VIRY.CZ

Dobrý den,
před nedávnem se objevil tento problém při stahování. Je mi jasné, že pokud stahuji, že se rychlost internetu o něco sníží. Ale v mém případě se sníží natolik, že se ani neotevřou webové stránky nebo na jejich otevření čekám hodně dlouho a celkově se nedá na netu pracovat. A to je dle DSL download rychlost cca 25 Mbps Nejprve rychlost stahování vyskočí až něco přes 1Mbps, po pár vteřinách jde ale rapidně dolů a drží se kolem 50-100 kbps. Dělá to při stahování z různých zdrojů, před pár dny se takto internet ucpal i při streamovaném poslechu hudby (protože notebook zřejmě takto taky musí nějaká data stáhnout). Na jiném PC v bytě funguje stahování bez problému, musí to tedy asi být nějaký problém přímo v notebooku. Prosím tedy o kontrolu logu, snad se podaří problém vyřešit.

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-17-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 23
# Failed: 2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Host App Service
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Marlenka\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Not Deleted C:\Users\Michal\AppData\Local\Host App Service

***** [ Files ] *****

Deleted C:\Windows\System32\Tasks_Migrated\App Explorer

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC7E02D7-E589-4038-8ECB-C467CA188722}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Marlenka\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Michal\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Not Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3634 octets] - [17/10/2020 00:16:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o nove lohx FRST + ADDITION.

Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by Michal (17-10-2020 14:05:27) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:

PowerShell: Enable-ComputerRestore -Drive "C:\"
HKU\S-1-5-21-3838665394-1485884192-1729339075-1001\...\Winlogon: [Shell] %comspec% <==== ATTENTION
HKU\S-1-5-21-3838665394-1485884192-1729339075-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundModule.exe" 2>NUL | find /I /N "SoundModule.exe">NUL && exit & if exist ( start /MIN "" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {17066C48-564A-4B1A-95FC-B0BEB03ADB44} - \Lenovo\ImController\TimeBasedEvents\31eec00a-96a3-4db9-87d6-eca9e7ef20ba -> No File <==== ATTENTION
Task: {18DCF431-8EAF-418F-B272-9309E3FF760C} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {240C7866-BB99-4F54-90BD-9252FE66855B} - \Lenovo\ImController\TimeBasedEvents\c5e48814-34ca-46aa-8bc4-647ed977827e -> No File <==== ATTENTION
Task: {25FDEC66-E71E-48EA-8666-F2A34B07507B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {5694F966-7B51-4B2E-9295-C9A164065FC2} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {3E75DFA2-59E9-4140-8704-15FF85C31259} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-08] (Google Inc -> Google Inc.)
Task: {5694F966-7B51-4B2E-9295-C9A164065FC2} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {64FC6A1C-2449-4DB5-BE8B-9711A5EA2092} - \Lenovo\ImController\TimeBasedEvents\e381380a-727d-4464-91ff-b4ef58d2ece6 -> No File <==== ATTENTION
Task: {68E1E5D6-BDDD-4851-8311-43468C028AA8} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {F3EBEBFD-A048-4209-AACD-73C25DDBABFA} - \Lenovo\ImController\TimeBasedEvents\c0d09f3a-fb98-40b0-8d9f-d3af152038f5 -> No File <==== ATTENTION
FF NewTab: Mozilla\Firefox\Profiles\lmg1t01p.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-10-04 12:41:51&bName=
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [X]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-3838665394-1485884192-1729339075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-10-04 12:41:51&bName=
SearchScopes: HKU\S-1-5-21-3838665394-1485884192-1729339075-1001 -> DefaultScope {EBD65539-52E0-4E9D-96FA-8CD5B08E67AD} URL =
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
FirewallRules: [{BA4F87B4-C6C0-4BBF-B8F7-E42EF3BB28E4}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{E0FDB64B-C4EF-4E8B-9BE6-EFA1F85A9712}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe => No File

EmptyTemp:

End

*****************

Error: (0) Failed to create a restore point.

========= Enable-ComputerRestore -Drive "C:\" =========


========= End of Powershell: =========

"HKU\S-1-5-21-3838665394-1485884192-1729339075-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
"HKU\S-1-5-21-3838665394-1485884192-1729339075-1001\Software\Microsoft\Command Processor\\AutoRun" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17066C48-564A-4B1A-95FC-B0BEB03ADB44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17066C48-564A-4B1A-95FC-B0BEB03ADB44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\31eec00a-96a3-4db9-87d6-eca9e7ef20ba" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18DCF431-8EAF-418F-B272-9309E3FF760C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18DCF431-8EAF-418F-B272-9309E3FF760C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{240C7866-BB99-4F54-90BD-9252FE66855B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{240C7866-BB99-4F54-90BD-9252FE66855B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\c5e48814-34ca-46aa-8bc4-647ed977827e" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{25FDEC66-E71E-48EA-8666-F2A34B07507B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25FDEC66-E71E-48EA-8666-F2A34B07507B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5694F966-7B51-4B2E-9295-C9A164065FC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5694F966-7B51-4B2E-9295-C9A164065FC2}" => removed successfully
C:\WINDOWS\System32\Tasks\LenovoUtility Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LenovoUtility Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3E75DFA2-59E9-4140-8704-15FF85C31259}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E75DFA2-59E9-4140-8704-15FF85C31259}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5694F966-7B51-4B2E-9295-C9A164065FC2}" => not found
"C:\WINDOWS\System32\Tasks\LenovoUtility Task" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LenovoUtility Task" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64FC6A1C-2449-4DB5-BE8B-9711A5EA2092}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64FC6A1C-2449-4DB5-BE8B-9711A5EA2092}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\e381380a-727d-4464-91ff-b4ef58d2ece6" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68E1E5D6-BDDD-4851-8311-43468C028AA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68E1E5D6-BDDD-4851-8311-43468C028AA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3EBEBFD-A048-4209-AACD-73C25DDBABFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3EBEBFD-A048-4209-AACD-73C25DDBABFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\c0d09f3a-fb98-40b0-8d9f-d3af152038f5" => removed successfully
"Firefox newtab" => removed successfully
HKLM\System\CurrentControlSet\Services\McAfee WebAdvisor => removed successfully
McAfee WebAdvisor => service removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKU\S-1-5-21-3838665394-1485884192-1729339075-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-3838665394-1485884192-1729339075-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AdobeAAMUpdater-1.0" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BA4F87B4-C6C0-4BBF-B8F7-E42EF3BB28E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0FDB64B-C4EF-4E8B-9BE6-EFA1F85A9712}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18002273 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 737697 B
Edge => 57960 B
Chrome => 6992644 B
Firefox => 281712399 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 8878 B
NetworkService => 8878 B
Michal => 31602531 B
Marlenka => 31675914 B

RecycleBin => 0 B
EmptyTemp: => 363.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End 1 Fixlog 14:05:45 ====

Ako je na to pocitac?

Problém bohužel přetrvává. Ještě bych mohl zmínit, že když si pomocí powershellu vyjedu seznam nainstalovaných programů, jsou tam dvě podle názvu podezřelé položky "bl" a "ph", které nevím, co by mohly být. Ale těžko říct, zda to má nějakou souvislost. A ještě se mi nezdá položka "neroxml".

Ano uz ich vidim. Daju sa odinstalovat?

To mě pravda nenapadlo, protože s powershellem umím jen hodně začátečnicky. Ale návod na netu poradil. Všechny tři programy jsem tedy odinstaloval, v seznamu už se neobjevují. Nicméně problém stále přetrvává.

Skuste spustit task manager (spravca uloh) a zoradte procesy podla využitia siete, podrobnejši postup je na obrázku


nižšie.

Dal jsem stahovat soubor z ulozto, než jsem pořídil výstřižek. Reálná rychlost stahování teď osciluje kolem 170 kbps, přičemž ulozto to jinak ořezává na 300.

Urobte sken pocitaca este pomocou tochto nastroja: https://forum.viry.cz/viewtopic.php?f=24&t=155685

.
.
----------- Inline Hook Scanner --------[3.6]---
Written by Diallix (C)
www.diallix.net
------------------------------------------------
.
.
...[Time/Date]: 21:10/18.9 2020
...[Running as Admin.]: Yes
.
.
=== Running Executable objects and their loaded modules ===


C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\Program Files\AVAST Software\Avast\x86\aswAMSI.dll

C:\Program Files\Native Instruments\Komplete Audio Driver\W10_x64\NativeInstrumentsUsbAudioCpl.exe
C:\Program Files\AVAST Software\Avast\x86\aswhook.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627\COMCTL32.dll
C:\Program Files\Native Instruments\Komplete Audio Driver\W10_x64\NativeInstrumentsUsbAudioapi.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\SYSTEM32\TextShaping.dll
C:\WINDOWS\SYSTEM32\textinputframework.dll
C:\WINDOWS\System32\CoreUIComponents.dll
C:\WINDOWS\System32\CoreMessaging.dll

C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
C:\Program Files\AVAST Software\Avast\x86\aswhook.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\Wldp.dll

C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\AVAST Software\Avast\x86\aswhook.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\TEETransport.dll

C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\AVAST Software\Avast\x86\aswhook.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\WsmanClient.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\StatusEventHandler.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\Common.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\GmsCommon.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\CONFIGURATOR.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll

C:\Users\Michal\Desktop\inlinehookscanner.exe
C:\Program Files\AVAST Software\Avast\x86\aswhook.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.19041.488_none_89e6152f0b32762e\COMCTL32.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\1c960778124fb2c275142764edfbee19\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
.
.
[Total scanned objects]: 269.
.
.
[EOF]