Preventivka

Zpráva

toox · #1 Příspěvek od **toox** » 07 bře 2020 18:10

Poprosím o kontrolu logu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-03-2020
Ran by YMER (administrator) on DESKTOP-00MKO9B (Gigabyte Technology Co., Ltd. P55-UD3L) (07-03-2020 18:07:07)
Running from E:\YMER\Downloads
Loaded Profiles: YMER (Available Profiles: YMER)
Platform: Windows 10 Education Version 1803 17134.1304 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-11-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Viber] => E:\YMER\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\Installer\chrmstp.exe [2020-03-04] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\Users\YMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gopher.exe [2020-01-07] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1AC345DB-4580-4478-AC2F-20113B9AFBCB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3ACCC9F8-B9D3-4120-8B9D-9AEA1940A74A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {6EAE5442-49D6-41F6-8F87-A251ED86DAC6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {71D05E32-FE43-454E-8CF0-C6884B323213} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {72269900-38AC-424A-A4C5-D240FD6A71F0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {79D688C3-C226-4A6E-9C5A-82BB92E210C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {A31E0422-AE8C-4A3E-8D0E-3C2E147358E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA275E91-D49A-4015-8201-246518447F57} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5318B31-18A1-4F38-AF07-8F74D3A4D27D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
Task: {C89295E8-F664-442D-80AA-3C5F8A72E973} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {D2F5328E-928F-4E4B-8492-37FE09C691CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {E7ED9A13-937A-4202-A57F-B8FBD2DF0BE4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E884A262-B17B-4797-870F-273D05121EF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBD9B64B-B57D-4380-852D-5A60FC817FEF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE287196-5399-4B11-B186-3251014985CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {FA211A20-E0C1-4156-8016-4AF3CC92CCF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{befebb7f-74f7-44af-93c9-456282bae772}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: orxdtu8e.default-1544966886308
FF ProfilePath: C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 [2020-03-07]
FF Notifications: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> hxxps://badoo.com
FF NewTabOverride: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> Enabled: gdrivepanel@alejandrobrizuela.com.ar
FF Extension: (Pinned Google Drive) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2020-03-04]
FF Extension: (Double-click Image Downloader) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\jid1-xgtdawe3yyUeBQ@jetpack.xpi [2020-02-08]
FF Extension: (Blue Mozilla Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{250785ec-4aec-42b6-823f-05343d80e109}.xpi [2019-06-04]
FF Extension: (have a fox dream) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{3f1aff6b-0363-410f-b81b-9a286ffb4b10}.xpi [2019-05-13]
FF Extension: (Beach) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7668c7ca-266d-42af-8bb0-fff91d127aaf}.xpi [2019-05-14]
FF Extension: (YouTube High Definition) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2019-07-10]
FF Extension: (Mozilla: Firefox OS) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2019-07-12]
FF Extension: (esafox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-06-02]
FF Extension: (Complete Black Theme for Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{c161a71c-fb42-4608-b001-5634b3f59a8b}.xpi [2019-06-04]
FF Extension: (No Name) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-17] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-17] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-01]
CHR Notifications: Profile 1 -> hxxps://andalbrighth.pro
CHR Extension: (Prezentace) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-10]
CHR Extension: (Dokumenty) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-12]
CHR Extension: (Disk Google) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (YouTube) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-12]
CHR Extension: (Tabulky) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02]
CHR Extension: (Gmail) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57536 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; E:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
S3 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (ManyCam -> Visicom Media Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5098408 2020-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\Windows\System32\OpenSSH\sshd.exe [970240 2018-05-20] (Microsoft Windows -> )
S3 SshdBroker; C:\Windows\System32\SshdBroker.dll [285696 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658600 2018-12-06] (Lespeed Technology Ltd. -> WiseCleaner.com)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [118088 2019-04-20] (Alcorlink Corp. -> )
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2018-07-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2018-05-24] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-11-07] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-07-27] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-24] (Martin Malik - REALiX -> REALiX(tm))
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2020-02-19] (Malwarebytes Corporation -> Malwarebytes)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2018-10-01] (NewSoftwares.net Inc. SDN. BHD. -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2019-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1138136 2019-04-20] (Realtek Semiconductor Corp. -> Realtek )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [56840 2019-04-20] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2020-02-09] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [51272 2020-02-11] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-26 22:29 - 2020-02-25 22:21 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-02-25 22:21 - 2020-02-25 22:21 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-02-25 22:21 - 2020-02-25 22:21 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-02-12 15:18 - 2020-02-19 17:14 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-02-12 14:45 - 2020-02-05 13:34 - 004527584 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-02-12 14:45 - 2020-02-05 13:33 - 021412488 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-02-12 14:45 - 2020-02-05 08:21 - 007519896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-02-12 14:45 - 2020-02-05 08:19 - 006570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-12 14:45 - 2020-02-05 08:04 - 025854976 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-02-12 14:45 - 2020-02-05 08:03 - 019393536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-02-12 14:45 - 2020-02-05 08:00 - 022745088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-02-12 14:45 - 2020-02-05 07:57 - 004516864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-02-12 14:45 - 2020-02-05 07:54 - 001932288 _____ (Microsoft Corporation) C:\Windows\system32\edgeangle.dll
2020-02-12 14:45 - 2020-02-05 07:54 - 000972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2020-02-12 14:45 - 2020-02-05 07:52 - 004938240 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-02-12 14:45 - 2020-01-07 10:24 - 000941056 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2020-02-12 14:45 - 2020-01-07 09:16 - 000863744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2020-02-12 14:45 - 2020-01-07 05:11 - 000797984 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-02-12 14:45 - 2020-01-07 05:11 - 000266040 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-02-12 14:45 - 2020-01-07 04:40 - 000860160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2020-02-12 14:45 - 2020-01-07 04:39 - 002789376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2020-02-12 14:45 - 2020-01-07 04:34 - 003348992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2020-02-12 14:45 - 2020-01-07 04:34 - 000933888 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2020-02-12 14:44 - 2020-02-05 13:42 - 000506088 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2020-02-12 14:44 - 2020-02-05 13:39 - 000094224 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2020-02-12 14:44 - 2020-02-05 13:34 - 001639864 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-02-12 14:44 - 2020-02-05 13:34 - 001617360 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-02-12 14:44 - 2020-02-05 13:32 - 001047352 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2020-02-12 14:44 - 2020-02-05 13:20 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-02-12 14:44 - 2020-02-05 13:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2020-02-12 14:44 - 2020-02-05 13:18 - 012879872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-02-12 14:44 - 2020-02-05 13:18 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2020-02-12 14:44 - 2020-02-05 13:18 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-02-12 14:44 - 2020-02-05 13:17 - 008629760 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-02-12 14:44 - 2020-02-05 13:17 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe
2020-02-12 14:44 - 2020-02-05 13:16 - 001030144 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2020-02-12 14:44 - 2020-02-05 13:16 - 000810496 _____ C:\Windows\system32\MBR2GPT.EXE
2020-02-12 14:44 - 2020-02-05 13:16 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2020-02-12 14:44 - 2020-02-05 13:16 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2020-02-12 14:44 - 2020-02-05 13:16 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2020-02-12 14:44 - 2020-02-05 13:16 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2020-02-12 14:44 - 2020-02-05 13:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2020-02-12 14:44 - 2020-02-05 13:15 - 002019840 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 001609728 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 001194496 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 000482304 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-02-12 14:44 - 2020-02-05 13:15 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-02-12 14:44 - 2020-02-05 13:14 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-02-12 14:44 - 2020-02-05 13:14 - 000957440 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-02-12 14:44 - 2020-02-05 13:14 - 000489472 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2020-02-12 14:44 - 2020-02-05 13:14 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-02-12 14:44 - 2020-02-05 13:13 - 004054016 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-02-12 14:44 - 2020-02-05 13:13 - 003613696 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-02-12 14:44 - 2020-02-05 13:13 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2020-02-12 14:44 - 2020-02-05 13:13 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-02-12 14:44 - 2020-02-05 13:13 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-02-12 14:44 - 2020-02-05 13:12 - 001290240 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-02-12 14:44 - 2020-02-05 13:12 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2020-02-12 14:44 - 2020-02-05 13:12 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2020-02-12 14:44 - 2020-02-05 13:12 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2020-02-12 14:44 - 2020-02-05 13:11 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
2020-02-12 14:44 - 2020-02-05 13:11 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-02-12 14:44 - 2020-02-05 12:07 - 001628488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-02-12 14:44 - 2020-02-05 12:06 - 020402192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-02-12 14:44 - 2020-02-05 12:02 - 000917816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2020-02-12 14:44 - 2020-02-05 11:54 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-02-12 14:44 - 2020-02-05 11:53 - 000131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-02-12 14:44 - 2020-02-05 11:52 - 012075520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-02-12 14:44 - 2020-02-05 11:51 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2020-02-12 14:44 - 2020-02-05 11:50 - 007992832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-02-12 14:44 - 2020-02-05 11:49 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2020-02-12 14:44 - 2020-02-05 11:49 - 000176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2020-02-12 14:44 - 2020-02-05 11:48 - 002881536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-02-12 14:44 - 2020-02-05 11:48 - 000901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-02-12 14:44 - 2020-02-05 11:48 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-02-12 14:44 - 2020-02-05 11:48 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2020-02-12 14:44 - 2020-02-05 11:48 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2020-02-12 14:44 - 2020-02-05 11:47 - 004053504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-02-12 14:44 - 2020-02-05 08:42 - 003180080 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2020-02-12 14:44 - 2020-02-05 08:42 - 001613096 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2020-02-12 14:44 - 2020-02-05 08:41 - 001299168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2020-02-12 14:44 - 2020-02-05 08:40 - 002417952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2020-02-12 14:44 - 2020-02-05 08:25 - 001213264 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-02-12 14:44 - 2020-02-05 08:25 - 001035040 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 005627792 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2020-02-12 14:44 - 2020-02-05 08:23 - 001224504 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 001027384 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 000722744 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2020-02-12 14:44 - 2020-02-05 08:23 - 000568104 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 000527376 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 000491208 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-02-12 14:44 - 2020-02-05 08:23 - 000405816 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 000324928 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-02-12 14:44 - 2020-02-05 08:23 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-02-12 14:44 - 2020-02-05 08:22 - 000777304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-02-12 14:44 - 2020-02-05 08:22 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2020-02-12 14:44 - 2020-02-05 08:22 - 000441072 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2020-02-12 14:44 - 2020-02-05 08:22 - 000248880 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-02-12 14:44 - 2020-02-05 08:22 - 000210448 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-02-12 14:44 - 2020-02-05 08:22 - 000159656 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 009081656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 007447904 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 004404720 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 002811192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 002371296 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001943128 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001934808 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001780352 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001459120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-02-12 14:44 - 2020-02-05 08:21 - 001285432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 001260776 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 001209696 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001141504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-02-12 14:44 - 2020-02-05 08:21 - 001098064 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001032968 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000983936 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 000930616 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 000791352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 000694184 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000605496 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 000594032 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 000550520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000413720 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 000383288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 000335672 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000260800 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-02-12 14:44 - 2020-02-05 08:20 - 000665736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-02-12 14:44 - 2020-02-05 08:20 - 000435512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2020-02-12 14:44 - 2020-02-05 08:20 - 000385784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2020-02-12 14:44 - 2020-02-05 08:20 - 000192312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-02-12 14:44 - 2020-02-05 08:20 - 000146712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2020-02-12 14:44 - 2020-02-05 08:19 - 006054320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 004790184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001620472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001379280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001130568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 000829752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2020-02-12 14:44 - 2020-02-05 08:19 - 000607544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 000538704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 000385816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 000129296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2020-02-12 14:44 - 2020-02-05 08:11 - 022016512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-02-12 14:44 - 2020-02-05 08:02 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2020-02-12 14:44 - 2020-02-05 08:02 - 002700800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-02-12 14:44 - 2020-02-05 08:01 - 005883904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2020-02-12 14:44 - 2020-02-05 08:01 - 002969600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2020-02-12 14:44 - 2020-02-05 08:00 - 003687936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-02-12 14:44 - 2020-02-05 08:00 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2020-02-12 14:44 - 2020-02-05 08:00 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2020-02-12 14:44 - 2020-02-05 08:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Websocket.dll
2020-02-12 14:44 - 2020-02-05 08:00 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 009084928 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 007057920 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 005770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 004710400 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 002258432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 001540096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 004382720 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 003403264 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 001862656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 001236480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 000185856 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2020-02-12 14:44 - 2020-02-05 07:57 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Websocket.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 003392512 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 001076736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000859136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-02-12 14:44 - 2020-02-05 07:56 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\NmaDirect.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-02-12 14:44 - 2020-02-05 07:56 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 006031360 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 004849664 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 001765888 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000705024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-02-12 14:44 - 2020-02-05 07:55 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 007572992 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 003381248 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 003093504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 002929152 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 002825728 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 001218048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 000808960 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 002922496 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 002739200 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 002179584 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 001563648 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 001023488 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2020-02-12 14:44 - 2020-02-05 07:52 - 002379264 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2020-02-12 14:44 - 2020-02-05 07:52 - 002161152 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-02-12 14:44 - 2020-02-05 07:52 - 001264640 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2020-02-12 14:44 - 2020-02-05 07:52 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2020-02-12 14:44 - 2020-02-05 07:52 - 001059840 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-02-12 14:44 - 2020-02-05 07:52 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 001724928 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 001421312 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 001084928 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000910848 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000896000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000884224 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000776704 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000637440 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-02-12 14:44 - 2020-02-05 07:51 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-02-12 14:44 - 2020-02-05 06:31 - 000001314 _____ C:\Windows\system32\tcbres.wim
2020-02-12 14:44 - 2020-01-07 11:06 - 001726480 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-02-12 14:44 - 2020-01-07 11:05 - 000747528 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-02-12 14:44 - 2020-01-07 11:05 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-02-12 14:44 - 2020-01-07 11:05 - 000465424 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-02-12 14:44 - 2020-01-07 11:05 - 000324624 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-02-12 14:44 - 2020-01-07 10:55 - 002386744 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-02-12 14:44 - 2020-01-07 10:55 - 000827704 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2020-02-12 14:44 - 2020-01-07 10:55 - 000128312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppVStrm.sys
2020-02-12 14:44 - 2020-01-07 10:53 - 004103224 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-02-12 14:44 - 2020-01-07 10:52 - 000349424 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-02-12 14:44 - 2020-01-07 10:52 - 000288872 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2020-02-12 14:44 - 2020-01-07 10:47 - 001517176 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-02-12 14:44 - 2020-01-07 10:47 - 000790928 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-02-12 14:44 - 2020-01-07 10:47 - 000396304 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-02-12 14:44 - 2020-01-07 10:30 - 006603776 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-02-12 14:44 - 2020-01-07 10:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-02-12 14:44 - 2020-01-07 10:29 - 000914944 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthSSO.dll
2020-02-12 14:44 - 2020-01-07 10:29 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\RDSPnf.exe
2020-02-12 14:44 - 2020-01-07 10:28 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-02-12 14:44 - 2020-01-07 10:28 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2020-02-12 14:44 - 2020-01-07 10:28 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\rasphone.exe
2020-02-12 14:44 - 2020-01-07 10:26 - 002204672 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2020-02-12 14:44 - 2020-01-07 10:26 - 001210368 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2020-02-12 14:44 - 2020-01-07 10:26 - 001189888 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
2020-02-12 14:44 - 2020-01-07 10:26 - 001187328 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2020-02-12 14:44 - 2020-01-07 10:26 - 000947200 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2020-02-12 14:44 - 2020-01-07 10:26 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2020-02-12 14:44 - 2020-01-07 10:25 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2020-02-12 14:44 - 2020-01-07 10:25 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2020-02-12 14:44 - 2020-01-07 10:24 - 001535488 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2020-02-12 14:44 - 2020-01-07 10:24 - 001262592 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-02-12 14:44 - 2020-01-07 09:53 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll
2020-02-12 14:44 - 2020-01-07 09:38 - 001627448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-02-12 14:44 - 2020-01-07 09:36 - 000256160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2020-02-12 14:44 - 2020-01-07 09:33 - 001320336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-02-12 14:44 - 2020-01-07 09:33 - 000662840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-02-12 14:44 - 2020-01-07 09:33 - 000322576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2020-02-12 14:44 - 2020-01-07 09:31 - 003755408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-02-12 14:44 - 2020-01-07 09:21 - 005670400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-02-12 14:44 - 2020-01-07 09:21 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-02-12 14:44 - 2020-01-07 09:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2020-02-12 14:44 - 2020-01-07 09:18 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasphone.exe
2020-02-12 14:44 - 2020-01-07 09:17 - 001189376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2020-02-12 14:44 - 2020-01-07 09:17 - 000159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2020-02-12 14:44 - 2020-01-07 09:15 - 000855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2020-02-12 14:44 - 2020-01-07 05:18 - 000376848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-02-12 14:44 - 2020-01-07 05:11 - 000094008 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 002773088 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 002711352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-02-12 14:44 - 2020-01-07 05:08 - 002421768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-02-12 14:44 - 2020-01-07 05:08 - 001030672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-02-12 14:44 - 2020-01-07 05:08 - 000722744 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 000713480 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 000243760 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 000051400 _____ (Microsoft Corporation) C:\Windows\system32\svchost.exe
2020-02-12 14:44 - 2020-01-07 05:07 - 000466744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-02-12 14:44 - 2020-01-07 05:01 - 002261448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-02-12 14:44 - 2020-01-07 05:01 - 000186120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-02-12 14:44 - 2020-01-07 05:01 - 000044632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2020-02-12 14:44 - 2020-01-07 05:00 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2020-02-12 14:44 - 2020-01-07 04:42 - 003553792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2020-02-12 14:44 - 2020-01-07 04:41 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-02-12 14:44 - 2020-01-07 04:41 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_BackgroundApps.dll
2020-02-12 14:44 - 2020-01-07 04:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2020-02-12 14:44 - 2020-01-07 04:40 - 000384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2020-02-12 14:44 - 2020-01-07 04:39 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\DdcAntiTheftApi.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 001655296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmsipc.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 001644032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000537088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-02-12 14:44 - 2020-01-07 04:38 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Geolocation.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2020-02-12 14:44 - 2020-01-07 04:37 - 004771328 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2020-02-12 14:44 - 2020-01-07 04:37 - 000369152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-02-12 14:44 - 2020-01-07 04:37 - 000318976 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2020-02-12 14:44 - 2020-01-07 04:37 - 000272896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2020-02-12 14:44 - 2020-01-07 04:37 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2020-02-12 14:44 - 2020-01-07 04:36 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-02-12 14:44 - 2020-01-07 04:36 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\winipcfile.dll
2020-02-12 14:44 - 2020-01-07 04:35 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-02-12 14:44 - 2020-01-07 04:35 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2020-02-12 14:44 - 2020-01-07 04:35 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2020-02-12 14:44 - 2020-01-07 04:34 - 000863744 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2020-02-12 14:44 - 2020-01-07 04:34 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 002328064 _____ (Microsoft Corporation) C:\Windows\system32\winmsipc.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 001821184 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 001458688 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 001419776 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 001222656 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000882176 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000506368 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-02-12 14:44 - 2019-08-07 09:08 - 000710232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-02-12 14:44 - 2019-08-07 09:08 - 000170296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-02-11 16:16 - 2020-02-19 16:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-02-11 15:16 - 2020-02-11 15:16 - 000051272 _____ (WiseCleaner.com) C:\Windows\WiseRegNotify.sys
2020-02-11 14:59 - 2020-02-12 15:12 - 001726528 _____ C:\Windows\system32\FNTCACHE.DAT
2020-02-09 00:15 - 2020-02-09 00:15 - 000033864 _____ (wisecleaner.com) C:\Windows\WiseHDInfo64.dll
2020-02-09 00:13 - 2020-02-19 20:42 - 000000000 ____D C:\Users\YMER\AppData\Roaming\Wise Care 365
2020-02-09 00:13 - 2020-02-09 00:13 - 000001232 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2020-02-09 00:13 - 2020-02-09 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2020-02-09 00:13 - 2020-02-09 00:13 - 000000000 ____D C:\Program Files (x86)\Wise

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-07 18:07 - 2018-12-16 14:50 - 000000000 ____D C:\FRST
2020-03-07 18:07 - 2018-05-12 17:42 - 000000000 ____D C:\Users\YMER\AppData\LocalLow\Mozilla
2020-03-07 17:53 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-07 17:19 - 2018-05-12 17:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-06 15:00 - 2018-05-12 17:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-03-06 14:44 - 2018-05-12 17:24 - 001689054 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-06 14:44 - 2018-04-12 16:51 - 000715202 _____ C:\Windows\system32\perfh005.dat
2020-03-06 14:44 - 2018-04-12 16:51 - 000144496 _____ C:\Windows\system32\perfc005.dat
2020-03-06 14:44 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2020-03-06 14:40 - 2018-05-12 17:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-05 21:31 - 2020-02-05 22:44 - 000003402 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-05 21:31 - 2020-02-05 22:44 - 000003178 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-05 21:31 - 2019-10-26 17:51 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-03-05 21:31 - 2019-10-26 17:51 - 000002236 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-03-05 21:31 - 2018-05-13 08:14 - 000002896 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-03-05 21:31 - 2018-05-13 08:14 - 000002444 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-03-05 21:31 - 2018-05-13 08:14 - 000002392 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-03-05 21:31 - 2018-05-13 08:14 - 000002388 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-03-05 21:31 - 2018-05-13 08:14 - 000002374 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-03-05 21:31 - 2018-05-13 08:14 - 000002370 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-03-05 21:31 - 2018-05-12 22:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-03-05 21:31 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI
2020-03-04 14:32 - 2018-05-14 19:38 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-04 14:32 - 2018-05-14 19:38 - 000002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-03 15:53 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2020-03-03 14:36 - 2018-07-19 14:53 - 000000000 ____D C:\Users\YMER\AppData\Local\AVAST Software
2020-02-28 09:46 - 2018-05-12 22:26 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-02-28 09:46 - 2018-05-12 22:26 - 000002079 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-02-26 22:29 - 2018-05-12 22:25 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-02-26 22:29 - 2018-04-12 00:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-02-25 22:21 - 2019-02-22 15:45 - 000279360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2020-02-25 22:21 - 2019-01-14 22:51 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-02-25 22:21 - 2019-01-08 16:06 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-02-25 22:21 - 2019-01-08 16:06 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-02-25 22:21 - 2019-01-08 16:06 - 000037864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-02-25 22:21 - 2018-10-24 07:46 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-02-25 22:21 - 2018-07-18 14:10 - 000016304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-02-21 07:11 - 2020-01-19 17:26 - 000000000 _____ C:\end
2020-02-19 16:53 - 2018-06-14 06:31 - 000000000 ____D C:\Users\YMER\AppData\Local\CrashDumps
2020-02-19 16:49 - 2018-12-16 14:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-02-19 16:47 - 2018-12-16 12:56 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-02-12 15:13 - 2018-05-12 17:21 - 000000000 __RHD C:\Users\YMER\3D Objects
2020-02-12 15:13 - 2018-05-12 17:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-12 15:12 - 2018-05-12 17:21 - 000000000 ____D C:\Users\YMER
2020-02-12 15:10 - 2018-04-12 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\TextInput
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\oobe
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\oobe
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\ShellExperiences
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\ShellComponents
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\bcastdvr
2020-02-12 15:10 - 2018-04-11 22:04 - 000000000 ____D C:\Windows\system32\Dism
2020-02-12 15:10 - 2018-04-11 22:04 - 000000000 ____D C:\Windows\servicing
2020-02-12 14:50 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2020-02-12 14:43 - 2018-05-12 21:26 - 000000000 ____D C:\Windows\system32\MRT
2020-02-12 14:43 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2020-02-12 14:40 - 2018-05-12 21:25 - 120407888 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-02-09 00:14 - 2019-06-23 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2020-02-09 00:14 - 2018-05-12 18:15 - 000000000 ____D C:\Windows\Panther
2020-02-09 00:14 - 2018-04-12 00:38 - 000000000 ___SD C:\Windows\Downloaded Program Files

==================== Files in the root of some directories ========

2019-10-20 21:15 - 2019-10-20 21:15 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
2018-05-28 22:58 - 2019-04-28 00:06 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2019-03-30 22:49 - 2019-03-30 22:53 - 000002971 _____ () C:\Users\YMER\AppData\Roaming\downloads.json
2018-11-05 15:33 - 2018-11-05 15:33 - 000001013 _____ () C:\Users\YMER\AppData\Roaming\pictur.jpeg
2019-12-25 16:33 - 2019-12-25 16:33 - 000000001 _____ () C:\Users\YMER\AppData\Local\llftool.4.40.agreement
2018-05-12 19:18 - 2018-05-12 19:18 - 000000017 _____ () C:\Users\YMER\AppData\Local\resmon.resmoncfg
2018-10-01 07:44 - 2019-02-25 06:14 - 000000700 ___SH () C:\Users\YMER\AppData\Local\systemFL7.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2020
Ran by YMER (07-03-2020 18:08:29)
Running from E:\YMER\Downloads
Windows 10 Education Version 1803 17134.1304 (X64) (2018-05-12 16:18:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-169180647-2445698039-3035944160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169180647-2445698039-3035944160-503 - Limited - Disabled)
Guest (S-1-5-21-169180647-2445698039-3035944160-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-169180647-2445698039-3035944160-504 - Limited - Disabled)
YMER (S-1-5-21-169180647-2445698039-3035944160-1001 - Administrator - Enabled) => C:\Users\YMER

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Age of Empires: Definitive Edition [FULL REMOVAL] (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\{1F36588A-148D-4BED-AD83-12C63E1F780E}_is1) (Version: 1.3.5101.2 - Microsoft Studios)
Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Syndicate (HKLM-x32\...\Assassins Creed - Syndicate_is1) (Version: 1.12.0.0 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Batman Arkham Knight (HKLM-x32\...\Batman Arkham Knight_is1) (Version: 1.0.4.5 - Релиз от R.G. Steamgames)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Divinity: Original Sin Enhanced Edition (2.0.119.430_(hotfix)) (HKLM-x32\...\1445516929_is1) (Version: 0.1.1.310 - GOG.com)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.3.1 - Hotger)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.50.5313 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Icecream Screen Recorder verze 5.30 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.30 - Icecream Apps)
Intel(R) Update Manager (HKLM-x32\...\{AA8BC571-E96E-4478-927F-CB44CC7D7D07}) (Version: 3.5.2247 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.5.2.400 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - )
Mozilla Firefox 73.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 73.0.1 (x64 cs)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Offroad Racing Buggy X ATV X Moto (HKLM-x32\...\Offroad Racing Buggy X ATV X Moto_is1) (Version: - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer)
Ulož.to FileManager 2.77 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.77 - Uloz.to cloud a.s.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{F7773180-1A27-11E7-864D-C2A106E0D44C}) (Version: 14.0.252 - VEGAS)
WebM Project Directshow Filters (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows KMS Activator Ultimate 2019 4.5 (HKLM\...\Windows KMS Activator Ultimate 2019 4.5_is1) (Version: 4.5 - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 18.3.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.3.1 - WinTools Software Engineering, Ltd.)
Wise Care 365 5.4.7 (HKLM-x32\...\Wise Care 365_is1) (Version: 5.4.7 - WiseCleaner.com, Inc.)
Wolfenstein The Old Blood (HKLM-x32\...\{1A6EABD2-7063-4879-909C-D2C567DE5AB9}) (Version: 1.0.0 - Bethesda)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.2.173.0_x64__rz1tebttyb220 [2018-05-12] (Dolby Laboratories)
EdgeDevtoolsPlugin -> C:\Windows\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2018-09-08] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_30.1604.3938.0_x86__8xx8rvfyw5nnt [2018-07-05] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x86__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
MPEG2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.6.0_x64__8wekyb3d8bbwe [2018-08-21] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.24.11294.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21295.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 [2019-08-25] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2019-07-29 22:49 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\YMER\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrace produktu.lnk"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Gopher.exe"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "WinFLTray"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "FLBackup"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1E74BCD0-1DDC-4A02-94C0-248432757734}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{81E73763-65A6-4728-90D2-FA284683CB41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{FB600992-DB5B-4089-B1D1-F5E3B5628ECF}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{09799398-045D-4372-90AF-B687258EF541}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{E0E98292-19D0-4908-A1E6-85D174BD5CB8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E8724A30-F49C-4523-B27F-C5EE2DB8D87C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8BE7BDBE-961F-424F-B862-D02B04DD896B}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{BDBE58D0-9D03-4302-9205-CA498D8F30D4}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{075EFF2E-0864-4F96-9260-4D494470675E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0571D62C-24D6-415C-AE9D-434F041AB26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7AC80EB-9BEE-4AC6-B595-10C35778C6DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CA790C4-1511-4D12-B644-39EF1FA6CBC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2FF1CA7F-544A-48E2-84A3-BD453E05EA30}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D377EB3B-A0D9-44DC-8B5D-05AD8B64A629}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{1B473C89-987B-4CFC-8FAE-CC37A37E156D}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{E3D70879-BE59-4DA1-A415-00AA1111EFAD}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [{37BDB13B-2DD9-4B63-9A53-E7272750605E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C7452D39-903B-4898-83D7-9397CD15AF59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E173D714-A66D-408E-923D-6FA2841C2FCC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{872ECFA6-2368-46F3-95DA-6CAC8A5102AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FD978F39-CB2D-4BAA-8E9A-4262DA6F4825}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7D383B14-0B8A-49B4-AD08-521E3C8B872F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{820311FB-A5B6-4329-9C95-20EC0DEA16FF}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{F41A292A-E85A-4AD1-8E1F-D78A9C2ECD98}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [{39E80BF1-4733-4485-A038-0F1DD1DF5314}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [{E196FD93-EE7C-4EF2-A720-2A99FC0293F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{363EA2AB-78B6-4B2C-8BA8-2B1915AAFBB6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41A1BE93-094D-4E80-A035-2F89D3402052}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6D18CC0C-5ED6-4901-B80D-D2BB7CC001FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C4A022D-7C45-49B2-BD73-B1EB8A35C48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5C22394B-F3DB-49D9-A2E4-04D404A05E94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{58EB516F-F9AF-4ED8-A1EC-F2B3EA05EF7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{57D440A8-43C7-407C-80D6-25E05E5168A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{192F9CFB-72A4-43C4-83F8-9BE7CCE9D8AC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{543F9592-C384-4683-991F-DB3ADAF53075}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BFFF315B-2860-445E-8092-B7BA3603E414}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{3507F5D6-FF1A-471D-BB6B-678274798063}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{8983D30F-A5E6-42B7-ADA3-4714015F7458}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{EF84E1E3-0739-4BDE-8FB0-7ECC94D9B749}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{C87DF872-D725-40CC-B55A-09B28222F230}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-02-2020 14:40:37 Windows Update
21-02-2020 06:40:03 Naplánovaný kontrolní bod
01-03-2020 20:46:16 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/07/2020 05:19:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/07/2020 05:19:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=TimerEvent

Error: (03/07/2020 05:19:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (03/06/2020 02:42:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (03/06/2020 02:41:05 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007139F
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/05/2020 07:28:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/05/2020 07:28:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=TimerEvent

Error: (03/05/2020 07:28:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=6

System errors:
=============
Error: (03/07/2020 05:19:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/06/2020 02:42:34 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/05/2020 09:31:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_4658158 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (03/05/2020 07:28:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2020 02:31:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2020 06:03:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_2c28587 byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (03/03/2020 06:02:04 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Uživatelská služba nabízených oznámení Windows_2c28587, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (03/03/2020 06:01:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_2c28587 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Windows Defender:
===================================
Date: 2018-08-12 13:53:08.881
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C31CD767-0A7D-481B-BC3E-6EA8999EB489}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-28 02:49:36.526
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {40FD5BC1-3BE3-45B2-91AE-87528C0A660B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-00MKO9B\YMER

Date: 2018-07-27 20:42:31.127
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:57.974
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:43.866
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

CodeIntegrity:
===================================

Date: 2020-03-01 19:32:24.179
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-01 19:32:24.159
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-01 19:32:23.648
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-01 19:32:23.609
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-01 19:32:23.044
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-01 19:32:23.032
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-01 19:32:22.904
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-01 19:32:22.690
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. FI 11/01/2010
Motherboard: Gigabyte Technology Co., Ltd. P55-UD3L
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 37%
Total physical RAM: 8183.49 MB
Available physical RAM: 5078.22 MB
Total Virtual: 9463.49 MB
Available Virtual: 5885.38 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:223.58 GB) (Free:51.16 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (HDD) (Fixed) (Total:931.41 GB) (Free:272.1 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0201E900)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7F2C3E95)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#2 Příspěvek od **Diallix** » 09 bře 2020 09:29

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

toox · #3 Příspěvek od **toox** » 09 bře 2020 14:08

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-09-2020
# Duration: 00:00:00
# OS: Windows 10 Education
# Cleaned: 2
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1268 octets] - [16/12/2018 18:29:21]
AdwCleaner[C00].txt - [1434 octets] - [16/12/2018 18:29:32]
AdwCleaner[S01].txt - [1390 octets] - [03/03/2019 19:59:53]
AdwCleaner[C01].txt - [1556 octets] - [03/03/2019 20:00:08]
AdwCleaner[S02].txt - [2116 octets] - [29/07/2019 23:01:26]
AdwCleaner[C02].txt - [2154 octets] - [29/07/2019 23:01:52]
AdwCleaner[S03].txt - [1710 octets] - [10/01/2020 08:09:11]
AdwCleaner[C03].txt - [1878 octets] - [10/01/2020 08:09:45]
AdwCleaner[S04].txt - [2001 octets] - [09/03/2020 14:05:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

#4 Příspěvek od **Diallix** » 10 bře 2020 06:40

Poprosim o nove logy z FRST a ADDTION

toox · #5 Příspěvek od **toox** » 10 bře 2020 15:43

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020
Ran by YMER (administrator) on DESKTOP-00MKO9B (Gigabyte Technology Co., Ltd. P55-UD3L) (10-03-2020 15:40:56)
Running from E:\YMER\Downloads
Loaded Profiles: YMER (Available Profiles: YMER)
Platform: Windows 10 Education Version 1803 17134.1304 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-11-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Viber] => E:\YMER\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\Installer\chrmstp.exe [2020-03-04] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\Users\YMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gopher.exe [2020-01-07] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1AC345DB-4580-4478-AC2F-20113B9AFBCB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3ACCC9F8-B9D3-4120-8B9D-9AEA1940A74A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {71D05E32-FE43-454E-8CF0-C6884B323213} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {72269900-38AC-424A-A4C5-D240FD6A71F0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {79D688C3-C226-4A6E-9C5A-82BB92E210C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {A31E0422-AE8C-4A3E-8D0E-3C2E147358E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA275E91-D49A-4015-8201-246518447F57} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5318B31-18A1-4F38-AF07-8F74D3A4D27D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
Task: {E7ED9A13-937A-4202-A57F-B8FBD2DF0BE4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E884A262-B17B-4797-870F-273D05121EF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBD9B64B-B57D-4380-852D-5A60FC817FEF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE287196-5399-4B11-B186-3251014985CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {FA211A20-E0C1-4156-8016-4AF3CC92CCF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{befebb7f-74f7-44af-93c9-456282bae772}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-169180647-2445698039-3035944160-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: orxdtu8e.default-1544966886308
FF ProfilePath: C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 [2020-03-10]
FF Notifications: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> hxxps://badoo.com
FF NewTabOverride: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> Enabled: gdrivepanel@alejandrobrizuela.com.ar
FF Extension: (Pinned Google Drive) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2020-03-04]
FF Extension: (Double-click Image Downloader) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\jid1-xgtdawe3yyUeBQ@jetpack.xpi [2020-02-08]
FF Extension: (Blue Mozilla Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{250785ec-4aec-42b6-823f-05343d80e109}.xpi [2019-06-04]
FF Extension: (have a fox dream) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{3f1aff6b-0363-410f-b81b-9a286ffb4b10}.xpi [2019-05-13]
FF Extension: (Beach) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7668c7ca-266d-42af-8bb0-fff91d127aaf}.xpi [2019-05-14]
FF Extension: (YouTube High Definition) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2019-07-10]
FF Extension: (Mozilla: Firefox OS) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2019-07-12]
FF Extension: (esafox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-06-02]
FF Extension: (Complete Black Theme for Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{c161a71c-fb42-4608-b001-5634b3f59a8b}.xpi [2019-06-04]
FF Extension: (No Name) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-17] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-17] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-09]
CHR Extension: (Prezentace) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-10]
CHR Extension: (Dokumenty) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-12]
CHR Extension: (Disk Google) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (YouTube) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-12]
CHR Extension: (Tabulky) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02]
CHR Extension: (Gmail) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57536 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; E:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
S3 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (ManyCam -> Visicom Media Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5098408 2020-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\Windows\System32\OpenSSH\sshd.exe [970240 2018-05-20] (Microsoft Windows -> )
S3 SshdBroker; C:\Windows\System32\SshdBroker.dll [285696 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658600 2018-12-06] (Lespeed Technology Ltd. -> WiseCleaner.com)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [118088 2019-04-20] (Alcorlink Corp. -> )
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2018-07-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2018-05-24] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-11-07] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-07-27] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-24] (Martin Malik - REALiX -> REALiX(tm))
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2020-02-19] (Malwarebytes Corporation -> Malwarebytes)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2018-10-01] (NewSoftwares.net Inc. SDN. BHD. -> )
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2019-04-20] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1138136 2019-04-20] (Realtek Semiconductor Corp. -> Realtek )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [56840 2019-04-20] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2020-02-09] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [51272 2020-02-11] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-26 22:29 - 2020-02-25 22:21 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-02-25 22:21 - 2020-02-25 22:21 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-02-25 22:21 - 2020-02-25 22:21 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-02-12 15:18 - 2020-02-19 17:14 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-02-12 14:45 - 2020-02-05 13:34 - 004527584 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-02-12 14:45 - 2020-02-05 13:33 - 021412488 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-02-12 14:45 - 2020-02-05 08:21 - 007519896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-02-12 14:45 - 2020-02-05 08:19 - 006570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-12 14:45 - 2020-02-05 08:04 - 025854976 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-02-12 14:45 - 2020-02-05 08:03 - 019393536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-02-12 14:45 - 2020-02-05 08:00 - 022745088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-02-12 14:45 - 2020-02-05 07:57 - 004516864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-02-12 14:45 - 2020-02-05 07:54 - 001932288 _____ (Microsoft Corporation) C:\Windows\system32\edgeangle.dll
2020-02-12 14:45 - 2020-02-05 07:54 - 000972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2020-02-12 14:45 - 2020-02-05 07:52 - 004938240 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-02-12 14:45 - 2020-01-07 10:24 - 000941056 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2020-02-12 14:45 - 2020-01-07 09:16 - 000863744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2020-02-12 14:45 - 2020-01-07 05:11 - 000797984 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-02-12 14:45 - 2020-01-07 05:11 - 000266040 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-02-12 14:45 - 2020-01-07 04:40 - 000860160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2020-02-12 14:45 - 2020-01-07 04:39 - 002789376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2020-02-12 14:45 - 2020-01-07 04:34 - 003348992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2020-02-12 14:45 - 2020-01-07 04:34 - 000933888 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2020-02-12 14:44 - 2020-02-05 13:42 - 000506088 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2020-02-12 14:44 - 2020-02-05 13:39 - 000094224 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2020-02-12 14:44 - 2020-02-05 13:34 - 001639864 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-02-12 14:44 - 2020-02-05 13:34 - 001617360 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-02-12 14:44 - 2020-02-05 13:32 - 001047352 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2020-02-12 14:44 - 2020-02-05 13:20 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-02-12 14:44 - 2020-02-05 13:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2020-02-12 14:44 - 2020-02-05 13:18 - 012879872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-02-12 14:44 - 2020-02-05 13:18 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2020-02-12 14:44 - 2020-02-05 13:18 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-02-12 14:44 - 2020-02-05 13:17 - 008629760 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-02-12 14:44 - 2020-02-05 13:17 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe
2020-02-12 14:44 - 2020-02-05 13:16 - 001030144 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2020-02-12 14:44 - 2020-02-05 13:16 - 000810496 _____ C:\Windows\system32\MBR2GPT.EXE
2020-02-12 14:44 - 2020-02-05 13:16 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2020-02-12 14:44 - 2020-02-05 13:16 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2020-02-12 14:44 - 2020-02-05 13:16 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2020-02-12 14:44 - 2020-02-05 13:16 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2020-02-12 14:44 - 2020-02-05 13:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2020-02-12 14:44 - 2020-02-05 13:15 - 002019840 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 001609728 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 001194496 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 000482304 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2020-02-12 14:44 - 2020-02-05 13:15 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-02-12 14:44 - 2020-02-05 13:15 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-02-12 14:44 - 2020-02-05 13:14 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-02-12 14:44 - 2020-02-05 13:14 - 000957440 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-02-12 14:44 - 2020-02-05 13:14 - 000489472 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2020-02-12 14:44 - 2020-02-05 13:14 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-02-12 14:44 - 2020-02-05 13:13 - 004054016 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-02-12 14:44 - 2020-02-05 13:13 - 003613696 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-02-12 14:44 - 2020-02-05 13:13 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2020-02-12 14:44 - 2020-02-05 13:13 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-02-12 14:44 - 2020-02-05 13:13 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-02-12 14:44 - 2020-02-05 13:12 - 001290240 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-02-12 14:44 - 2020-02-05 13:12 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2020-02-12 14:44 - 2020-02-05 13:12 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2020-02-12 14:44 - 2020-02-05 13:12 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2020-02-12 14:44 - 2020-02-05 13:11 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
2020-02-12 14:44 - 2020-02-05 13:11 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-02-12 14:44 - 2020-02-05 12:07 - 001628488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-02-12 14:44 - 2020-02-05 12:06 - 020402192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-02-12 14:44 - 2020-02-05 12:02 - 000917816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2020-02-12 14:44 - 2020-02-05 11:54 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-02-12 14:44 - 2020-02-05 11:53 - 000131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-02-12 14:44 - 2020-02-05 11:52 - 012075520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-02-12 14:44 - 2020-02-05 11:51 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2020-02-12 14:44 - 2020-02-05 11:50 - 007992832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-02-12 14:44 - 2020-02-05 11:49 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2020-02-12 14:44 - 2020-02-05 11:49 - 000176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2020-02-12 14:44 - 2020-02-05 11:48 - 002881536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-02-12 14:44 - 2020-02-05 11:48 - 000901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-02-12 14:44 - 2020-02-05 11:48 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-02-12 14:44 - 2020-02-05 11:48 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2020-02-12 14:44 - 2020-02-05 11:48 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2020-02-12 14:44 - 2020-02-05 11:47 - 004053504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-02-12 14:44 - 2020-02-05 08:42 - 003180080 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2020-02-12 14:44 - 2020-02-05 08:42 - 001613096 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2020-02-12 14:44 - 2020-02-05 08:41 - 001299168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2020-02-12 14:44 - 2020-02-05 08:40 - 002417952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2020-02-12 14:44 - 2020-02-05 08:25 - 001213264 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-02-12 14:44 - 2020-02-05 08:25 - 001035040 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 005627792 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2020-02-12 14:44 - 2020-02-05 08:23 - 001224504 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 001027384 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 000722744 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2020-02-12 14:44 - 2020-02-05 08:23 - 000568104 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 000527376 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 000491208 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-02-12 14:44 - 2020-02-05 08:23 - 000405816 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2020-02-12 14:44 - 2020-02-05 08:23 - 000324928 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-02-12 14:44 - 2020-02-05 08:23 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-02-12 14:44 - 2020-02-05 08:22 - 000777304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-02-12 14:44 - 2020-02-05 08:22 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2020-02-12 14:44 - 2020-02-05 08:22 - 000441072 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2020-02-12 14:44 - 2020-02-05 08:22 - 000248880 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-02-12 14:44 - 2020-02-05 08:22 - 000210448 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-02-12 14:44 - 2020-02-05 08:22 - 000159656 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 009081656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 007447904 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 004404720 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 002811192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 002371296 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001943128 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001934808 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001780352 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001459120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-02-12 14:44 - 2020-02-05 08:21 - 001285432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 001260776 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 001209696 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001141504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-02-12 14:44 - 2020-02-05 08:21 - 001098064 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 001032968 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000983936 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 000930616 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 000791352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 000694184 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000605496 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 000594032 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-02-12 14:44 - 2020-02-05 08:21 - 000550520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000413720 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 000383288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-02-12 14:44 - 2020-02-05 08:21 - 000335672 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2020-02-12 14:44 - 2020-02-05 08:21 - 000260800 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-02-12 14:44 - 2020-02-05 08:20 - 000665736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-02-12 14:44 - 2020-02-05 08:20 - 000435512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2020-02-12 14:44 - 2020-02-05 08:20 - 000385784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2020-02-12 14:44 - 2020-02-05 08:20 - 000192312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-02-12 14:44 - 2020-02-05 08:20 - 000146712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2020-02-12 14:44 - 2020-02-05 08:19 - 006054320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 004790184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001620472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001379280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001130568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 000829752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2020-02-12 14:44 - 2020-02-05 08:19 - 000607544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 000538704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 000385816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2020-02-12 14:44 - 2020-02-05 08:19 - 000129296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2020-02-12 14:44 - 2020-02-05 08:11 - 022016512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-02-12 14:44 - 2020-02-05 08:02 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2020-02-12 14:44 - 2020-02-05 08:02 - 002700800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-02-12 14:44 - 2020-02-05 08:01 - 005883904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2020-02-12 14:44 - 2020-02-05 08:01 - 002969600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2020-02-12 14:44 - 2020-02-05 08:00 - 003687936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-02-12 14:44 - 2020-02-05 08:00 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2020-02-12 14:44 - 2020-02-05 08:00 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2020-02-12 14:44 - 2020-02-05 08:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Websocket.dll
2020-02-12 14:44 - 2020-02-05 08:00 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 009084928 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 007057920 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 005770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
2020-02-12 14:44 - 2020-02-05 07:59 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 004710400 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 002258432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 001540096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-02-12 14:44 - 2020-02-05 07:58 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 004382720 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 003403264 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 001862656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 001236480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 000185856 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2020-02-12 14:44 - 2020-02-05 07:57 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-02-12 14:44 - 2020-02-05 07:57 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Websocket.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 003392512 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 001076736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000859136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-02-12 14:44 - 2020-02-05 07:56 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\NmaDirect.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-02-12 14:44 - 2020-02-05 07:56 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-02-12 14:44 - 2020-02-05 07:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 006031360 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 004849664 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 001765888 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000705024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2020-02-12 14:44 - 2020-02-05 07:55 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-02-12 14:44 - 2020-02-05 07:55 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 007572992 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 003381248 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 003093504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 002929152 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 002825728 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 001218048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 000808960 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-02-12 14:44 - 2020-02-05 07:54 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 002922496 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 002739200 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 002179584 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 001563648 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 001023488 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-02-12 14:44 - 2020-02-05 07:53 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2020-02-12 14:44 - 2020-02-05 07:52 - 002379264 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2020-02-12 14:44 - 2020-02-05 07:52 - 002161152 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-02-12 14:44 - 2020-02-05 07:52 - 001264640 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2020-02-12 14:44 - 2020-02-05 07:52 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2020-02-12 14:44 - 2020-02-05 07:52 - 001059840 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-02-12 14:44 - 2020-02-05 07:52 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 001724928 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 001421312 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 001084928 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000910848 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000896000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000884224 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000776704 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000637440 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2020-02-12 14:44 - 2020-02-05 07:51 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-02-12 14:44 - 2020-02-05 07:51 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-02-12 14:44 - 2020-02-05 06:31 - 000001314 _____ C:\Windows\system32\tcbres.wim
2020-02-12 14:44 - 2020-01-07 11:06 - 001726480 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-02-12 14:44 - 2020-01-07 11:05 - 000747528 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-02-12 14:44 - 2020-01-07 11:05 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-02-12 14:44 - 2020-01-07 11:05 - 000465424 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-02-12 14:44 - 2020-01-07 11:05 - 000324624 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-02-12 14:44 - 2020-01-07 10:55 - 002386744 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-02-12 14:44 - 2020-01-07 10:55 - 000827704 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2020-02-12 14:44 - 2020-01-07 10:55 - 000128312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppVStrm.sys
2020-02-12 14:44 - 2020-01-07 10:53 - 004103224 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-02-12 14:44 - 2020-01-07 10:52 - 000349424 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-02-12 14:44 - 2020-01-07 10:52 - 000288872 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2020-02-12 14:44 - 2020-01-07 10:47 - 001517176 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-02-12 14:44 - 2020-01-07 10:47 - 000790928 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-02-12 14:44 - 2020-01-07 10:47 - 000396304 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-02-12 14:44 - 2020-01-07 10:30 - 006603776 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-02-12 14:44 - 2020-01-07 10:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-02-12 14:44 - 2020-01-07 10:29 - 000914944 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthSSO.dll
2020-02-12 14:44 - 2020-01-07 10:29 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\RDSPnf.exe
2020-02-12 14:44 - 2020-01-07 10:28 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-02-12 14:44 - 2020-01-07 10:28 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2020-02-12 14:44 - 2020-01-07 10:28 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\rasphone.exe
2020-02-12 14:44 - 2020-01-07 10:26 - 002204672 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2020-02-12 14:44 - 2020-01-07 10:26 - 001210368 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2020-02-12 14:44 - 2020-01-07 10:26 - 001189888 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
2020-02-12 14:44 - 2020-01-07 10:26 - 001187328 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2020-02-12 14:44 - 2020-01-07 10:26 - 000947200 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2020-02-12 14:44 - 2020-01-07 10:26 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2020-02-12 14:44 - 2020-01-07 10:25 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2020-02-12 14:44 - 2020-01-07 10:25 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2020-02-12 14:44 - 2020-01-07 10:24 - 001535488 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2020-02-12 14:44 - 2020-01-07 10:24 - 001262592 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-02-12 14:44 - 2020-01-07 09:53 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll
2020-02-12 14:44 - 2020-01-07 09:38 - 001627448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-02-12 14:44 - 2020-01-07 09:36 - 000256160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2020-02-12 14:44 - 2020-01-07 09:33 - 001320336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-02-12 14:44 - 2020-01-07 09:33 - 000662840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-02-12 14:44 - 2020-01-07 09:33 - 000322576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2020-02-12 14:44 - 2020-01-07 09:31 - 003755408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-02-12 14:44 - 2020-01-07 09:21 - 005670400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-02-12 14:44 - 2020-01-07 09:21 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-02-12 14:44 - 2020-01-07 09:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2020-02-12 14:44 - 2020-01-07 09:18 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasphone.exe
2020-02-12 14:44 - 2020-01-07 09:17 - 001189376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2020-02-12 14:44 - 2020-01-07 09:17 - 000159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2020-02-12 14:44 - 2020-01-07 09:15 - 000855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2020-02-12 14:44 - 2020-01-07 05:18 - 000376848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-02-12 14:44 - 2020-01-07 05:11 - 000094008 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 002773088 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 002711352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-02-12 14:44 - 2020-01-07 05:08 - 002421768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-02-12 14:44 - 2020-01-07 05:08 - 001030672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-02-12 14:44 - 2020-01-07 05:08 - 000722744 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 000713480 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 000243760 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-02-12 14:44 - 2020-01-07 05:08 - 000051400 _____ (Microsoft Corporation) C:\Windows\system32\svchost.exe
2020-02-12 14:44 - 2020-01-07 05:07 - 000466744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-02-12 14:44 - 2020-01-07 05:01 - 002261448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-02-12 14:44 - 2020-01-07 05:01 - 000186120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-02-12 14:44 - 2020-01-07 05:01 - 000044632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2020-02-12 14:44 - 2020-01-07 05:00 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2020-02-12 14:44 - 2020-01-07 04:42 - 003553792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2020-02-12 14:44 - 2020-01-07 04:41 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-02-12 14:44 - 2020-01-07 04:41 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_BackgroundApps.dll
2020-02-12 14:44 - 2020-01-07 04:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2020-02-12 14:44 - 2020-01-07 04:40 - 000384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2020-02-12 14:44 - 2020-01-07 04:39 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2020-02-12 14:44 - 2020-01-07 04:39 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\DdcAntiTheftApi.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 001655296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmsipc.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 001644032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000537088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-02-12 14:44 - 2020-01-07 04:38 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Geolocation.dll
2020-02-12 14:44 - 2020-01-07 04:38 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2020-02-12 14:44 - 2020-01-07 04:37 - 004771328 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2020-02-12 14:44 - 2020-01-07 04:37 - 000369152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-02-12 14:44 - 2020-01-07 04:37 - 000318976 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2020-02-12 14:44 - 2020-01-07 04:37 - 000272896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2020-02-12 14:44 - 2020-01-07 04:37 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2020-02-12 14:44 - 2020-01-07 04:36 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-02-12 14:44 - 2020-01-07 04:36 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\winipcfile.dll
2020-02-12 14:44 - 2020-01-07 04:35 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-02-12 14:44 - 2020-01-07 04:35 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2020-02-12 14:44 - 2020-01-07 04:35 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2020-02-12 14:44 - 2020-01-07 04:34 - 000863744 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2020-02-12 14:44 - 2020-01-07 04:34 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 002328064 _____ (Microsoft Corporation) C:\Windows\system32\winmsipc.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 001821184 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 001458688 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 001419776 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 001222656 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000882176 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000506368 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-02-12 14:44 - 2020-01-07 04:33 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-02-12 14:44 - 2019-08-07 09:08 - 000710232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-02-12 14:44 - 2019-08-07 09:08 - 000170296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-02-11 16:16 - 2020-02-19 16:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-02-11 15:16 - 2020-02-11 15:16 - 000051272 _____ (WiseCleaner.com) C:\Windows\WiseRegNotify.sys
2020-02-11 14:59 - 2020-02-12 15:12 - 001726528 _____ C:\Windows\system32\FNTCACHE.DAT
2020-02-09 00:15 - 2020-02-09 00:15 - 000033864 _____ (wisecleaner.com) C:\Windows\WiseHDInfo64.dll
2020-02-09 00:13 - 2020-02-19 20:42 - 000000000 ____D C:\Users\YMER\AppData\Roaming\Wise Care 365
2020-02-09 00:13 - 2020-02-09 00:13 - 000001232 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2020-02-09 00:13 - 2020-02-09 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2020-02-09 00:13 - 2020-02-09 00:13 - 000000000 ____D C:\Program Files (x86)\Wise

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-10 15:41 - 2018-12-16 14:50 - 000000000 ____D C:\FRST
2020-03-10 15:09 - 2019-10-26 17:51 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-03-10 15:09 - 2018-05-13 08:14 - 000002896 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-03-10 15:09 - 2018-05-13 08:14 - 000002444 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-03-10 15:09 - 2018-05-13 08:14 - 000002392 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-03-10 15:09 - 2018-05-13 08:14 - 000002388 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-03-10 15:09 - 2018-05-13 08:14 - 000002374 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-03-10 15:09 - 2018-05-13 08:14 - 000002370 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-03-10 15:07 - 2018-05-12 22:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-03-10 14:55 - 2018-05-12 17:42 - 000000000 ____D C:\Users\YMER\AppData\LocalLow\Mozilla
2020-03-10 14:54 - 2018-05-12 17:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-03-10 14:54 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-10 10:08 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2020-03-10 06:28 - 2018-07-19 14:53 - 000000000 ____D C:\Users\YMER\AppData\Local\AVAST Software
2020-03-10 06:27 - 2018-05-12 17:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-09 20:30 - 2019-10-27 23:22 - 000000000 ____D C:\Users\YMER\AppData\Roaming\qBittorrent
2020-03-09 18:19 - 2018-06-14 06:31 - 000000000 ____D C:\Users\YMER\AppData\Local\CrashDumps
2020-03-09 18:19 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2020-03-09 14:13 - 2018-05-12 17:24 - 001689054 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-09 14:13 - 2018-04-12 16:51 - 000715202 _____ C:\Windows\system32\perfh005.dat
2020-03-09 14:13 - 2018-04-12 16:51 - 000144496 _____ C:\Windows\system32\perfc005.dat
2020-03-09 14:06 - 2018-05-12 17:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-09 14:05 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI
2020-03-04 14:32 - 2018-05-14 19:38 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-04 14:32 - 2018-05-14 19:38 - 000002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-28 09:46 - 2018-05-12 22:26 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-02-28 09:46 - 2018-05-12 22:26 - 000002079 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-02-26 22:29 - 2018-05-12 22:25 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-02-26 22:29 - 2018-04-12 00:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-02-25 22:21 - 2019-02-22 15:45 - 000279360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2020-02-25 22:21 - 2019-01-14 22:51 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-02-25 22:21 - 2019-01-08 16:06 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-02-25 22:21 - 2019-01-08 16:06 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-02-25 22:21 - 2019-01-08 16:06 - 000037864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-02-25 22:21 - 2018-10-24 07:46 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-02-25 22:21 - 2018-07-18 14:10 - 000016304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-02-25 22:21 - 2018-05-12 22:25 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-02-19 16:49 - 2018-12-16 14:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-02-19 16:47 - 2018-12-16 12:56 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-02-12 15:13 - 2018-05-12 17:21 - 000000000 __RHD C:\Users\YMER\3D Objects
2020-02-12 15:13 - 2018-05-12 17:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-12 15:12 - 2018-05-12 17:21 - 000000000 ____D C:\Users\YMER
2020-02-12 15:10 - 2018-04-12 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\TextInput
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\oobe
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\oobe
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\ShellExperiences
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\ShellComponents
2020-02-12 15:10 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\bcastdvr
2020-02-12 15:10 - 2018-04-11 22:04 - 000000000 ____D C:\Windows\system32\Dism
2020-02-12 15:10 - 2018-04-11 22:04 - 000000000 ____D C:\Windows\servicing
2020-02-12 14:50 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2020-02-12 14:43 - 2018-05-12 21:26 - 000000000 ____D C:\Windows\system32\MRT
2020-02-12 14:43 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2020-02-12 14:40 - 2018-05-12 21:25 - 120407888 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-02-09 00:14 - 2019-06-23 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2020-02-09 00:14 - 2018-05-12 18:15 - 000000000 ____D C:\Windows\Panther
2020-02-09 00:14 - 2018-04-12 00:38 - 000000000 ___SD C:\Windows\Downloaded Program Files

==================== Files in the root of some directories ========

2019-10-20 21:15 - 2019-10-20 21:15 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
2018-05-28 22:58 - 2019-04-28 00:06 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2019-03-30 22:49 - 2019-03-30 22:53 - 000002971 _____ () C:\Users\YMER\AppData\Roaming\downloads.json
2018-11-05 15:33 - 2018-11-05 15:33 - 000001013 _____ () C:\Users\YMER\AppData\Roaming\pictur.jpeg
2019-12-25 16:33 - 2019-12-25 16:33 - 000000001 _____ () C:\Users\YMER\AppData\Local\llftool.4.40.agreement
2018-05-12 19:18 - 2018-05-12 19:18 - 000000017 _____ () C:\Users\YMER\AppData\Local\resmon.resmoncfg
2018-10-01 07:44 - 2019-02-25 06:14 - 000000700 ___SH () C:\Users\YMER\AppData\Local\systemFL7.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by YMER (10-03-2020 15:42:20)
Running from E:\YMER\Downloads
Windows 10 Education Version 1803 17134.1304 (X64) (2018-05-12 16:18:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-169180647-2445698039-3035944160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169180647-2445698039-3035944160-503 - Limited - Disabled)
Guest (S-1-5-21-169180647-2445698039-3035944160-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-169180647-2445698039-3035944160-504 - Limited - Disabled)
YMER (S-1-5-21-169180647-2445698039-3035944160-1001 - Administrator - Enabled) => C:\Users\YMER

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Age of Empires: Definitive Edition [FULL REMOVAL] (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\{1F36588A-148D-4BED-AD83-12C63E1F780E}_is1) (Version: 1.3.5101.2 - Microsoft Studios)
Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Assassins Creed - Syndicate (HKLM-x32\...\Assassins Creed - Syndicate_is1) (Version: 1.12.0.0 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Batman Arkham Knight (HKLM-x32\...\Batman Arkham Knight_is1) (Version: 1.0.4.5 - Релиз от R.G. Steamgames)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Divinity: Original Sin Enhanced Edition (2.0.119.430_(hotfix)) (HKLM-x32\...\1445516929_is1) (Version: 0.1.1.310 - GOG.com)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.3.1 - Hotger)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.50.5313 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Icecream Screen Recorder verze 5.30 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.30 - Icecream Apps)
Intel(R) Update Manager (HKLM-x32\...\{AA8BC571-E96E-4478-927F-CB44CC7D7D07}) (Version: 3.5.2247 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.5.2.400 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - )
Mozilla Firefox 73.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 73.0.1 (x64 cs)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Offroad Racing Buggy X ATV X Moto (HKLM-x32\...\Offroad Racing Buggy X ATV X Moto_is1) (Version: - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer)
Ulož.to FileManager 2.77 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.77 - Uloz.to cloud a.s.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{F7773180-1A27-11E7-864D-C2A106E0D44C}) (Version: 14.0.252 - VEGAS)
WebM Project Directshow Filters (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows KMS Activator Ultimate 2019 4.5 (HKLM\...\Windows KMS Activator Ultimate 2019 4.5_is1) (Version: 4.5 - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 18.3.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.3.1 - WinTools Software Engineering, Ltd.)
Wise Care 365 5.4.7 (HKLM-x32\...\Wise Care 365_is1) (Version: 5.4.7 - WiseCleaner.com, Inc.)
Wolfenstein The Old Blood (HKLM-x32\...\{1A6EABD2-7063-4879-909C-D2C567DE5AB9}) (Version: 1.0.0 - Bethesda)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.2.173.0_x64__rz1tebttyb220 [2018-05-12] (Dolby Laboratories)
EdgeDevtoolsPlugin -> C:\Windows\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2018-09-08] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_30.1604.3938.0_x86__8xx8rvfyw5nnt [2018-07-05] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x86__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
MPEG2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.6.0_x64__8wekyb3d8bbwe [2018-08-21] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.24.11294.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21295.0_x64__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 [2019-08-25] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2019-07-29 22:49 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\YMER\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrace produktu.lnk"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Gopher.exe"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "WinFLTray"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "FLBackup"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1E74BCD0-1DDC-4A02-94C0-248432757734}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{81E73763-65A6-4728-90D2-FA284683CB41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{FB600992-DB5B-4089-B1D1-F5E3B5628ECF}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{09799398-045D-4372-90AF-B687258EF541}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{E0E98292-19D0-4908-A1E6-85D174BD5CB8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E8724A30-F49C-4523-B27F-C5EE2DB8D87C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8BE7BDBE-961F-424F-B862-D02B04DD896B}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{BDBE58D0-9D03-4302-9205-CA498D8F30D4}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{075EFF2E-0864-4F96-9260-4D494470675E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0571D62C-24D6-415C-AE9D-434F041AB26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7AC80EB-9BEE-4AC6-B595-10C35778C6DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CA790C4-1511-4D12-B644-39EF1FA6CBC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2FF1CA7F-544A-48E2-84A3-BD453E05EA30}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D377EB3B-A0D9-44DC-8B5D-05AD8B64A629}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{1B473C89-987B-4CFC-8FAE-CC37A37E156D}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{E3D70879-BE59-4DA1-A415-00AA1111EFAD}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [{37BDB13B-2DD9-4B63-9A53-E7272750605E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C7452D39-903B-4898-83D7-9397CD15AF59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E173D714-A66D-408E-923D-6FA2841C2FCC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{872ECFA6-2368-46F3-95DA-6CAC8A5102AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FD978F39-CB2D-4BAA-8E9A-4262DA6F4825}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7D383B14-0B8A-49B4-AD08-521E3C8B872F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{820311FB-A5B6-4329-9C95-20EC0DEA16FF}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{F41A292A-E85A-4AD1-8E1F-D78A9C2ECD98}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [{39E80BF1-4733-4485-A038-0F1DD1DF5314}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [{E196FD93-EE7C-4EF2-A720-2A99FC0293F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{363EA2AB-78B6-4B2C-8BA8-2B1915AAFBB6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41A1BE93-094D-4E80-A035-2F89D3402052}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6D18CC0C-5ED6-4901-B80D-D2BB7CC001FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C4A022D-7C45-49B2-BD73-B1EB8A35C48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5C22394B-F3DB-49D9-A2E4-04D404A05E94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{58EB516F-F9AF-4ED8-A1EC-F2B3EA05EF7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{57D440A8-43C7-407C-80D6-25E05E5168A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{192F9CFB-72A4-43C4-83F8-9BE7CCE9D8AC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{543F9592-C384-4683-991F-DB3ADAF53075}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BFFF315B-2860-445E-8092-B7BA3603E414}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{3507F5D6-FF1A-471D-BB6B-678274798063}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{8983D30F-A5E6-42B7-ADA3-4714015F7458}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{EF84E1E3-0739-4BDE-8FB0-7ECC94D9B749}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{C87DF872-D725-40CC-B55A-09B28222F230}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

21-02-2020 06:40:03 Naplánovaný kontrolní bod
01-03-2020 20:46:16 Naplánovaný kontrolní bod
09-03-2020 08:43:38 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/10/2020 06:28:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/10/2020 06:28:13 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (03/09/2020 02:07:26 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (03/09/2020 02:06:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007139F
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/09/2020 06:42:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/09/2020 06:42:05 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/09/2020 06:42:02 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (03/08/2020 05:18:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e0c42288-980c-4788-a014-c080d2e1926e;NotificationInterval=1440;Trigger=TimerEvent

System errors:
=============
Error: (03/10/2020 06:28:15 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-00MKO9B)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-00MKO9B\YMER (SID: S-1-5-21-169180647-2445698039-3035944160-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/09/2020 08:30:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/09/2020 08:30:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/09/2020 08:30:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/09/2020 08:30:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/09/2020 08:30:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/09/2020 08:30:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/09/2020 08:30:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Windows Defender:
===================================
Date: 2018-08-12 13:53:08.881
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C31CD767-0A7D-481B-BC3E-6EA8999EB489}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-28 02:49:36.526
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {40FD5BC1-3BE3-45B2-91AE-87528C0A660B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-00MKO9B\YMER

Date: 2018-07-27 20:42:31.127
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:57.974
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$DRa8688.8163\mafia3v02_947ed468.exe;file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-07-27 20:41:43.866
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Dlhelper
ID: 226717
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Users\YMER\AppData\Local\Temp\Rar$EXa8708.6773\mafia3v02_947ed468.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-00MKO9B\YMER
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze podpisu: AV: 1.273.371.0, AS: 1.273.371.0, NIS: 1.273.371.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

CodeIntegrity:
===================================

Date: 2020-03-08 10:08:28.818
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-08 10:08:28.813
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-08 10:08:26.856
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-08 10:08:26.851
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-08 10:08:22.553
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-08 10:08:22.550
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-08 10:08:20.963
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-08 10:08:20.959
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. FI 11/01/2010
Motherboard: Gigabyte Technology Co., Ltd. P55-UD3L
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 49%
Total physical RAM: 8183.49 MB
Available physical RAM: 4095.13 MB
Total Virtual: 9463.49 MB
Available Virtual: 4384.77 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:223.58 GB) (Free:51.02 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (HDD) (Fixed) (Total:931.41 GB) (Free:268.3 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0201E900)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7F2C3E95)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#6 Příspěvek od **Diallix** » 10 bře 2020 19:50

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-169180647-2445698039-3035944160-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Notifications: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> hxxps://badoo.com
FF NewTabOverride: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> Enabled: gdrivepanel@alejandrobrizuela.com.ar

EmptyTemp:
Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

toox · #7 Příspěvek od **toox** » 11 bře 2020 06:59

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by YMER (11-03-2020 06:56:27) Run:4
Running from E:\YMER\Downloads
Loaded Profiles: YMER (Available Profiles: YMER)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-169180647-2445698039-3035944160-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Notifications: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> hxxps://badoo.com
FF NewTabOverride: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> Enabled: gdrivepanel@alejandrobrizuela.com.ar

EmptyTemp:
Hosts:
*****************

"HKU\S-1-5-21-169180647-2445698039-3035944160-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
"HKU\S-1-5-21-169180647-2445698039-3035944160-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"FF Notifications:" => removed successfully
"Firefox NewTabOverride (gdrivepanel@alejandrobrizuela.com.ar) " => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49902800 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 74318 B
Edge => 0 B
Chrome => 180149 B
Firefox => 1127210408 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
YMER => 2574143 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End 1 Fixlog 06:57:04 ====

#8 Příspěvek od **Diallix** » 11 bře 2020 21:20

Ako je na tom pocitac?

toox · #9 Příspěvek od **toox** » 12 bře 2020 06:40

pohoda

všechno jede

#10 Příspěvek od **Diallix** » 12 bře 2020 08:36

Super. Ak je vsetko ok, zamykam.

VIRY.CZ

Preventivka

Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka