Stránka 1 z 1

Pripojenie na wordpress z mojej IP adresy

Napsal: 22 zář 2020 11:27
od janyoa
Znamy mi napisal ze z mojej adresy detekuje malwer, ktory sa pripaja na stranku s wordpressom. Mam aj zapamatane hesla v prehliadaci. Ako dostranim tento malware ? Antivir nemam. Posielam FRST logy:
FRST.txt:
  • Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2020
    Ran by janka (administrator) on DESKTOP-JTN4QRJ (Dell Inc. Latitude E6420) (22-09-2020 12:10:52)
    Running from C:\Users\janka\Desktop
    Loaded Profiles: janka
    Platform: Windows 10 Pro Version 1903 18362.1082 (X64) Language: Czech (Czechia)
    Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1"
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
    (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
    (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
    (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
    (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <12>
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\105.4.651\QtWebEngineProcess.exe <2>
    (F.lux Software LLC -> f.lux Software LLC) C:\Users\janka\AppData\Local\FluxSoftware\Flux\flux.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12009.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
    (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
    (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
    HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
    HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7651840 2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
    HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3315280 2019-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
    HKU\S-1-5-21-1613077741-2981613164-655858909-1001\...\Run: [f.lux] => C:\Users\janka\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
    HKU\S-1-5-21-1613077741-2981613164-655858909-1001\...\Run: [CCXProcess] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"
    HKU\S-1-5-21-1613077741-2981613164-655858909-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2075816 2020-09-12] (Brave Software, Inc. -> Brave Software, Inc.)
    HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -new-window --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session hxxps://assist.zoho.com/custome (the data entry has 31 more characters).
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-11] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\85.1.14.81\Installer\chrmstp.exe [2020-09-16] (Brave Software, Inc. -> Brave Software, Inc.)
    Startup: C:\Users\janka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-03-26]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {12005D59-5CEF-4D05-8DA2-C455DFB12079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
    Task: {1E746B1E-82BD-463B-8D9C-AF24A1AF04D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {327B18CF-69BC-491A-B17B-E165F02341F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {3BA6343D-DD6E-41BA-9189-04DEAFCD1A50} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Task: {49AC4AE8-D26E-4C93-AE1E-EAAB837A58F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
    Task: {54A8BCCB-09F5-4776-AB11-9A42D71A7F47} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
    Task: {6A0E588D-9751-48FF-B09D-F0C528DA2C36} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-01-17] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {6E29914B-33B1-456F-8511-86D85926D6D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057952 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Task: {7152A2AF-7C34-4C97-BFE5-5C212747E206} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-24] (Brave Software, Inc. -> BraveSoftware Inc.)
    Task: {83FE905B-F4E9-415E-BF0A-4C3A1D892A64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {A0439B45-C5B9-467B-BC69-16883353609B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Task: {C09CC0CA-02BB-4BEC-8683-0254205B7528} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5057952 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Task: {D404CF8B-0610-489E-8283-DD4B23C84BCE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {DC179295-A6E8-400C-AF39-18F1C67A6B0A} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-24] (Brave Software, Inc. -> BraveSoftware Inc.)
    Task: {F321064D-67BE-4417-AE49-1AC47E3B7CB3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
    Task: {F9AFA2D4-1AAE-476C-A057-A6A5805B3F64} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    Task: {F9C8D95E-4A06-402C-ACAF-46867C418987} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-01-17] (Dropbox, Inc -> Dropbox, Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{40108dad-f600-4fbe-b5f1-a6dd4943ffdd}: [DhcpNameServer] 192.168.1.1

    Edge:
    ======
    Edge DefaultProfile: Default
    Edge Profile: C:\Users\janka\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-21]

    FireFox:
    ========
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-12-24] (Brave Software, Inc. -> BraveSoftware Inc.)
    FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-12-24] (Brave Software, Inc. -> BraveSoftware Inc.)
    FF Plugin HKU\S-1-5-21-1613077741-2981613164-655858909-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\janka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-02-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

    Chrome:
    =======
    CHR Profile: C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default [2020-09-22]
    CHR Extension: (Slides) - C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-11]
    CHR Extension: (Docs) - C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-11]
    CHR Extension: (Google Drive) - C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-11]
    CHR Extension: (YouTube) - C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-11]
    CHR Extension: (Sheets) - C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-11]
    CHR Extension: (Google Docs Offline) - C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-16]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-11]
    CHR Extension: (Gmail) - C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-11]
    CHR Extension: (Chrome Media Router) - C:\Users\janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-08]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
    S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-24] (Brave Software, Inc. -> BraveSoftware Inc.)
    S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-12-24] (Brave Software, Inc. -> BraveSoftware Inc.)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-01-17] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-01-17] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6150504 2020-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
    S2 Stereo Service; "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe" [X]

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-12-24] (Microsoft Corporation) [File not signed]
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
    R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
    S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-09-22 12:10 - 2020-09-22 12:11 - 000018326 _____ C:\Users\janka\Desktop\FRST.txt
    2020-09-22 12:10 - 2020-09-22 12:11 - 000000000 ____D C:\FRST
    2020-09-22 12:08 - 2020-09-22 12:08 - 002299392 _____ (Farbar) C:\Users\janka\Desktop\FRST64.exe
    2020-09-18 16:42 - 2020-09-18 16:48 - 000236648 _____ C:\Users\janka\Desktop\Bottechia PRICELIST 2021.pdf
    2020-09-18 16:08 - 2020-09-18 16:49 - 000068646 _____ C:\Users\janka\Desktop\Bottechia PRICELIST 2021 _ .xlsx
    2020-09-18 11:32 - 2020-09-18 11:32 - 000109397 _____ C:\Users\janka\Desktop\freeng-sheets-for-toddlers-mason-jar-crafts-kids-to-print-out-and-preschoolers-printable-672x965.jpeg
    2020-09-18 10:28 - 2020-09-18 10:28 - 000017174 _____ C:\Users\janka\Desktop\D-DNT-152.pdf
    2020-09-17 10:05 - 2020-09-17 10:05 - 000147655 _____ C:\Users\janka\Desktop\re-02615.pdf
    2020-09-16 16:02 - 2020-09-16 16:02 - 000017537 _____ C:\Users\janka\Desktop\D-DNT-150.pdf
    2020-09-16 15:32 - 2020-09-17 15:43 - 000711576 _____ C:\Users\janka\Desktop\PE444_03_MN.PDF
    2020-09-15 15:12 - 2020-09-15 15:12 - 000146747 _____ C:\Users\janka\Desktop\re-02533 (1).pdf
    2020-09-15 15:05 - 2020-09-15 15:05 - 000146747 _____ C:\Users\janka\Desktop\re-02533.pdf
    2020-09-15 10:06 - 2020-09-15 10:06 - 000129112 _____ C:\Users\janka\Desktop\RMA_DNT_41 Intruder Alicante .pdf
    2020-09-15 10:05 - 2020-09-15 10:05 - 000060209 _____ C:\Users\janka\Desktop\RMA_DNffT.xlsx
    2020-09-15 09:04 - 2020-09-15 09:04 - 000057390 _____ C:\Users\janka\Desktop\PO-92.pdf
    2020-09-11 09:17 - 2020-09-11 09:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2020-09-11 09:15 - 2020-09-11 09:15 - 000014578 _____ C:\Users\janka\Desktop\R. Winkler (002).xlsx
    2020-09-11 09:11 - 2020-09-11 09:11 - 000014091 _____ C:\Users\janka\Desktop\Copy of R. Winkler (002).xlsx
    2020-09-10 14:25 - 2020-09-10 14:25 - 000149723 _____ C:\Users\janka\Desktop\re-02506.pdf
    2020-09-10 09:46 - 2020-09-10 09:46 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2020-09-10 09:46 - 2020-09-10 09:46 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2020-09-10 09:46 - 2020-09-10 09:46 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
    2020-09-10 09:46 - 2020-09-10 09:46 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
    2020-09-10 09:46 - 2020-09-10 09:46 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
    2020-09-10 09:46 - 2020-09-10 09:46 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
    2020-09-10 09:46 - 2020-09-10 09:46 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
    2020-09-10 09:46 - 2020-09-10 09:46 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
    2020-09-10 09:46 - 2020-09-10 09:46 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2020-09-10 09:46 - 2020-09-10 09:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
    2020-09-10 09:46 - 2020-09-10 09:46 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2020-09-10 09:46 - 2020-09-10 09:46 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
    2020-09-10 09:46 - 2020-09-10 09:46 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
    2020-09-10 09:46 - 2020-09-10 09:46 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
    2020-09-10 09:46 - 2020-09-10 09:46 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
    2020-09-10 09:45 - 2020-09-10 09:46 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003985920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002369336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002190664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001659208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001386824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2020-09-10 09:45 - 2020-09-10 09:45 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
    2020-09-10 09:45 - 2020-09-10 09:45 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
    2020-09-10 09:45 - 2020-09-10 09:45 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
    2020-09-10 09:45 - 2020-09-10 09:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
    2020-09-10 09:45 - 2020-09-10 09:45 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
    2020-09-10 09:45 - 2020-09-10 09:45 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
    2020-09-10 09:45 - 2020-09-10 09:45 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
    2020-09-10 09:45 - 2020-09-10 09:45 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
    2020-09-10 09:45 - 2020-09-10 09:45 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
    2020-09-10 09:45 - 2020-09-10 09:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
    2020-09-10 09:36 - 2020-08-15 07:25 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2020-09-10 09:36 - 2020-08-15 07:15 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2020-09-09 13:45 - 2020-09-09 13:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2020-09-09 13:45 - 2020-09-09 13:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2020-09-09 13:45 - 2020-09-09 13:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2020-09-09 13:45 - 2020-09-09 13:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
    2020-09-09 13:45 - 2020-09-09 13:45 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2020-09-01 13:45 - 2020-09-01 13:48 - 000129580 _____ C:\Users\janka\Desktop\RMA cz.pdf
    2020-09-01 13:42 - 2020-09-01 14:26 - 000061990 _____ C:\Users\janka\Desktop\RMA cz.xlsx
    2020-09-01 11:08 - 2020-09-01 11:08 - 000013533 _____ C:\Users\janka\Documents\Orders representatives.xlsx
    2020-09-01 11:07 - 2020-09-03 13:59 - 000013831 _____ C:\Users\janka\Desktop\Orders representatives.xlsx
    2020-08-28 10:52 - 2020-08-28 10:52 - 002139621 _____ C:\Users\janka\Desktop\FTR Special parts2020_01export DNT.xlsx
    2020-08-27 11:44 - 2020-08-27 11:44 - 000013060 _____ C:\Users\janka\Documents\Massimo Orders.xlsx
    2020-08-26 21:38 - 2020-08-26 21:41 - 000132642 _____ C:\Users\janka\Desktop\RMA_DNT.pdf
    2020-08-26 21:38 - 2020-08-26 21:40 - 000061949 _____ C:\Users\janka\Desktop\RMA_DNT.xlsx

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-09-22 12:10 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2020-09-22 11:20 - 2019-12-24 14:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2020-09-21 09:02 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
    2020-09-21 09:02 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
    2020-09-19 14:56 - 2019-12-24 21:41 - 000000000 ____D C:\Program Files\Microsoft Office
    2020-09-18 21:08 - 2019-12-24 12:32 - 000000000 ____D C:\Users\janka\AppData\Local\Packages
    2020-09-18 16:31 - 2019-12-27 11:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2020-09-18 10:21 - 2020-07-06 08:25 - 000000000 ____D C:\Users\janka\Desktop\statement]
    2020-09-16 08:47 - 2019-12-24 14:07 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
    2020-09-11 10:28 - 2019-12-24 14:48 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1613077741-2981613164-655858909-1001
    2020-09-11 10:28 - 2019-12-24 14:44 - 000002363 _____ C:\Users\janka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2020-09-11 10:28 - 2019-12-24 12:33 - 000000000 ___RD C:\Users\janka\OneDrive
    2020-09-11 09:17 - 2020-01-17 15:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2020-09-11 09:09 - 2020-04-01 14:44 - 000000000 ____D C:\Users\janka\Desktop\important
    2020-09-11 09:09 - 2020-02-11 12:59 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2020-09-11 08:53 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
    2020-09-10 12:06 - 2019-12-24 14:51 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2020-09-10 12:06 - 2019-03-19 13:57 - 000673444 _____ C:\WINDOWS\system32\perfh005.dat
    2020-09-10 12:06 - 2019-03-19 13:57 - 000137332 _____ C:\WINDOWS\system32\perfc005.dat
    2020-09-10 12:02 - 2019-12-24 14:49 - 000000000 ___RD C:\Users\janka\3D Objects
    2020-09-10 12:02 - 2019-12-24 12:32 - 000000000 __RHD C:\Users\Public\AccountPictures
    2020-09-10 12:01 - 2019-12-24 14:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2020-09-10 12:01 - 2019-12-24 14:43 - 000439856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2020-09-10 10:46 - 2019-03-19 13:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2020-09-10 10:46 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
    2020-09-10 10:46 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2020-09-10 10:00 - 2019-12-24 13:11 - 000000000 ____D C:\WINDOWS\system32\MRT
    2020-09-10 09:50 - 2019-12-24 13:11 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2020-09-10 09:50 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2020-09-10 09:45 - 2019-12-24 14:47 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2020-09-10 09:20 - 2020-06-08 13:12 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2020-09-09 16:42 - 2020-05-12 15:38 - 000014866 _____ C:\Users\janka\Desktop\RE-PL,SP,NH.xlsx
    2020-09-08 14:32 - 2020-01-17 15:47 - 000000000 ___RD C:\Users\janka\Dropbox
    2020-09-02 12:19 - 2020-04-14 15:50 - 000000000 ____D C:\Users\janka\Desktop\dealers
    2020-09-02 07:54 - 2019-12-24 13:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2020-09-01 13:55 - 2020-04-06 09:04 - 000000000 ____D C:\Users\janka\Desktop\ups
    2020-08-26 11:39 - 2020-03-25 17:20 - 000000000 ____D C:\Users\janka\AppData\Local\PlaceholderTileLogoFolder
    2020-08-25 09:03 - 2020-03-27 10:24 - 000000000 ____D C:\Users\janka\Desktop\Invoice Janka
    2020-08-24 17:54 - 2019-12-24 14:44 - 000000000 ____D C:\Users\janka
    2020-08-24 08:42 - 2020-06-08 13:12 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2020-08-24 08:42 - 2020-06-08 13:12 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

    ==================== Files in the root of some directories ========

    2020-01-03 10:39 - 2020-01-03 10:39 - 000000410 _____ () C:\Users\janka\AppData\Local\oobelibMkey.log

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

Addition.txt:
  • Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2020
    Ran by janka (22-09-2020 12:12:16)
    Running from C:\Users\janka\Desktop
    Windows 10 Pro Version 1903 18362.1082 (X64) (2019-12-24 12:48:48)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1613077741-2981613164-655858909-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-1613077741-2981613164-655858909-503 - Limited - Disabled)
    Guest (S-1-5-21-1613077741-2981613164-655858909-501 - Limited - Disabled)
    janka (S-1-5-21-1613077741-2981613164-655858909-1001 - Administrator - Enabled) => C:\Users\janka
    WDAGUtilityAccount (S-1-5-21-1613077741-2981613164-655858909-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 85.1.14.81 - Brave Software Inc)
    Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 105.4.651 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
    f.lux (HKU\S-1-5-21-1613077741-2981613164-655858909-1001\...\Flux) (Version: - f.lux Software LLC)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
    KeePass Password Safe 2.43 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.43 - Dominik Reichl)
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
    Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
    Microsoft Office Standard 2019 - en-us (HKLM\...\Standard2019Retail - en-us) (Version: 16.0.13127.20408 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1613077741-2981613164-655858909-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
    Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.4 - Notepad++ Team)
    NVIDIA nView 148.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.03 - NVIDIA Corporation)
    Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
    Ovládací panel NVIDIA 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 369.09 - NVIDIA Corporation) Hidden
    Python 3.8.5 (32-bit) (HKU\S-1-5-21-1613077741-2981613164-655858909-1001\...\{44a59e57-34e2-4d86-93ba-a2588bfac760}) (Version: 3.8.5150.0 - Python Software Foundation)
    Python 3.8.5 Core Interpreter (32-bit) (HKLM-x32\...\{31F7FCA7-1F15-48FD-BFB9-91FE58FC2F07}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
    Python 3.8.5 Development Libraries (32-bit) (HKLM-x32\...\{657AEF25-7BC3-4E93-A08C-ECD14E8A74AE}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
    Python 3.8.5 Documentation (32-bit) (HKLM-x32\...\{F7A293EB-21B8-45DE-85A5-8ADEB68B9EFB}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
    Python 3.8.5 Executables (32-bit) (HKLM-x32\...\{F6156224-C882-453A-9046-EFCD31982E68}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
    Python 3.8.5 pip Bootstrap (32-bit) (HKLM-x32\...\{71C0D67F-EF42-4C5C-A2AE-04FD8B38AB1C}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
    Python 3.8.5 Standard Library (32-bit) (HKLM-x32\...\{4D147A72-5C01-47B2-8789-1D1969F6AC32}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
    Python 3.8.5 Tcl/Tk Support (32-bit) (HKLM-x32\...\{653FBD26-2D1A-48C1-AAB1-0AB6F2A3749B}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
    Python 3.8.5 Test Suite (32-bit) (HKLM-x32\...\{DE45C740-8250-4A49-8B81-FE347C70E6BA}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
    Python 3.8.5 Utility Scripts (32-bit) (HKLM-x32\...\{9450D936-1E4F-44EF-A0D4-92C471229B98}) (Version: 3.8.5150.0 - Python Software Foundation) Hidden
    Python Launcher (HKLM-x32\...\{CEEAEA02-2472-4BF6-8994-52D6783F5575}) (Version: 3.8.7140.0 - Python Software Foundation)
    TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.9.4 - TeamViewer)
    Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
    Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
    Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
    Zoho Assist (HKU\S-1-5-21-1613077741-2981613164-655858909-1001\...\Zoho Assist) (Version: 111.0.3.58 - Zoho Corporation)
    Zoom (HKU\S-1-5-21-1613077741-2981613164-655858909-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

    Packages:
    =========
    Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-12-24] (Autodesk Inc.)
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-29] (HP Inc.)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-24] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-24] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-26] (Microsoft Studios) [MS Ad]
    Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.21.1.0_x64__nfy108tqq3p12 [2020-08-31] (Thumbmunkeys Ltd)
    WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-12-24] (WinZip Computing)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1613077741-2981613164-655858909-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\janka\Dropbox [2020-01-17 15:47]
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-01-30] (Notepad++ -> )
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-08] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation -> NVIDIA Corporation)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    ShortcutWithArgument: C:\Users\janka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default

    ==================== Loaded Modules (Whitelisted) =============

    2020-04-19 22:48 - 2020-04-19 22:48 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
    2020-04-19 22:48 - 2020-04-19 22:48 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    ==================== Safe Mode (Whitelisted) ==================

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer (Whitelisted) ==========

    HKU\S-1-5-21-1613077741-2981613164-655858909-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17swin10.msn.com/?pc=LJSE
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1613077741-2981613164-655858909-1001\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{49B6A254-BDEF-485F-8118-1EED26A0E837}] => (Allow) C:\Users\janka\AppData\Roaming\uTorrent\uTorrent.exe => No File
    FirewallRules: [{FC072563-36C7-4EFB-9C2C-ECBDD423F968}] => (Allow) C:\Users\janka\AppData\Roaming\uTorrent\uTorrent.exe => No File
    FirewallRules: [{D18DA144-AC6D-445B-B1AF-669E4F777545}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{B594A1E8-5A22-4E6C-ABE5-E6D69E7BB3AB}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
    FirewallRules: [{8A6AF8D1-8779-44D0-B988-ECC8244610D9}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
    FirewallRules: [{67958738-633D-4025-A7C4-A5C1CD89A4B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{5FB94F33-F1D5-450F-9B2C-3805B6E00572}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{078016C0-3EE4-460D-AE06-7D26F1C43C0D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{61FD64F5-74C8-419F-8BFE-F8A0AB921126}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{3D6A0B14-7066-4FFA-ABF7-BF1B9C07C0FA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{A17393CC-AEC1-49D1-B8C0-26F15166FC06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{C04A31C4-A9A9-40AB-8EB0-7D18F08E4A66}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{AFBC039A-A24F-43EA-B943-B9580BA5015C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{D5E0A717-09B8-4A21-92B8-DA3657F722CE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

    ==================== Restore Points =========================

    04-09-2020 12:31:33 Scheduled Checkpoint
    10-09-2020 09:36:16 Windows Update
    18-09-2020 13:16:03 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices ============

    Name: Broadcom USH
    Description: Broadcom USH
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Mass Storage Controller
    Description: Mass Storage Controller
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: DW5550
    Description: DW5550
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (09/22/2020 12:12:33 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (15304,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (09/22/2020 11:56:59 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (4332,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (09/22/2020 09:37:39 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (11128,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (09/22/2020 08:46:07 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (11880,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (09/22/2020 08:40:20 AM) (Source: DbxSvc) (EventID: 322) (User: )
    Description: Failed to get driver message: (-2147024890) The handle is invalid.

    Error: (09/21/2020 06:02:41 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (1356,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (09/21/2020 05:56:59 PM) (Source: DbxSvc) (EventID: 322) (User: )
    Description: Failed to get driver message: (-2147024890) The handle is invalid.

    Error: (09/21/2020 04:14:11 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (11168,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


    System errors:
    =============
    Error: (09/22/2020 08:39:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTN4QRJ)
    Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (09/21/2020 05:56:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTN4QRJ)
    Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (09/21/2020 04:08:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTN4QRJ)
    Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (09/21/2020 01:25:41 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTN4QRJ)
    Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (09/21/2020 09:01:17 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTN4QRJ)
    Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (09/19/2020 02:53:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTN4QRJ)
    Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (09/18/2020 09:07:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTN4QRJ)
    Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

    Error: (09/18/2020 02:38:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JTN4QRJ)
    Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.


    Windows Defender:
    ===================================
    Date: 2020-09-18 10:12:30.905
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {95F1E4C8-3066-4107-875B-CBD5B284D8FE}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-09-17 09:28:17.140
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {000120BC-05C0-4F34-B90F-E2A55B62F728}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-09-15 12:46:45.918
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {93311B28-07CC-48A7-B2FF-D0C638F2D226}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-09-14 10:53:36.019
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {67085AF3-D742-48C0-B78A-2D54E17021D4}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-09-11 08:48:34.254
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {3E97E804-3793-47DD-8F4F-BD4F52E7F299}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-09-04 09:43:01.055
    Description:
    Windows Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.323.417.0
    Update Source: Microsoft Update Server
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.17400.5
    Error code: 0x80240016
    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    CodeIntegrity:
    ===================================

    Date: 2020-03-02 10:07:03.469
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\DropboxExt64.32.0.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-03-02 10:07:03.462
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Dropbox\Client\DropboxExt64.32.0.dll that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    BIOS: Dell Inc. A17 03/07/2013
    Motherboard: Dell Inc. 038C0K
    Processor: Intel(R) Core(TM) i5-2540M CPU @ 2.60GHz
    Percentage of memory in use: 63%
    Total physical RAM: 8073.01 MB
    Available physical RAM: 2984.8 MB
    Total Virtual: 9353.01 MB
    Available Virtual: 3379.69 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:222.56 GB) (Free:145.24 GB) NTFS

    \\?\Volume{68a03cef-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
    \\?\Volume{68a03cef-0000-0000-0000-30c337000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 68A03CEF)
    Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=531 MB) - (Type=27)

    ==================== End of Addition.txt =======================

Re: Pripojenie na wordpress z mojej IP adresy

Napsal: 22 zář 2020 13:14
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Pripojenie na wordpress z mojej IP adresy

Napsal: 22 zář 2020 17:39
od janyoa
Posielam log:
  • # -------------------------------
    # Malwarebytes AdwCleaner 8.0.7.0
    # -------------------------------
    # Build: 07-22-2020
    # Database: 2020-07-20.1 (Local)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 09-22-2020
    # Duration: 00:00:01
    # OS: Windows 10 Pro
    # Cleaned: 0
    # Failed: 0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    No malicious folders cleaned.

    ***** [ Files ] *****

    No malicious files cleaned.

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks cleaned.

    ***** [ Registry ] *****

    No malicious registry entries cleaned.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs cleaned.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries cleaned.

    ***** [ Preinstalled Software ] *****

    No Preinstalled Software cleaned.


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [1405 octets] - [22/09/2020 18:26:13]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Pripojenie na wordpress z mojej IP adresy

Napsal: 22 zář 2020 17:54
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {49AC4AE8-D26E-4C93-AE1E-EAAB837A58F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
Task: {12005D59-5CEF-4D05-8DA2-C455DFB12079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
FirewallRules: [{49B6A254-BDEF-485F-8118-1EED26A0E837}] => (Allow) C:\Users\janka\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{FC072563-36C7-4EFB-9C2C-ECBDD423F968}] => (Allow) C:\Users\janka\AppData\Roaming\uTorrent\uTorrent.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Pripojenie na wordpress z mojej IP adresy

Napsal: 23 zář 2020 10:05
od janyoa
  • Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2020
    Ran by janka (23-09-2020 10:58:00) Run:1
    Running from C:\Users\janka\Desktop
    Loaded Profiles: janka
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    Start

    CloseProcesses:
    Task: {49AC4AE8-D26E-4C93-AE1E-EAAB837A58F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
    Task: {12005D59-5CEF-4D05-8DA2-C455DFB12079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-11] (Google LLC -> Google LLC)
    FirewallRules: [{49B6A254-BDEF-485F-8118-1EED26A0E837}] => (Allow) C:\Users\janka\AppData\Roaming\uTorrent\uTorrent.exe => No File
    FirewallRules: [{FC072563-36C7-4EFB-9C2C-ECBDD423F968}] => (Allow) C:\Users\janka\AppData\Roaming\uTorrent\uTorrent.exe => No File

    EmptyTemp:
    End
    *****************

    Processes closed successfully.
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49AC4AE8-D26E-4C93-AE1E-EAAB837A58F1}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49AC4AE8-D26E-4C93-AE1E-EAAB837A58F1}" => removed successfully
    C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12005D59-5CEF-4D05-8DA2-C455DFB12079}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12005D59-5CEF-4D05-8DA2-C455DFB12079}" => removed successfully
    C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{49B6A254-BDEF-485F-8118-1EED26A0E837}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC072563-36C7-4EFB-9C2C-ECBDD423F968}" => removed successfully

    =========== EmptyTemp: ==========

    BITS transfer queue => 8151040 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 269291219 B
    Java, Flash, Steam htmlcache => 0 B
    Windows/system/drivers => 27771827 B
    Edge => 5343091 B
    Chrome => 389179269 B
    Firefox => 0 B
    Opera => 14580005 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 170205 B
    NetworkService => 670971 B
    janka => 608250099 B

    RecycleBin => 12511671467 B
    EmptyTemp: => 12.9 GB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 10:58:30 ====

Re: Pripojenie na wordpress z mojej IP adresy

Napsal: 23 zář 2020 12:07
od Rudy
Smazáno. Nastala nějaká změna?