dobrý den,
vypadá to dobře, BSOD se již od pondělí neukázal, tak asi VYŘEŠENO a můžeme zamknout, kdyžtak zopakuju výše uvedený postup znovu, děkuji :| :happy:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: BSOD Kernel, možná virus?

#14 Příspěvek od Rudy »

OK a díky za informaci. Zamykám. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno