Právě je 23 lis 2019 03:57

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 29 ]  Přejít na stránku Předchozí  1, 2
Autor Zpráva
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 01 lis 2019 00:24 
Offline
Rádce
Rádce

Registrován: 30 pro 2013 22:29
Příspěvky: 3209
Bydliště: Bratislava
Hm, poprosim teda o obidva nove logy z FRST.

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 01 lis 2019 15:37 
Offline
Návštěvník
Návštěvník

Registrován: 20 lis 2009 07:04
Příspěvky: 51
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019
Ran by Radovan Hatala (administrator) on RADOVAN_HATALA (Dell Inc. Inspiron 5548) (01-11-2019 14:59:29)
Running from C:\Users\Radovan Hatala\Desktop\Nový priečinok
Loaded Profiles: Radovan Hatala (Available Profiles: Radovan Hatala)
Platform: Windows 10 Home Version 1809 17763.805 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Entertainment Experience LLC -> ) C:\Program Files\TrueColor\TrueColorALS.exe
(Entertainment Experience LLC -> Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe
(Garmin International, Inc. -> ) C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Leader Technologies Inc -> Aviata Inc) C:\Program Files (x86)\Dell Product Registration\prodreg.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Radovan Hatala\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\pcdrwi.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
Failed to access process -> esu.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8721656 2016-03-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [19491792 2014-12-25] (Entertainment Experience LLC -> Entertainment Experience)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-10-01] (Comodo Security Solutions -> COMODO)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] (Dropbox, Inc -> )
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228728 2019-10-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-04-02] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-07-03] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-29] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.70\Installer\chrmstp.exe [2019-10-26] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06DEDCBC-ED59-46F8-B95F-D4B7B8BBF146} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [3604152 2016-10-01] (Comodo Security Solutions -> COMODO)
Task: {09B98BFB-870C-4135-B057-E73EAB6792F1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39848 2017-04-02] (Garmin International, Inc. -> )
Task: {12E40869-249A-4CC4-9F1E-20F3A5F6D1A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-29] (Piriform Software Ltd -> Piriform Ltd)
Task: {1971B65E-8C3F-457B-9B59-D42919384D96} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-10-01] (Comodo Security Solutions -> COMODO)
Task: {1FB68AFA-777F-49BF-AEDE-F90F1378AFF9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-14] (Adobe Inc. -> Adobe)
Task: {273F3C4B-A927-4C41-849B-68CB790B43BD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-29] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3FEA0651-AFC2-4446-B70F-39A6863D4E00} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {419CF268-2C2D-499C-846D-355F80B55514} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [3604152 2016-10-01] (Comodo Security Solutions -> COMODO)
Task: {4BFE35D9-AA81-4E25-9FEA-7C8CDE3A07BB} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759024 2019-10-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {500EFAB2-BE25-4C46-965B-A46AD8328761} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-07-25] (Google Inc -> Google Inc.)
Task: {514DB045-B7E5-4873-BF09-87550569D89F} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2016-11-19] (Leader Technologies Inc -> Aviata Inc)
Task: {5335A918-7F6C-4DDD-B150-441F65018088} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-10-15] (Intel(R) Update Manager -> Intel Corporation)
Task: {58BED993-E91D-4B0D-A6ED-8DB1646F950C} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2016-11-19] (Leader Technologies Inc -> Aviata Inc)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [31232 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {73846997-F289-4078-9081-A7A251DB25DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-07-25] (Google Inc -> Google Inc.)
Task: {826A153C-7E39-49EC-A08F-B7E441545D2D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-14] (Adobe Inc. -> Adobe)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {A98C8748-829D-4318-ADA3-2CB2B91E4751} - System32\Tasks\Opera scheduled Autoupdate 1437858282 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-14] (Opera Software AS -> Opera Software)
Task: {AA62ED4E-9AE6-4593-8A58-E3CF005C00F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-10-25] (Adobe Inc. -> Adobe Systems)
Task: {AF206DD1-D883-4782-A891-54FE925B3027} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D74D0C65-8D4C-4AE1-85A2-5A2C01337506} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-10-01] (Comodo Security Solutions -> COMODO)
Task: {EBFEF9F1-0D35-4880-8876-30483D6B4765} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-10-15] (Intel(R) Update Manager -> Intel Corporation)
Task: {ECCBB834-65BF-45F5-8077-F5F78D28F3B0} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{334c278c-0684-4e4a-98ad-9f417d191ebc}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{334c278c-0684-4e4a-98ad-9f417d191ebc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e2686e41-3b47-4d65-9805-452e4edc1314}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{e2686e41-3b47-4d65-9805-452e4edc1314}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2829850043-1559991653-898572231-1001 -> {EB19ED60-9340-4008-BBE7-A918BFED4A0B} URL =

FireFox:
========
FF DefaultProfile: 6gxnf70f.default
FF ProfilePath: C:\Users\Radovan Hatala\AppData\Roaming\Mozilla\Firefox\Profiles\6gxnf70f.default [2019-10-31]
FF Extension: (Avira Browser Safety) - C:\Users\Radovan Hatala\AppData\Roaming\Mozilla\Firefox\Profiles\6gxnf70f.default\Extensions\abs@avira.com.xpi [2019-07-04]
FF Extension: (ETP Search Volume Study) - C:\Users\Radovan Hatala\AppData\Roaming\Mozilla\Firefox\Profiles\6gxnf70f.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-07-03]
FF Extension: (Avira SafeSearch Plus) - C:\Users\Radovan Hatala\AppData\Roaming\Mozilla\Firefox\Profiles\6gxnf70f.default\Extensions\safesearchplus@avira.com.xpi [2019-06-16] [UpdateUrl:hxxps://package.avira.com/package/safesearch/firefox/update-plus.json]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Radovan Hatala\AppData\Roaming\Mozilla\Firefox\Profiles\6gxnf70f.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-12-07]
FF Extension: (Seznam lištička) - C:\Users\Radovan Hatala\AppData\Roaming\Mozilla\Firefox\Profiles\6gxnf70f.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-10-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-14] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-14] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-23] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://24sport.site; hxxps://www.facebook.com
CHR Profile: C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default [2019-10-31]
CHR Extension: (Prezentácie) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Google Search) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Tabuľky) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-10-25]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-05]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2019-06-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-25]
CHR Extension: (Gmail) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\Radovan Hatala\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"Dell Customer Connect" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\Dell Customer Connect => "C:\Program Files (x86)\Dell Customer Connect\DCCService.exe" <==== ATTENTION (Rootkit!/Locked Service)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560544 2018-02-03] (Advanced Micro Devices, Inc. -> AMD)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1209328 2019-10-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537144 2019-10-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483408 2019-10-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483408 2019-10-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [500272 2019-10-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [591872 2019-10-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2273424 2016-10-05] (Comodo Security Solutions -> Comodo)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-10-01] (Comodo Security Solutions -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-10-01] (Comodo Security Solutions -> COMODO)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-10-14] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3373600 2019-10-14] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218144 2019-10-14] (Dell Inc -> Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell Inc -> Dell)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe [1050952 2019-10-14] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2019-10-14] (Dell Inc -> )
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2016-11-19] (Leader Technologies Inc -> Aviata, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2972144 2019-09-06] (Comodo Security Solutions -> Comodo)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-04-02] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-02-03] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382448 2017-02-25] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-10-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel(R) Wireless Display -> Intel)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-10-15] (Intel(R) Update Manager -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-07-17] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-03-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (Dell Inc. -> SoftThinks SAS)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2011848 2018-07-17] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [48600 2019-10-14] (Dell Inc. -> Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263264 2017-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [94160 2014-12-25] (Entertainment Experience LLC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-07-03] (Windscribe Limited -> Windscribe Limited)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2018-02-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [206584 2019-10-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [197176 2019-10-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2016-09-08] (Comodo Security Solutions -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [862648 2016-09-08] (Comodo Security Solutions -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [54336 2016-09-08] (Comodo Security Solutions -> COMODO)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-10-05] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 iaLPSS_SPI; C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 iaLPSS_UART2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-02-03] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [127232 2015-08-05] (Comodo Security Solutions -> COMODO)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3524360 2016-09-25] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896744 2015-08-13] (Realtek Semiconductor Corp -> Realtek )
R2 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [119528 2018-07-17] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66136 2017-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2019-07-03] (Windscribe Limited -> The OpenVPN Project)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343520 2019-04-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-31 21:38 - 2019-10-31 21:45 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-10-31 21:38 - 2019-10-31 21:45 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2019-10-31 21:38 - 2019-10-31 21:45 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-10-31 21:38 - 2019-10-31 21:45 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2019-10-31 21:38 - 2019-10-31 21:43 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-10-31 21:37 - 2019-10-31 21:45 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-10-31 21:37 - 2019-10-31 21:45 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2019-10-31 21:37 - 2019-10-31 21:43 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-10-31 21:37 - 2019-10-31 21:43 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-10-31 21:37 - 2019-10-31 21:43 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-10-31 17:29 - 2019-10-31 17:29 - 000001191 _____ C:\Users\Public\Desktop\Avira.lnk
2019-10-31 17:29 - 2019-10-31 17:29 - 000001191 _____ C:\ProgramData\Desktop\Avira.lnk
2019-10-29 21:09 - 2019-10-29 22:08 - 000000000 ____D C:\Users\Radovan Hatala\Desktop\Nový priečinok
2019-10-29 19:41 - 2019-10-31 17:21 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-10-29 19:39 - 2019-10-29 19:39 - 024578944 _____ (Piriform Software Ltd) C:\Users\Radovan Hatala\Downloads\ccsetup563.exe
2019-10-29 19:11 - 2019-10-29 19:11 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 002429768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-29 19:11 - 2019-10-29 19:11 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-29 19:11 - 2019-10-29 19:11 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shellstyle.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 001155584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shellstyle.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-10-29 19:11 - 2019-10-29 19:11 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 023455744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 012960768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 012259840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 008903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 006316792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 005767168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 005605560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 005309080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 004873728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 003428864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 002349056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 002279304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-29 19:10 - 2019-10-29 19:10 - 002018304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-29 19:10 - 2019-10-29 19:10 - 001924976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplaySwitch.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 001764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001677816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 001247560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 000843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000805296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 000791864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000767800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000661096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000452992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-10-29 19:10 - 2019-10-29 19:10 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-29 19:10 - 2019-10-29 19:10 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-29 19:10 - 2019-10-29 19:10 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-29 19:10 - 2019-10-29 19:10 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-29 19:10 - 2019-10-29 19:10 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.OneCore.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2019-10-29 19:10 - 2019-10-29 19:10 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSTheme.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2019-10-29 19:10 - 2019-10-29 19:10 - 000038184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PasswordOnWakeSettingFlyout.exe
2019-10-29 19:10 - 2019-10-29 19:10 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-10-29 19:09 - 2019-10-29 19:10 - 015220224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 022135584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 009680400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 006928384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 006058032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 005573016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 005299712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 004057088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 003820976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 002779784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 002699264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 002118656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001966392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001864704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-29 19:09 - 2019-10-29 19:09 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001666232 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001484896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 001390888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-29 19:09 - 2019-10-29 19:09 - 001319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001272120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 001170432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-10-29 19:09 - 2019-10-29 19:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 001056056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 001006392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000938296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-10-29 19:09 - 2019-10-29 19:09 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-29 19:09 - 2019-10-29 19:09 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000780408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000605368 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000598328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-10-29 19:09 - 2019-10-29 19:09 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000434952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000384272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000290616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000224568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000201736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000155968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000065608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-29 19:09 - 2019-10-29 19:09 - 000044912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordOnWakeSettingFlyout.exe
2019-10-29 19:09 - 2019-10-29 19:09 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-10-29 19:09 - 2019-10-29 19:09 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-10-29 19:08 - 2019-10-29 19:09 - 017485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 007698432 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 004352472 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 003198976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 003000832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 002839040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-29 19:08 - 2019-10-29 19:08 - 002110472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 002015400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001701176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-29 19:08 - 2019-10-29 19:08 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000895560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000775216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000681720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000662024 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-10-29 19:08 - 2019-10-29 19:08 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000508728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000385336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000294512 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000278416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-29 19:08 - 2019-10-29 19:08 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.OneCore.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000193704 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000163232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000156512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000147944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000135816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000104464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-29 19:08 - 2019-10-29 19:08 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-29 19:08 - 2019-10-29 19:08 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000079032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSTheme.exe
2019-10-29 19:08 - 2019-10-29 19:08 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-29 19:08 - 2019-10-29 19:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-29 19:08 - 2019-10-29 19:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-29 19:08 - 2019-10-29 19:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-29 19:08 - 2019-10-29 19:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-29 19:08 - 2019-10-29 19:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-29 19:08 - 2019-10-29 19:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-29 19:08 - 2019-10-29 19:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-29 19:08 - 2019-10-29 19:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-29 19:07 - 2019-10-29 19:07 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2019-10-29 19:07 - 2019-10-29 19:07 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-10-29 19:07 - 2019-10-29 19:07 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-29 19:07 - 2019-10-29 19:07 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-10-29 19:07 - 2019-10-29 19:07 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-29 19:07 - 2019-10-29 19:07 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-10-29 19:07 - 2019-10-29 19:07 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-10-29 19:07 - 2019-10-29 19:07 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2019-10-29 19:07 - 2019-10-29 19:07 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2019-10-29 19:07 - 2019-10-29 19:07 - 000052536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-29 19:07 - 2019-10-29 19:07 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-29 19:07 - 2019-10-29 19:07 - 000018744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-10-29 18:39 - 2019-10-29 21:08 - 001619968 _____ (Farbar) C:\Users\Radovan Hatala\Desktop\FRST64.exe
2019-10-29 18:39 - 2019-10-29 21:08 - 000000000 ____D C:\Users\Radovan Hatala\Desktop\FRST-OlderVersion
2019-10-29 18:39 - 2019-10-29 18:48 - 000070276 _____ C:\Users\Radovan Hatala\Desktop\Fixlog.txt
2019-10-26 17:08 - 2019-10-26 17:11 - 000088109 _____ C:\Users\Radovan Hatala\Downloads\Addition.txt
2019-10-26 16:56 - 2019-10-26 17:11 - 000039654 _____ C:\Users\Radovan Hatala\Downloads\FRST.txt
2019-10-26 16:55 - 2019-11-01 15:03 - 000000000 ____D C:\FRST
2019-10-25 20:27 - 2019-10-25 20:35 - 000000000 ____D C:\AdwCleaner
2019-10-25 20:24 - 2019-10-25 20:24 - 007622344 _____ (Malwarebytes) C:\Users\Radovan Hatala\Downloads\adwcleaner_7.4.2.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-01 15:13 - 2016-02-11 19:54 - 001341882 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2019-11-01 15:07 - 2015-07-11 10:24 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2019-11-01 15:05 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-01 14:59 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Registration
2019-11-01 14:57 - 2015-08-02 20:25 - 000000000 __RDL C:\Users\Radovan Hatala\OneDrive
2019-11-01 14:55 - 2017-11-11 21:55 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-11-01 14:55 - 2015-07-25 21:18 - 000000000 __SHD C:\Users\Radovan Hatala\IntelGraphicsProfiles
2019-11-01 14:52 - 2019-04-06 15:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-31 22:32 - 2015-08-02 20:02 - 000107320 _____ C:\Users\Radovan Hatala\Desktop\STATISTIKA.ods
2019-10-31 22:04 - 2019-04-06 15:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-31 21:52 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-31 21:29 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-31 21:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-31 17:37 - 2015-07-25 22:04 - 000000000 ____D C:\Program Files (x86)\Opera
2019-10-31 17:30 - 2017-11-11 21:57 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-31 17:29 - 2016-01-02 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-10-31 17:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-29 21:48 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-29 21:48 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-29 21:30 - 2019-04-06 15:34 - 000842664 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-29 20:15 - 2019-04-06 15:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-10-29 20:14 - 2018-12-30 23:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-29 19:41 - 2017-02-15 21:27 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-10-29 19:41 - 2017-02-15 21:27 - 000000865 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-10-29 19:41 - 2017-02-15 21:27 - 000000000 ____D C:\Program Files\CCleaner
2019-10-29 19:41 - 2015-07-11 10:25 - 000000000 ____D C:\Temp
2019-10-29 19:25 - 2018-02-10 16:00 - 000000000 ___RD C:\Users\Radovan Hatala\3D Objects
2019-10-29 19:25 - 2015-07-26 08:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-29 19:20 - 2019-04-06 15:14 - 000295848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-29 19:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-29 19:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-29 19:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-29 19:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-29 19:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-10-29 19:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-29 19:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-29 19:17 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-29 19:15 - 2018-09-15 17:25 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2019-10-29 19:15 - 2018-09-15 17:25 - 000018002 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2019-10-29 18:32 - 2019-04-06 15:44 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2829850043-1559991653-898572231-1001
2019-10-29 18:31 - 2019-04-06 15:22 - 000002426 _____ C:\Users\Radovan Hatala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-26 17:21 - 2015-07-25 21:40 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-26 17:21 - 2015-07-25 21:40 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-26 17:21 - 2015-07-25 21:40 - 000002274 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-10-25 22:53 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-25 21:22 - 2018-02-10 15:31 - 000000000 ____D C:\Users\Radovan Hatala\AppData\Local\Packages
2019-10-25 20:57 - 2015-07-31 16:53 - 000000000 ____D C:\Users\Radovan Hatala\AppData\Local\Adobe
2019-10-25 20:49 - 2015-07-11 12:35 - 000000000 ____D C:\ProgramData\Dell
2019-10-25 20:40 - 2015-07-31 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-25 20:39 - 2015-07-31 19:42 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-25 20:36 - 2015-07-11 10:24 - 000000000 ____D C:\ProgramData\PCDr
2019-10-25 20:36 - 2015-07-11 10:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-10-25 20:35 - 2017-02-27 17:30 - 000000000 ____D C:\Program Files (x86)\Dell
2019-10-25 20:35 - 2015-07-11 10:13 - 000000000 ____D C:\Program Files\Dell
2019-10-14 19:38 - 2019-04-06 15:44 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1437858282
2019-10-14 19:38 - 2019-04-05 06:27 - 000001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2019-10-14 19:27 - 2017-07-05 21:10 - 000000000 ____D C:\ProgramData\SupportAssist
2019-10-14 19:24 - 2016-01-02 13:24 - 000206584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-10-14 19:24 - 2016-01-02 13:24 - 000197176 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2019-10-14 19:10 - 2019-04-06 15:44 - 000004636 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-14 19:10 - 2019-04-06 15:44 - 000003458 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-14 19:10 - 2019-04-06 15:44 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-14 19:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-14 19:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-14 19:10 - 2015-07-25 21:38 - 000000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories ========

2017-11-16 23:25 - 2019-07-12 18:37 - 000007607 _____ () C:\Users\Radovan Hatala\AppData\Local\resmon.resmoncfg

==================== FLock ==============================

2016-02-21 20:24 C:\System Recovery
2016-02-11 19:54 C:\VTRoot

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 01 lis 2019 15:38 
Offline
Návštěvník
Návštěvník

Registrován: 20 lis 2009 07:04
Příspěvky: 51
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by Radovan Hatala (01-11-2019 15:18:09)
Running from C:\Users\Radovan Hatala\Desktop\Nový priečinok
Windows 10 Home Version 1809 17763.805 (X64) (2019-04-06 14:45:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2829850043-1559991653-898572231-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2829850043-1559991653-898572231-503 - Limited - Disabled)
Guest (S-1-5-21-2829850043-1559991653-898572231-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2829850043-1559991653-898572231-1003 - Limited - Enabled)
Radovan Hatala (S-1-5-21-2829850043-1559991653-898572231-1001 - Administrator - Enabled) => C:\Users\Radovan Hatala
WDAGUtilityAccount (S-1-5-21-2829850043-1559991653-898572231-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20049 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
AMD Catalyst Install Manager (HKLM\...\{2A570AD7-943C-944A-262B-4794578E8E33}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Asistent pri aktualizácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Avira (HKLM-x32\...\{d1005689-1fdc-458f-956d-498db20c18df}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{DA7052FA-B589-48D9-BF78-0A5AC11CB59A}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.1910.1604 - Avira Operations GmbH & Co. KG)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 76.0.3809.132 - Comodo)
COMODO Firewall (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 8.2.0.4792 - COMODO Security Solutions Inc.)
Czech Soccer Manager (HKLM-x32\...\Czech Soccer Manager) (Version: - )
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\{95BD6E30-2B18-4FB0-B5AE-8250E5584831}) (Version: 3.3.3.13 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
FTP Manager Lite 2 (HKLM-x32\...\FTP Manager Lite_is1) (Version: - DeskShare Inc.)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.70 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Chromodo (HKLM-x32\...\Chromodo) (Version: 52.15.25.665 - Comodo)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{0d3043f8-168c-4013-bce3-38b0c652b1d6}) (Version: 17.16.0 - Intel Corporation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2829850043-1559991653-898572231-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 sk) (HKLM\...\Mozilla Firefox 67.0.4 (x64 sk)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 67.0.4.7109 - Mozilla)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{456408C1-3BDE-48CC-9A5A-79B1BB4C4787}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
PX Profile Update (HKLM-x32\...\{79DB4FB1-2556-27C8-C606-1A0DD3E315B9}) (Version: 1.00.1. - AMD) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
True Color (HKLM\...\{33D499E3-73E8-44D5-8D1F-FEA39535E9F2}) (Version: 6.0.0.6 - Entertainment Experience LLC) Hidden
True Color (HKLM-x32\...\{55c734b2-fcff-447e-81cc-a6f04ebf09fc}) (Version: 6.0.0.6 - Entertainment Experience)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)

Packages:
=========
7z ZIP RAR -> C:\Program Files\WindowsApps\MediaMobileTechnologies.7zZIPRAR_1.0.7.0_x64__pshwwm0bwg8de [2016-12-10] (Media Mobile Technologies) [MS Ad]
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-30] (Autodesk Inc.)
Can You Escape -> C:\Program Files\WindowsApps\Trapped.CanYouEscape_1.1.0.0_x86__bhn6e84ggqs1p [2015-11-28] (Trapped)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-10-31] (king.com)
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.3.8.0_x64__htrsf667h5kn2 [2019-10-14] (Dell Inc)
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.5.17.0_x64__kx24dqmazqk8j [2019-09-06] (Random Salad Games LLC) [MS Ad]
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-07-28] (AMZN Mobile LLC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-25] (Microsoft Studios) [MS Ad]
MSN Cestovanie -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-28] (Microsoft Corporation) [MS Ad]
MSN Jedlá a nápoje -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-28] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-06] (Microsoft Corporation) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-06] (Microsoft Corporation) [MS Ad]
MSN Zdravie a fitnes -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-28] (Microsoft Corporation) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-10-14] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0 [2019-10-31] (Spotify AB) [Startup Task]
Star Wars Rebels: Recon Missions -> C:\Program Files\WindowsApps\Disney.StarWarsRebelsReconMissions_1.4.0.4_x86__6rarf9sa4v8jt [2015-11-16] (Disney)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7ZIP\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2016-09-15] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-10-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2016-09-15] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7ZIP\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7ZIP\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2016-09-15] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-10-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-09-13 01:01 - 2016-09-13 01:01 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2014-04-07 15:06 - 2014-04-07 15:06 - 000466944 _____ () [File not signed] C:\WINDOWS\system32\DPPPlugin.dll
2014-10-09 20:54 - 2014-10-09 20:54 - 000541696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-10-09 20:54 - 2014-10-09 20:54 - 000297472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2018-03-20 12:25 - 2018-03-20 12:25 - 000099840 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\aspnet_counters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msvcp140_clr0400.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msvcr100_clr0400.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ucrtbase_clr0400.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vcruntime140_clr0400.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aspnet_counters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [0]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\ccsetup563.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\ccsetup563.exe:$CmdZnID [32]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-10-31 21:01 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Radovan Hatala\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\WP_20151017_002.jpg
DNS Servers: 156.154.70.22 - 156.154.71.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2829850043-1559991653-898572231-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\...\StartupApproved\Run: => "Windscribe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2B3E39A4-954C-4571-892F-F02138923564}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{C82EC873-F105-4D13-BB67-9468FBA80FDE}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{E17435E6-E7F6-445A-892C-E82EBD3009AC}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{2DBB8E3B-67D6-4B91-B164-0833398E266B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{140A8C3F-F27E-40EB-9C9E-B334D3EC1CEF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EB2CC988-9F4E-4E3D-8866-8CB8C2F2FA57}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{DA882126-D836-420A-93DD-7A059E911DE3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{8C5161B9-D05A-4F2B-BD7E-4EFBAEE17796}C:\users\radovan hatala\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\radovan hatala\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [UDP Query User{EC376F2C-5BB0-4CF2-9A02-AA243E1D0B26}C:\users\radovan hatala\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\radovan hatala\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [{1FEEA553-79A6-4C81-AE0D-9219C7AB9BC2}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{0C3788CD-25D7-4299-83ED-B3E98EAFB47A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{2EEE0300-FC9D-4E1B-82DD-70A1F28EBF52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D634C504-313C-4E0A-918F-C776879794C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{897DE56F-3EE9-45EB-BA6A-9A9C43DD192F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{117685FD-E8AD-4E0A-90CB-7E4ADEE009C1}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4731CEE5-2FD9-4AEE-9647-3CF47640A405}] => (Allow) C:\Program Files (x86)\Deskshare\FTP Manager Lite 2\FTP Manager Lite.exe (DeskShare, Inc. -> Deskshare)
FirewallRules: [{615928C1-64F9-4F4C-A26F-F546A72B1BAE}] => (Allow) C:\Program Files (x86)\Deskshare\FTP Manager Lite 2\FTP Manager Lite.exe (DeskShare, Inc. -> Deskshare)
FirewallRules: [TCP Query User{27A16C9C-6D42-429E-92D0-875FD38B4F8A}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [UDP Query User{DF210EE4-2204-4239-B075-4700B2E87DAA}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{E1C9F6F9-43E3-4F26-B287-D492F033F923}] => (Allow) C:\Program Files (x86)\Opera\63.0.3368.71\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{E993657B-41F1-4E7D-B60C-8E71F41371B6}] => (Allow) C:\Program Files (x86)\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{76E38924-FF30-4A89-AE24-5B9525428B77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AE79EF86-76B2-4835-8727-5846336C2798}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B1B9633-7686-4A7F-969D-2A1A239EEDD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6EB1E869-9897-49D5-AB23-F0D32CDDFF95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21CC7029-8323-465C-9CC7-1CF6D0CB4C31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D868892F-DC5C-409F-87BC-96F2F93B55D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{640039B2-61FB-4859-BC9B-7B27C858D5DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9FE5294D-7194-4B1A-90A0-34FE43E3C6C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{01BAC91A-D3AD-4AFD-B4F5-ED53F6EAE62A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

25-10-2019 20:35:35 Windows Update
29-10-2019 18:40:45 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/01/2019 02:58:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: esu.exe, verzia: 1.0.0.0, časová značka: 0x58dac8d5
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.802, časová značka: 0x936e7d37
Kód výnimky: 0xe0434352
Odstup chyby: 0x00121932
Identifikácia chybujúceho procesu: 0x2664
Čas spustenia chybujúcej aplikácie: 0x01d590bc4db9f1a8
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 3d86983a-d631-4bac-84b9-99c92ce491b2
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/01/2019 02:58:23 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: esu.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
at Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
at Garmin.Omt.Service.Shared.Overrides..cctor()

Exception Info: System.TypeInitializationException
at Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
at Garmin.Omt.Express.SelfUpdater.Program.RealMain()
at Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])

Error: (11/01/2019 02:57:13 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (10/31/2019 09:07:58 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (10/31/2019 09:02:38 PM) (Source: VSS) (EventID: 12291) (User: )
Description: Volume Shadow Copy Service error: Error on creating/using the COM+ Writers publisher interface: BackupShutdown [0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
].

Error: (10/31/2019 09:02:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine IMultiInterfaceEventControl::GetSubscriptions. hr = 0x80010108, The object invoked has disconnected from its clients.
.

Error: (10/31/2019 09:02:31 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4

Error: (10/31/2019 09:02:29 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4


System errors:
=============
Error: (11/01/2019 02:58:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell Customer Connect zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (11/01/2019 02:57:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (11/01/2019 02:57:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/01/2019 02:57:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/01/2019 02:54:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/01/2019 02:54:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/01/2019 02:54:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Garmin Device Interaction Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (11/01/2019 02:54:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Garmin Device Interaction Service bol dosiahnutý časový limit (60000 ms).


CodeIntegrity:
===================================

Date: 2019-10-25 22:02:49.506
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-25 21:34:17.882
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-14 20:27:44.648
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-14 20:12:10.810
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-18 18:52:57.090
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-06 21:03:37.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-06 20:49:23.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-06 00:13:14.897
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. A07 06/23/2016
Motherboard: Dell Inc. 08NT2J
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 44%
Total physical RAM: 8106.45 MB
Available physical RAM: 4490.33 MB
Total Virtual: 9386.45 MB
Available Virtual: 5112.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:922.97 GB) (Free:596.31 GB) NTFS
Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
Drive w: () (Fixed) (Total:0.89 GB) (Free:0.44 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:6.26 GB) (Free:0.74 GB) NTFS

\\?\Volume{757ed7a1-6249-436d-8186-4394d85f39a5}\ (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.41 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C4A3AC08)

Partition: GPT.

==================== End of Addition.txt =======================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 01 lis 2019 20:00 
Offline
Rádce
Rádce

Registrován: 30 pro 2013 22:29
Příspěvky: 3209
Bydliště: Bratislava
Skopiruj text nizsie (opat netreba nikam vkladat), spusti FRST, klikni na Fix a pockaj na dokoncenie. Tentokrat by si FRST nemal vyziadat restart PC, po zobrazeni hlasky a kliknuti na OK by sa mal zobrazit Fixlog - posli jeho obsah.

Kód:
Start::
Folder: C:\FRST
File: C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
End::

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Naposledy upravil Conder dne 04 lis 2019 23:05, celkově upraveno 2

Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 01 lis 2019 23:18 
Offline
Návštěvník
Návštěvník

Registrován: 20 lis 2009 07:04
Příspěvky: 51
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by Radovan Hatala (01-11-2019 23:19:08) Run:4
Running from C:\Users\Radovan Hatala\Desktop\Nový priečinok
Loaded Profiles: Radovan Hatala (Available Profiles: Radovan Hatala)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Folder: C:\FRST
File: C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp

*****************


========================= Folder: C:\FRST ========================

2019-11-01 23:19 - 2019-11-01 23:19 - 000000141 ____A [684BE9A8685BFBFFEDB2A10EBA21EE3F] () C:\FRST\users00
2019-10-26 16:55 - 2019-10-26 16:56 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Hives
2019-10-26 16:55 - 2019-10-29 19:19 - 000008192 ____A [329B428FD940034FF88561526EFA594C] () C:\FRST\Hives\BCD
2019-10-26 16:55 - 2019-10-26 16:55 - 000008192 __ASH [B3097D9BB3F750DDB58ADF8F5CF95EC3] () C:\FRST\Hives\BCD.LOG
2019-10-26 16:55 - 2019-10-26 16:55 - 000000000 __ASH [D41D8CD98F00B204E9800998ECF8427E] () C:\FRST\Hives\BCD.LOG1
2019-10-26 16:55 - 2019-10-26 16:55 - 000000000 __ASH [D41D8CD98F00B204E9800998ECF8427E] () C:\FRST\Hives\BCD.LOG2
2019-10-26 16:56 - 2019-10-25 22:53 - 000786432 ____A [C0397A0875A2688F3F0657852AA90E2C] () C:\FRST\Hives\DEFAULT
2019-10-26 16:56 - 2019-10-25 22:53 - 000065536 ____A [C91F81BE4E312616971F7D624DF3A398] () C:\FRST\Hives\SAM
2019-10-26 16:56 - 2019-10-25 22:53 - 000065536 ____A [EECB9B1621A24ACAB0C41B11CF1BEF47] () C:\FRST\Hives\SECURITY
2019-10-26 16:55 - 2019-10-25 22:53 - 094896128 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\FRST\Hives\SOFTWARE
2019-10-26 16:56 - 2019-10-25 22:53 - 022020096 ____A [02F4A5569E8A4690BF0666605B22907D] () C:\FRST\Hives\SYSTEM
2019-10-26 16:55 - 2019-10-26 16:56 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Hives\Radovan Hatala
2019-10-26 16:56 - 2019-10-25 22:52 - 004456448 ____A [4308F77349E79BE91F48E93EEEA34835] () C:\FRST\Hives\Radovan Hatala\NTUSER.DAT
2019-10-26 16:56 - 2019-10-25 22:52 - 007077888 ____A [7653AD318FF59A1C33F85A2FB66A9BFC] () C:\FRST\Hives\Radovan Hatala\UsrClass.dat
2019-10-26 16:55 - 2019-11-01 23:19 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Logs
2019-11-01 15:22 - 2019-11-01 15:22 - 000060460 ____A [04AAF372260FFE5F346965D6A397B023] () C:\FRST\Logs\Addition_01-11-2019 15.22.48.txt
2019-10-26 17:11 - 2019-10-26 17:11 - 000088109 ____A [F7B1AF82942670929CBECB33D6170E5C] () C:\FRST\Logs\Addition_26-10-2019 18.11.52.txt
2019-10-26 16:55 - 2019-11-01 23:19 - 000000013 __ASH [467CFE44476E42ADC20FA74A3DF8EFE2] () C:\FRST\Logs\ct.ini
2019-10-29 19:02 - 2019-10-29 18:48 - 000070276 ____A [CCCC3284E843089CF290BE630ECEEA07] () C:\FRST\Logs\Fixlog_29-10-2019 19.02.37.txt
2019-10-29 21:12 - 2019-10-29 21:12 - 000065217 ____A [A92F4148AADCD2161A531AD2BAF7D09F] () C:\FRST\Logs\Fixlog_29-10-2019 21.12.26.txt
2019-10-31 21:02 - 2019-10-31 21:01 - 000065252 ____A [DA86E8F40EE0985D8A4DC261674B4487] () C:\FRST\Logs\Fixlog_31-10-2019 21.02.07.txt
2019-11-01 15:22 - 2019-11-01 15:22 - 000082530 ____A [9EF266A50530828E5194AC4A1B8F23B7] () C:\FRST\Logs\FRST_01-11-2019 15.22.48.txt
2019-10-26 17:11 - 2019-10-26 17:11 - 000039654 ____A [670E1EE310DCE82EC9AB76EEE2B5CC68] () C:\FRST\Logs\FRST_26-10-2019 18.11.52.txt
2019-10-26 16:55 - 2019-10-29 18:40 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine
2019-10-29 18:40 - 2019-10-29 18:41 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C
2019-10-29 18:32 - 2019-10-29 18:32 - 000000000 ___HD [00000000000000000000000000000000] () C:\FRST\Quarantine\C\OneDriveTemp
2019-11-01 14:57 - 2019-11-01 14:57 - 000000000 ___HD [00000000000000000000000000000000] () C:\FRST\Quarantine\C\OneDriveTemp\S-1-5-21-2829850043-1559991653-898572231-1001
2019-10-29 18:40 - 2019-10-29 18:40 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\WINDOWS
2019-10-29 18:40 - 2019-10-29 18:41 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\WINDOWS\System32
2019-10-29 18:41 - 2019-10-29 18:41 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\WINDOWS\System32\Drivers
2019-10-29 18:41 - 2019-10-31 21:01 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\WINDOWS\System32\Drivers\etc
2013-08-22 14:25 - 2019-10-29 21:11 - 000000027 ____A [6A4029CFF35FD4BA34C001C1ED5D9945] () C:\FRST\Quarantine\C\WINDOWS\System32\Drivers\etc\hosts.xBAD
2019-10-29 18:40 - 2019-10-29 18:40 - 000000000 ____D [00000000000000000000000000000000] () C:\FRST\Quarantine\C\WINDOWS\System32\Tasks
2019-04-06 15:44 - 2019-04-06 15:44 - 000002444 ____A [FA3336451A89E3803C5C0B2B037685FE] () C:\FRST\Quarantine\C\WINDOWS\System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337.xBAD

====== End of Folder: ======


========================= File: C:\Program Files (x86)\Dell Customer Connect\DCCService.exe ========================

"C:\Program Files (x86)\Dell Customer Connect\DCCService.exe" => not found
====== End of File: ======

"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*EmptyTemp" => removed successfully

==== End of Fixlog 23:19:14 ====


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 02 lis 2019 00:26 
Offline
Rádce
Rádce

Registrován: 30 pro 2013 22:29
Příspěvky: 3209
Bydliště: Bratislava
Predchadzajuce Fixlogy sa vytvorili minimalne v "C:\FRST\Logs". Otvor subor "C:\FRST\Logs\Fixlog_29-10-2019 19.02.37.txt" a skopiruj sem jeho obsah.

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 04 lis 2019 18:16 
Offline
Návštěvník
Návštěvník

Registrován: 20 lis 2009 07:04
Příspěvky: 51
Ako to mam najst, ked to na tom C: nevidim ani ked som zobrazil skryte systemove subory a priecinky. :-)


Přílohy:
Disk C nahlad.jpg
Disk C nahlad.jpg [ 115.3 KiB | Zobrazeno 108 krát ]
Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 04 lis 2019 23:06 
Offline
Rádce
Rádce

Registrován: 30 pro 2013 22:29
Příspěvky: 3209
Bydliště: Bratislava
Skopiruj text nizsie (opat netreba nikam vkladat), spusti FRST, klikni na Fix a pockaj na dokoncenie. Tentokrat by si FRST nemal vyziadat restart PC, po zobrazeni hlasky a kliknuti na OK by sa mal zobrazit Fixlog - posli jeho obsah.

Kód:
Start::
CMD: type "C:\FRST\Logs\Fixlog_29-10-2019 19.02.37.txt"
End::

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 06 lis 2019 21:20 
Offline
Návštěvník
Návštěvník

Registrován: 20 lis 2009 07:04
Příspěvky: 51
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-11-2019
Ran by Radovan Hatala (06-11-2019 21:21:21) Run:5
Running from C:\Users\Radovan Hatala\Desktop\Nový priečinok
Loaded Profiles: Radovan Hatala (Available Profiles: Radovan Hatala)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: type "C:\FRST\Logs\Fixlog_29-10-2019 19.02.37.txt"

*****************


========= type "C:\FRST\Logs\Fixlog_29-10-2019 19.02.37.txt" =========

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-10-2019
Ran by Radovan Hatala (29-10-2019 18:39:15) Run:1
Running from C:\Users\Radovan Hatala\Desktop
Loaded Profiles: Radovan Hatala (Available Profiles: Radovan Hatala)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Task: {1083794A-1793-4403-98B0-DA14084429E9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {10A3CCC8-15C8-4CFF-9A47-5ED973EBCE8F} - \WPD\SqmUpload_S-1-5-21-2829850043-1559991653-898572231-1001 -> No File <==== ATTENTION
Task: {46E6EAFC-9EA0-4EE7-80DA-03484825C54B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {50F0D1A0-FBCC-4BD6-B475-C68A9E26E8D7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {52A120F9-246C-4D0D-9953-F813F322D61C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {647046F8-07F4-42ED-9D5E-4E2C51436FAF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {70DEF6B0-CE15-41F3-90EF-D0E8C9147E57} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {79F0462F-A2CD-4D88-809A-21A69B056FE7} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\Windows\TEMP\DeleteFolderTask.exe <==== ATTENTION
Task: {7FD85F37-0467-4F26-85B6-E2C5A450DBFE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {831F4BD4-9756-4F9A-B803-DBBF6FD92801} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9945B2FD-83E8-4851-B479-E8292DE6D16E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {99848B14-FC36-4EF7-AA6A-7167517FFB69} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D3416312-099D-4A20-AF8A-B7AE409EF908} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D850A3F2-C995-4B6A-8492-BAB06F34F5D8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {ED16EE97-AAF6-4231-A6AF-FDA91615ABB7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-2829850043-1559991653-898572231-1001 -> DefaultScope {EB19ED60-9340-4008-BBE7-A918BFED4A0B} URL =
SearchScopes: HKU\S-1-5-21-2829850043-1559991653-898572231-1001 -> {EB19ED60-9340-4008-BBE7-A918BFED4A0B} URL =
FF NewTabOverride: Mozilla\Firefox\Profiles\6gxnf70f.default -> Disabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF NewTabOverride: Mozilla\Firefox\Profiles\6gxnf70f.default -> Disabled: safesearchplus@avira.com
CHR DefaultSearchURL: Default -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR HKU\S-1-5-21-2829850043-1559991653-898572231-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2829850043-1559991653-898572231-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2829850043-1559991653-898572231-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
S2 Dell Customer Connect; "C:\Program Files (x86)\Dell Customer Connect\DCCService.exe" [X]
2019-10-26 17:52 - 2019-10-26 17:52 - 000000000 ___HD C:\OneDriveTemp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DdcWnsListener.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dgtrayicon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ibtproppage.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ibtsiva.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ig8icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4256.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4331.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiLogServer64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUtils64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO5064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO6064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioMeters64.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioVienna264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO2064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MBAPO264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MBAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MBPPCn64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MBppld64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MBTHX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MBWrp64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MpSigStub.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MRT-KB890830.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkXInterface64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SET465E.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SETA2B0.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SETA32F.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SETA83E.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SETA8CC.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SETAC66.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SETEEFB.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo46-4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig8icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MaxxVoiceAPO30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MBAPO232.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MBAPO32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MBTHX32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mci32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscal.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msflxgrd.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PrintConfig.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tabctl32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthenum.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthhfenum.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CFRMD.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dddriver64Dcsa.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\DellProf.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dumpsd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hidparse.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorA.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibtusb.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kbdhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netvsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Netwbw02.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET2FB8.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET801F.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SmbCo10X64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\storahci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynPTPHID_Aux.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbvideo.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\volmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [0]
AlternateDataStreams: C:\Users\Radovan Hatala\Desktop\A05_Rapid_OwnersManual.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Desktop\skpjjxen.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Desktop\skpjjxen.exe:$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\00UPRAVA_URADNYCH_A.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\13 (1).mp4:$CmdZnID [0]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\13.mp4:$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\3 Vykonavacie pokyny extraliga.doc:$CmdZnID [0]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\3064129346.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\adwcleaner_7.4.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\adwcleaner_7.4.2.exe:$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\avira_en_av_56101be998dc5__ws.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\avira_en_av_56101be998dc5__ws.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\c1b89c5143e916a53d34888d37f4c6a0.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\ccsetup527.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\ccsetup527.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\contacts.csv:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\csm_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\csm_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\DicomImages.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\DOSBox-0.74-install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\DOSBox-0.74-install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\duo.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\FTPManagerLite.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\FTPManagerLite.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\GarminExpressInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\GarminExpressInstaller.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\hidemyip.exe:$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Hra o tr�ny (Game of Thrones) S08E01 - Zimohrad CZdab. (frpli).avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Hra o tr�ny (Game of Thrones) S08E01 - Zimohrad CZdab. (frpli).avi:$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Jana-Kirschner---Krajina-rovina---2010,-FLAC.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Jana-Kirschner---Krajina-rovina---2010,-FLAC.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\jorga_ukazka.epub:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Juraj_Cervenak_-_Mrtvy_na_Pekelnom_vrchu_(SRo__Radio_Regina__28.11.2012).mp3:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Juraj_Cervenak_-_Mrtvy_na_Pekelnom_vrchu_(SRo__Radio_Regina__28.11.2012).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\K� - Strange World.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.Return.Of.The.King.2003.720p.BrRip.264.YIFY.mp4:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.Return.Of.The.King.2003.720p.BrRip.264.YIFY.mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.The.Fellowship.of.the.Ring.2001.720p.264.YIFY.mp4:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.The.Fellowship.of.the.Ring.2001.720p.264.YIFY.mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.The.Two.Towers.2002.720p.BrRip.264.YIFY.mp4:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.The.Two.Towers.2002.720p.BrRip.264.YIFY.mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\MPC-HC.1.7.8.x64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\MPC-HC.1.7.8.x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\navrh_na_registraciu.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\op_kredit_karty_fo.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Panzer General.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Pasazier_23.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\RSITx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\RSITx64.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\STATISTIKA.xlsx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\stiahnu�:$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\stiahnu� (1):$CmdZnID [0]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\stiahnu� (2):$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\stiahnu� (3):$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\stiahnu� (4):$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Texas - Ill See it through.mp3:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Texas - Ill See it through.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\TMBAA7NE2F0128408-skoda-plus.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\User Guide-%2801%2CCzech%2CALE-L21%26L23%26L02%29.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\uTorrent.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\uTorrent.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Vasen_ako_liek.epub:$CmdZnID [0]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\VID-20170221-WA0002.mp4:$CmdZnID [0]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\VUB_NOVE_OP_KK.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Vzor_ziadosti_o_poskytnutie_dotacie_od_1.10.2012.rtf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\winamp5666_full_en-us.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\winamp5666_full_en-us.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\winamp58_3660_beta_full_en-us.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\winamp58_3660_beta_full_en-us.exe:$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Windscribe.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\Windscribe.exe:$CmdZnID [32]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\_AceFile.co_The.Lord.of.the.Rings.The.Fellowship.of.the.Ring.EXTENDED.2001.720p.BrRip-Cinemaindo.mp4:$CmdTcID [64]
AlternateDataStreams: C:\Users\Radovan Hatala\Downloads\_AceFile.co_The.Lord.of.the.Rings.The.Fellowship.of.the.Ring.EXTENDED.2001.720p.BrRip-Cinemaindo.mp4:$CmdZnID [26]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 4325
Average :
Sum : 7627861549
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1083794A-1793-4403-98B0-DA14084429E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1083794A-1793-4403-98B0-DA14084429E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10A3CCC8-15C8-4CFF-9A47-5ED973EBCE8F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10A3CCC8-15C8-4CFF-9A47-5ED973EBCE8F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2829850043-1559991653-898572231-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46E6EAFC-9EA0-4EE7-80DA-03484825C54B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46E6EAFC-9EA0-4EE7-80DA-03484825C54B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50F0D1A0-FBCC-4BD6-B475-C68A9E26E8D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50F0D1A0-FBCC-4BD6-B475-C68A9E26E8D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52A120F9-246C-4D0D-9953-F813F322D61C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52A120F9-246C-4D0D-9953-F813F322D61C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{647046F8-07F4-42ED-9D5E-4E2C51436FAF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{647046F8-07F4-42ED-9D5E-4E2C51436FAF}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70DEF6B0-CE15-41F3-90EF-D0E8C9147E57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70DEF6B0-CE15-41F3-90EF-D0E8C9147E57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79F0462F-A2CD-4D88-809A-21A69B056FE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79F0462F-A2CD-4D88-809A-21A69B056FE7}" => removed successfully
C:\WINDOWS\System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FD85F37-0467-4F26-85B6-E2C5A450DBFE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FD85F37-0467-4F26-85B6-E2C5A450DBFE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{831F4BD4-9756-4F9A-B803-DBBF6FD92801}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{831F4BD4-9756-4F9A-B803-DBBF6FD92801}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9945B2FD-83E8-4851-B479-E8292DE6D16E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9945B2FD-83E8-4851-B479-E8292DE6D16E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{99848B14-FC36-4EF7-AA6A-7167517FFB69}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99848B14-FC36-4EF7-AA6A-7167517FFB69}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D3416312-099D-4A20-AF8A-B7AE409EF908}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3416312-099D-4A20-AF8A-B7AE409EF908}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D850A3F2-C995-4B6A-8492-BAB06F34F5D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D850A3F2-C995-4B6A-8492-BAB06F34F5D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED16EE97-AAF6-4231-A6AF-FDA91615ABB7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED16EE97-AAF6-4231-A6AF-FDA91615ABB7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-2829850043-1559991653-898572231-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EB19ED60-9340-4008-BBE7-A918BFED4A0B} => removed successfully
"Firefox NewTabOverride ({ea614400-e918-4741-9a97-7a972ff7c30b}) " => removed successfully
"Firefox NewTabOverride (safesearchplus@avira.com) " => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => removed successfully
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\SOFTWARE\Google\Chrome\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd => removed successfully
HKU\S-1-5-21-2829850043-1559991653-898572231-1001\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak => removed successfully
HKLM\System\CurrentControlSet\Services\Dell Customer Connect => removed successfully
Dell Customer Connect => service removed successfully
C:\OneDriveTemp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\WINDOWS\system32\AERTAC64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\AERTAR64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\amdhcp64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\amdocl_as64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\amdocl_ld64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\atiapfxx.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\atieah64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\atieclxx.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\atiesrxx.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\atimuixx.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\clinfo.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\common_clang64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DdcWnsListener.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPA64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPD64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPO64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DDPP64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\dgtrayicon.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\difx64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DPTopologyApp.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DPTopologyAppv2_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSBoostDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSGFXAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSGFXAPONS64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSLFXAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSLimiterDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSNeoPCDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSSymmetryDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\FMAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\GfxResources.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\GfxUIEx.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Gfxv2_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Gfxv4_0.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\ibtproppage.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\ibtsiva.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\ig8icd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igc64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igd10idpp64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igd10iumd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igd11dxva64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igd12umd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdail64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdbcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdde64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdfcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdmcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdmd64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdrcl64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdumdim64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igdusc64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfx11cmrt64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxcmjit64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxcmrt64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCoIn_v4256.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCoIn_v4331.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCoIn_v4531.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCPL.cpl => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCUIService.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxCUIServicePS.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDH.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDHLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDHLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDI.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDILib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDILibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxDTCM.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxEM.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxEMLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxEMLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxexps.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxext.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxHK.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxLHM.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxLHMLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxLHMLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxOSP.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxSDK.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxSDKLib.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxSDKLibv2_0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\igfxTray.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\iglhcp64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\iglhsip64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\indexeddbserver.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelCpHDCPSvc.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelOpenCL64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiLogServer64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiMCComp64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiUMS64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\IntelWiDiUtils64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO20.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO30.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO4064.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO5064.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioAPO6064.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioEQ64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioMeters64.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxAudioVienna264.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxVoiceAPO2064.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxVoiceAPO3064.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MaxxVolumeSDAPO.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MBAPO264.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MBAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MBPPCn64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MBppld64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MBTHX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MBWrp64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MpSigStub.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\MRT-KB890830.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEA64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EED64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEG64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEL64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\R4EEP64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RCoInstII64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RltkAPO64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RP3DAA64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RP3DHT64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTCOM64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtDataProc64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEED64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEEG64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEEL64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTEEP64A.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkApi64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkCfg64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkCoLDR64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtkXInterface64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtlCPAPI64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtNicProp64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RtPgEx64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\RTSnMg64.cpl => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SET465E.tmp => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SETA2B0.tmp => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SETA32F.tmp => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SETA83E.tmp => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SETA8CC.tmp => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SETAC66.tmp => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SETEEFB.tmp => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSHP64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSTSH64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSTSX64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SRSWOW64.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SynCOM.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SynTPAPI.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\SynTPCo46-4.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\UtcResources.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\WdfCoInstaller01011.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\amdocl_as32.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\amdocl_ld32.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\atiadlxx.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\atiadlxy.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\atieah32.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\Comdlg32.ocx => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\common_clang32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\d3dx9_31.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\D3DX9_42.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\FlashPlayerApp.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\ig8icd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igc32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igd10idpp32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igd10iumd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igd11dxva32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igd12umd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdail32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdbcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdde32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdfcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdmcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdmd32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdrcl32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdumdim32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igdusc32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfx11cmrt32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfxcmjit32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfxcmrt32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\igfxexps32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\iglhcp32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\iglhsip32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\IntelOpenCL32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\MaxxVoiceAPO30.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\MBAPO232.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\MBAPO32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\MBTHX32.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\mci32.ocx => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\mscal.ocx => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\msflxgrd.ocx => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\PrintConfig.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\SynCom.dll => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\SysWOW64\tabctl32.ocx => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\bthenum.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\bthhfenum.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\CFRMD.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\dddriver64Dcsa.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\DellProf.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\dumpsd.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\hidparse.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\iaStorA.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\ibtusb.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\igdkmd64.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\IntcDAud.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\kbdhid.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\netvsc.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\Netwbw02.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\RTKVHD64.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\SET2FB8.tmp => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\SET801F.tmp => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\SmbCo10X64.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\storahci.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\stornvme.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\SynPTPHID_Aux.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\SynRMIHID.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\SynTP.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\usbvideo.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\volmgr.sys => ":$CmdTcID" ADS removed successfully
C:\WINDOWS\system32\Drivers\vpci.sys => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\OneDrive => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity" ADS could not remove.
C:\Users\Radovan Hatala\Desktop\A05_Rapid_OwnersManual.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Desktop\skpjjxen.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Desktop\skpjjxen.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\00UPRAVA_URADNYCH_A.doc => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\13 (1).mp4 => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\13.mp4 => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\3 Vykonavacie pokyny extraliga.doc => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\3064129346.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\adwcleaner_7.4.2.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\adwcleaner_7.4.2.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\avira_en_av_56101be998dc5__ws.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\avira_en_av_56101be998dc5__ws.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\c1b89c5143e916a53d34888d37f4c6a0.jpg => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\ccsetup527.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\ccsetup527.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\contacts.csv => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\csm_setup.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\csm_setup.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\DicomImages.zip => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\DOSBox-0.74-install.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\DOSBox-0.74-install.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\duo.jpg => ":$CmdZnID" ADS removed successfully
"C:\Users\Radovan Hatala\Downloads\FRST64.exe" => ":$CmdTcID" ADS not found.
"C:\Users\Radovan Hatala\Downloads\FRST64.exe" => ":$CmdZnID" ADS not found.
C:\Users\Radovan Hatala\Downloads\FTPManagerLite.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\FTPManagerLite.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\GarminExpressInstaller.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\GarminExpressInstaller.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\hidemyip.exe => ":$CmdZnID" ADS removed successfully
"C:\Users\Radovan Hatala\Downloads\Hra o tr�ny (Game of Thrones) S08E01 - Zimohrad CZdab. (frpli).avi" => ":$CmdTcID" ADS not found.
"C:\Users\Radovan Hatala\Downloads\Hra o tr�ny (Game of Thrones) S08E01 - Zimohrad CZdab. (frpli).avi" => ":$CmdZnID" ADS not found.
C:\Users\Radovan Hatala\Downloads\Jana-Kirschner---Krajina-rovina---2010,-FLAC.rar => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Jana-Kirschner---Krajina-rovina---2010,-FLAC.rar => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\jorga_ukazka.epub => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Juraj_Cervenak_-_Mrtvy_na_Pekelnom_vrchu_(SRo__Radio_Regina__28.11.2012).mp3 => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Juraj_Cervenak_-_Mrtvy_na_Pekelnom_vrchu_(SRo__Radio_Regina__28.11.2012).mp3 => ":$CmdZnID" ADS removed successfully
"C:\Users\Radovan Hatala\Downloads\K� - Strange World.mp3" => ":$CmdZnID" ADS not found.
C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.Return.Of.The.King.2003.720p.BrRip.264.YIFY.mp4 => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.Return.Of.The.King.2003.720p.BrRip.264.YIFY.mp4 => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.The.Fellowship.of.the.Ring.2001.720p.264.YIFY.mp4 => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.The.Fellowship.of.the.Ring.2001.720p.264.YIFY.mp4 => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.The.Two.Towers.2002.720p.BrRip.264.YIFY.mp4 => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Lord.Of.The.Rings.The.Two.Towers.2002.720p.BrRip.264.YIFY.mp4 => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\MPC-HC.1.7.8.x64.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\MPC-HC.1.7.8.x64.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\navrh_na_registraciu.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\op_kredit_karty_fo.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Panzer General.zip => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Pasazier_23.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\RSITx64.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\RSITx64.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\STATISTIKA.xlsx => ":$CmdZnID" ADS removed successfully
"C:\Users\Radovan Hatala\Downloads\stiahnu�" => ":$CmdZnID" ADS not found.
"C:\Users\Radovan Hatala\Downloads\stiahnu� (1)" => ":$CmdZnID" ADS not found.
"C:\Users\Radovan Hatala\Downloads\stiahnu� (2)" => ":$CmdZnID" ADS not found.
"C:\Users\Radovan Hatala\Downloads\stiahnu� (3)" => ":$CmdZnID" ADS not found.
"C:\Users\Radovan Hatala\Downloads\stiahnu� (4)" => ":$CmdZnID" ADS not found.
C:\Users\Radovan Hatala\Downloads\Texas - Ill See it through.mp3 => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Texas - Ill See it through.mp3 => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\TMBAA7NE2F0128408-skoda-plus.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\User Guide-%2801%2CCzech%2CALE-L21%26L23%26L02%29.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\uTorrent.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\uTorrent.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Vasen_ako_liek.epub => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\VID-20170221-WA0002.mp4 => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\VUB_NOVE_OP_KK.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Vzor_ziadosti_o_poskytnutie_dotacie_od_1.10.2012.rtf => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\winamp5666_full_en-us.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\winamp5666_full_en-us.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\winamp58_3660_beta_full_en-us.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\winamp58_3660_beta_full_en-us.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Windscribe.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\Windscribe.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\_AceFile.co_The.Lord.of.the.Rings.The.Fellowship.of.the.Ring.EXTENDED.2001.720p.BrRip-Cinemaindo.mp4 => ":$CmdTcID" ADS removed successfully
C:\Users\Radovan Hatala\Downloads\_AceFile.co_The.Lord.of.the.Rings.The.Fellowship.of.the.Ring.EXTENDED.2001.720p.BrRip-Cinemaindo.mp4 => ":$CmdZnID" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 106089557 B
Java, Flash, Steam htmlcache => 1052 B
Windows/system/drivers => 149517 B
Edge => 1133100 B
Chrome => 546237101 B
Firefox => 1102225011 B
Opera => 194272598 B

Temp, IE cache, history, cookies, recent:
Default => 13784 B
Users => 13784 B
ProgramData => 13784 B
Public => 13784 B
systemprofile => 8143694 B
systemprofile32 => 8143694 B
LocalService => 8157358 B
NetworkService => 8164274 B
Radovan Hatala => 239009729 B

RecycleBin => 0 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:48:28 ====
========= End of CMD: =========


==== End of Fixlog 21:21:30 ====


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 07 lis 2019 15:31 
Offline
Rádce
Rádce

Registrován: 30 pro 2013 22:29
Příspěvky: 3209
Bydliště: Bratislava
Vyzera to, ze fix normalne prebehol.

Ako to vyzera s PC? Su nejake problemy?

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 08 lis 2019 11:44 
Offline
Návštěvník
Návštěvník

Registrován: 20 lis 2009 07:04
Příspěvky: 51
Ani nie. Ale ani predtym som nepocitoval nejake problemy, hoci zda sa, ze som si pustil do PC nejaku haved. Musim este vo svojom volnom case mrknut, ci sa mi pri starte neotvara na pozadi aj nieco co nepotrebujem.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 08 lis 2019 17:12 
Offline
Rádce
Rádce

Registrován: 30 pro 2013 22:29
Příspěvky: 3209
Bydliště: Bratislava
OK, necham to tu zatial otvorene. Ak sa nieco take vyskytne, tak sa ozvi a posli aj nove logy z FRST.

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 19 lis 2019 18:02 
Offline
Návštěvník
Návštěvník

Registrován: 20 lis 2009 07:04
Příspěvky: 51
Vyzerá to v pohode, este som si to konecne precistil CCleanerom a povazujem to za vybavene. Alebo treba este nejaky cistiaci nastroj pouzit?

Ak nie, dakujem za tvoj cas aj trpezlivost a prajem vela zdaru.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivka
PříspěvekNapsal: 19 lis 2019 23:35 
Offline
Rádce
Rádce

Registrován: 30 pro 2013 22:29
Příspěvky: 3209
Bydliště: Bratislava
:arrow: Na upratanie po FRST a pod. nastrojoch mozme pouzit DelFix:

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 29 ]  Přejít na stránku Předchozí  1, 2

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?