Ahoj, prosím o preventivní kontrolu logu. Nedávno mi našel malwarebytes jeden malware, smazal jsem ho a obtíže nepozoruju, ale kdyby náhodou.
díky
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-03-2020
Ran by Martin (administrator) on STOLNÍ-MAŠINA (Gigabyte Technology Co., Ltd. Z390 AORUS PRO WIFI) (23-03-2020 23:17:08)
Running from C:\Users\ulol\Documents
Loaded Profiles: Martin (Available Profiles: Martin & lucie)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\Check_Kill.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ulol\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.135.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [456176 2020-02-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [84008696 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3365840 2020-02-11] (Valve -> Valve Corporation)
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\MountPoints2: {26b33e8b-03a9-11ea-9bb0-48f17fdd5c9c} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\MountPoints2: {ab018d50-3d28-11ea-9bbb-48f17fdd5c9c} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-18] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\Windows\system32\LMIinit.dll [2020-02-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0588C9FC-1C02-412D-9B41-C6E24AF22A3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110632 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DB3FF0F-3BB4-4988-A188-3CD178A6442B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E71D668-ED55-4905-9427-84584473FA02} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {29362712-5C98-457F-B5A7-50A9E8079DE4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421704 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {39717EE8-01AF-4214-8480-EA1E470680BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
Task: {3D27345F-8022-40C3-B4F5-90CC4AB27630} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {406F5F95-1E0B-4F93-BEF8-9B9F7FB5F1D6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4350DBF4-DAB2-42D2-80D5-524F403EB6F6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48AED8C0-ADCE-410A-AEF7-868E34BBF67F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48EAEF4B-6ED7-4D56-8E8C-80688643F45C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F95D723-8610-44AB-B66E-6CA810F1CF11} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {57A29F64-8176-410F-833E-89A61E4894F7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5BD3B5CF-45D2-4D27-A53F-262E2E0A8475} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110632 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {75CA2F3E-EAB0-4557-82F0-0EF490571D3C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421704 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7629D459-5C50-4978-B73E-3329C5466764} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E665553-0576-429D-B2B2-E8FD84A9ACC2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4461160 2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DF6A8EC-4EE7-4AFB-A009-8685AD2FF1A6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1571208 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EC410E6-518C-4EFF-96D8-C92C03CAC9D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
Task: {B271A7E9-B950-4F9C-A06A-8B160F5A9E86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4461160 2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3B595DA-CB06-48A1-9F39-64D683C4C92A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C3AF2398-3CA1-4EF7-AC11-2F033202253F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D40ED430-0312-4695-9129-F2DD39D4AE32} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD038C09-1845-4FE5-B092-6987B66743BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {E2AE3DE2-41EC-436D-B107-17046EF20237} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3AD0C2D-A443-4B86-814F-A73C801EDE1C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E537C476-DA5E-4992-A48A-23C8FFC2C809} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84a0975b-10b9-4106-bc62-5348c5c60cc3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b3179cf2-9a52-42e4-bf72-8d3587e69af3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: aaqgoi5l.default
FF ProfilePath: C:\Users\ulol\AppData\Roaming\Mozilla\Firefox\Profiles\aaqgoi5l.default [2019-06-27]
FF ProfilePath: C:\Users\ulol\AppData\Roaming\Mozilla\Firefox\Profiles\xsh91wz4.default-release [2020-01-26]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default [2020-03-23]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Prezentace) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-27]
CHR Extension: (Dokumenty) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-27]
CHR Extension: (Disk Google) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-27]
CHR Extension: (IBM Security Rapport) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-12-01]
CHR Extension: (CLONE, BOUNTY HUNTER, STORM TROOPER) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\bimnpejnapnbhiphakfmkhnnaoemofbe [2019-06-27]
CHR Extension: (YouTube) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-27]
CHR Extension: (Adobe Acrobat) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-03]
CHR Extension: (Tabulky) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-17]
CHR Extension: (Bandzone Downloader) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdolellaicjnehmfidkjkkehmkkapngp [2019-06-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-27]
CHR Extension: (Chrome Media Router) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-11-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2018-11-26] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600672 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1636936 2020-02-27] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-27] (GOG Sp. z o.o. -> GOG.com)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [530424 2019-04-23] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-01-31] (Intel Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419824 2020-02-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [580080 2020-02-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-06-15] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-16] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\NisSrv.exe [3294680 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MsMpEng.exe [103168 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-11-26] (ASUSTeK Computer Inc. -> )
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_b44028fc7fdf4fca\e1d68x64.sys [599920 2019-09-13] (Intel(R) INTELND1820 -> Intel Corporation)
R3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-06-28] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 GLCKIO2; C:\Program Files (x86)\GIGABYTE\RGBFusion\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R3 ibtusb; C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_ed69711f98f8ac62\ibtusb.sys [16691488 2019-09-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S2 LMIInfo; C:\WINDOWS\system32\drivers\LMIInfo.sys [30432 2017-01-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-03-23] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-03-23] (Malwarebytes Inc -> Malwarebytes)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D8795F00-29DA-4D58-B244-5AE6D746D586}\MpKslDrv.sys [43232 2020-03-23] (Microsoft Windows -> Microsoft Corporation)
S3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8723968 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 Netwtw08; C:\WINDOWS\System32\drivers\Netwtw08.sys [9214968 2019-10-25] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvlddmkm.sys [23439288 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-20] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\GIGABYTE\RGBFusion\MODAPI.sys [14544 2020-03-23] (Noriyuki MIYAZAKI -> OpenLibSys.org)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-23 23:17 - 2020-03-23 23:17 - 000028259 _____ C:\Users\ulol\Documents\FRST.txt
2020-03-23 23:17 - 2020-03-23 23:17 - 000000000 ____D C:\Users\ulol\Documents\FRST-OlderVersion
2020-03-23 21:55 - 2020-03-23 21:55 - 000034816 _____ C:\Users\ulol\Desktop\Provoz_4._březnový_týden.xls
2020-03-23 21:55 - 2020-03-23 21:55 - 000026112 _____ C:\Users\ulol\Desktop\COVID_team_4._březnový_týden.xls
2020-03-23 17:38 - 2020-03-23 17:38 - 000000000 ____D C:\WINDOWS\LastGood
2020-03-23 17:37 - 2020-03-18 10:39 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-03-23 17:36 - 2020-03-19 00:26 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-23 17:36 - 2020-03-19 00:26 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-03-23 17:36 - 2020-03-19 00:26 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-23 17:36 - 2020-03-19 00:26 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-03-23 17:36 - 2020-03-19 00:26 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-03-23 17:36 - 2020-03-19 00:26 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-03-23 17:36 - 2020-03-19 00:26 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-23 17:36 - 2020-03-19 00:26 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-03-23 17:36 - 2020-03-19 00:26 - 000450464 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-03-23 17:36 - 2020-03-19 00:26 - 000348048 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-03-23 17:36 - 2020-03-19 00:25 - 011944864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-03-23 17:36 - 2020-03-19 00:25 - 010285472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 002073200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 001565136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 001481144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 001351776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 001142384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 001022560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 000817264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 000680048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 000676240 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 000573024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-03-23 17:36 - 2020-03-19 00:24 - 000546928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-03-23 17:36 - 2020-03-19 00:24 - 000544144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-03-23 17:36 - 2020-03-19 00:23 - 017601120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-03-23 17:36 - 2020-03-19 00:23 - 015157664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-03-23 17:36 - 2020-03-19 00:23 - 005856864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-03-23 17:36 - 2020-03-19 00:23 - 005158512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-03-23 17:36 - 2020-03-19 00:23 - 001049696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-03-23 17:36 - 2020-03-19 00:23 - 000849848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-03-23 17:36 - 2020-03-19 00:23 - 000811632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-03-23 17:36 - 2020-03-19 00:23 - 000655472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-03-23 17:36 - 2020-03-19 00:23 - 000445024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-03-23 17:36 - 2020-03-18 10:39 - 000111058 _____ C:\WINDOWS\system32\nvidia-smi.1.pdf
2020-03-23 17:36 - 2020-03-18 10:39 - 000077314 _____ C:\WINDOWS\system32\nvinfo.pb
2020-03-23 16:51 - 2020-03-23 21:07 - 000720850 _____ C:\Users\ulol\Desktop\Akutní endokrinologická krize.pptx
2020-03-23 16:46 - 2020-03-23 16:46 - 000000000 ____D C:\Users\ulol\Desktop\KNIHA Akutni stavy v endokrinologii a diabetologii
2020-03-23 16:36 - 2020-03-23 16:36 - 001413519 _____ C:\Users\ulol\Desktop\mimoradne-opatreni-organizace-a-provadeni-karanteny-u-zdravotnickych-pracovniku.pdf
2020-03-23 15:57 - 2020-03-23 15:57 - 000120235 _____ C:\Users\ulol\Desktop\akutní stavy v endokrinologii.pdf
2020-03-23 09:57 - 2020-03-23 10:57 - 569229854 _____ C:\Users\ulol\Desktop\The.Walking.Dead.S10E13.WEB.H264-XLF.mkv
2020-03-23 09:57 - 2020-03-23 10:07 - 167212407 _____ C:\Users\ulol\Desktop\the.simpsons.s31e17.web.x264-xlf.mkv
2020-03-23 09:33 - 2020-03-23 09:33 - 000000000 ____D C:\Users\ulol\AppData\Roaming\Samsung
2020-03-23 09:31 - 2020-03-23 09:31 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-03-23 09:31 - 2020-03-23 09:31 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-03-23 09:30 - 2020-03-23 09:30 - 000000000 ____D C:\ProgramData\Samsung
2020-03-21 17:14 - 2020-03-21 17:59 - 805773278 _____ C:\Users\ulol\Desktop\Star.Wars.The.Clone.Wars.S07E05.iNTERNAL.MULTi.720p.WEB.H264-CiELOS.mkv
2020-03-21 09:07 - 2020-03-21 11:15 - 1916940970 _____ C:\Users\ulol\Desktop\Párty Hárd (2019) BEZ CENZURY.mp4
2020-03-20 23:06 - 2020-03-20 23:06 - 000000000 ____D C:\Users\ulol\AppData\Local\LogMeIn
2020-03-20 23:05 - 2020-03-23 22:59 - 000001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2020-03-20 23:05 - 2020-03-23 22:59 - 000001024 _____ C:\.rnd
2020-03-20 23:05 - 2020-03-23 22:59 - 000000000 ____D C:\ProgramData\LogMeIn
2020-03-20 23:05 - 2020-03-20 23:12 - 000000000 ____D C:\Program Files (x86)\LogMeIn
2020-03-20 23:05 - 2020-02-18 16:25 - 000116200 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIinit.dll
2020-03-20 23:05 - 2019-10-07 08:51 - 000130520 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIRfsClientNP.dll
2020-03-20 23:05 - 2017-01-11 02:08 - 000030432 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMIInfo.sys.000.bak
2020-03-20 23:05 - 2017-01-11 02:08 - 000030432 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMIInfo.sys
2020-03-20 23:05 - 2017-01-10 10:04 - 000081088 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMIRfsDriver.sys.000.bak
2020-03-20 23:05 - 2017-01-10 10:04 - 000081088 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMIRfsDriver.sys
2020-03-20 23:05 - 2016-01-29 08:53 - 000035328 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIport.dll
2020-03-20 17:08 - 2020-03-20 17:08 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-03-20 17:07 - 2020-03-16 13:41 - 040502176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-03-20 17:07 - 2020-03-16 13:41 - 035371424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-03-20 17:03 - 2020-03-20 17:03 - 000000000 ____D C:\Users\Public\Documents\The Witcher
2020-03-20 17:03 - 2020-03-20 17:03 - 000000000 ____D C:\ProgramData\Documents\The Witcher
2020-03-20 11:12 - 2020-03-23 19:13 - 000164352 _____ C:\Users\ulol\Desktop\9938_1.xls
2020-03-19 16:12 - 2020-03-19 21:37 - 4010154391 _____ C:\Users\ulol\Desktop\Nabarvené.ptáče.2019.1080p.WEBRip.CZDabing.5.1.mkv
2020-03-17 09:24 - 2020-03-17 09:24 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-17 09:24 - 2020-03-17 09:24 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-17 09:24 - 2020-03-17 09:24 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-17 09:24 - 2020-03-17 09:24 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-17 09:24 - 2020-03-17 09:24 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-17 09:24 - 2020-03-17 09:24 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-17 09:24 - 2020-03-17 09:24 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-17 09:24 - 2020-03-17 09:24 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-17 09:24 - 2020-03-17 09:24 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-17 09:24 - 2020-03-17 09:24 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-17 09:24 - 2020-03-17 09:24 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-16 15:04 - 2020-03-20 17:01 - 000000000 ____D C:\Users\ulol\AppData\Local\The Witcher
2020-03-16 12:46 - 2020-03-16 12:46 - 000000000 ____D C:\Users\ulol\Documents\The Witcher
2020-03-16 12:22 - 2020-03-16 14:56 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2020-03-16 12:22 - 2020-03-16 12:22 - 000001207 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2020-03-16 12:22 - 2020-03-16 12:22 - 000001207 _____ C:\ProgramData\Desktop\GOG Galaxy.lnk
2020-03-16 12:22 - 2020-03-16 12:22 - 000000000 ____D C:\Users\ulol\AppData\Local\GOG.com
2020-03-16 12:22 - 2020-03-16 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2020-03-12 16:33 - 2020-03-12 16:33 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-12 16:33 - 2020-03-12 16:33 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-12 16:33 - 2020-03-12 16:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-12 16:33 - 2020-03-12 16:33 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-12 16:33 - 2020-03-12 16:33 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-12 16:33 - 2020-03-12 16:33 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-12 16:33 - 2020-03-12 16:33 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-12 16:33 - 2020-03-12 16:33 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-12 16:33 - 2020-03-12 16:33 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-12 16:33 - 2020-03-12 16:33 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-12 16:33 - 2020-03-12 16:33 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-12 16:33 - 2020-03-12 16:33 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-12 16:33 - 2020-03-12 16:33 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-12 16:33 - 2020-03-12 16:33 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-12 16:33 - 2020-03-12 16:33 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-12 16:33 - 2020-03-12 16:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-12 16:32 - 2020-03-12 16:32 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-12 16:32 - 2020-03-12 16:32 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-12 16:32 - 2020-03-12 16:32 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-12 16:32 - 2020-03-12 16:32 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-12 16:32 - 2020-03-12 16:32 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-12 16:32 - 2020-03-12 16:32 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-12 16:32 - 2020-03-12 16:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-12 15:20 - 2020-03-12 16:33 - 1328996400 _____ C:\Users\lucie\Downloads\Bad.Moms.2016.BRRip.XviD.AC3.CZ-EVO.avi
2020-03-12 15:20 - 2020-03-12 16:33 - 1328996400 _____ C:\Users\lucie\Downloads\Bad.Moms.2016.BRRip.XviD.AC3.CZ-EVO (1).avi
2020-03-12 15:19 - 2020-03-12 15:20 - 022380227 _____ C:\Users\lucie\Downloads\Bad Moms.2016.Cam.720p.mkv.crdownload
2020-03-11 15:59 - 2020-03-11 15:59 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-11 15:59 - 2020-03-11 15:59 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-11 15:59 - 2020-03-11 15:59 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-11 15:59 - 2020-03-11 15:59 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-11 15:59 - 2020-03-11 15:59 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-11 15:59 - 2020-03-11 15:59 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-11 15:59 - 2020-03-11 15:59 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-11 15:59 - 2020-03-11 15:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-11 15:56 - 2020-02-11 05:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-11 15:56 - 2020-02-11 05:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-10 20:59 - 2020-03-10 20:59 - 002692350 _____ C:\Users\lucie\Downloads\BPTX_2018_2_11120_0_501320_0_212752.pdf
2020-03-09 21:40 - 2020-03-10 01:56 - 2828985272 _____ C:\Users\lucie\Downloads\Dítě Bridget Jonesové (Bridget Jones's Baby 2016) CZ Dab.mkv
2020-03-09 20:11 - 2020-03-09 20:56 - 831569030 _____ C:\Users\lucie\Downloads\Deník Bridget Jonesové 2.avi
2020-03-05 20:15 - 2020-03-05 20:15 - 005379579 _____ C:\Users\ulol\Documents\router manuál.pdf
2020-03-05 20:15 - 2020-03-05 20:15 - 000248601 _____ C:\Users\ulol\Documents\router nastavení.pdf
2020-03-02 20:15 - 2020-03-02 21:19 - 351657677 _____ C:\Users\lucie\Downloads\Nepotvrzeno 972949.crdownload
2020-03-02 20:15 - 2020-03-02 20:57 - 678308376 _____ C:\Users\lucie\Downloads\Armagedon cz (1).avi
2020-03-01 18:32 - 2020-03-01 19:46 - 1320402252 _____ C:\Users\lucie\Downloads\Allied - Spojenci (2016) Český dabing.avi
2020-02-26 19:00 - 2020-02-26 19:00 - 000052736 _____ C:\Users\ulol\Desktop\provoz_2003.14.xls
2020-02-24 21:22 - 2020-02-24 21:22 - 001075605 _____ C:\Users\lucie\Downloads\kupon-106530.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-23 23:17 - 2019-10-19 06:19 - 000000000 ____D C:\FRST
2020-03-23 23:17 - 2019-10-19 06:18 - 002279936 _____ (Farbar) C:\Users\ulol\Documents\FRST64.exe
2020-03-23 23:13 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-23 23:00 - 2019-07-02 21:30 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-23 23:00 - 2019-06-25 14:33 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-23 23:00 - 2019-03-19 12:55 - 000682526 _____ C:\WINDOWS\system32\perfh005.dat
2020-03-23 23:00 - 2019-03-19 12:55 - 000137244 _____ C:\WINDOWS\system32\perfc005.dat
2020-03-23 23:00 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-23 22:55 - 2020-01-23 15:41 - 000000000 ____D C:\Users\ulol\AppData\Local\SquirrelTemp
2020-03-23 22:55 - 2019-07-02 21:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-23 22:55 - 2019-07-02 21:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-23 22:55 - 2019-07-02 17:11 - 000000000 ____D C:\Users\ulol
2020-03-23 22:55 - 2019-06-27 13:18 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-23 21:55 - 2019-06-27 12:27 - 000000000 ____D C:\Users\ulol\AppData\Local\Packages
2020-03-23 17:38 - 2019-10-28 18:53 - 000002945 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-03-23 17:38 - 2019-06-30 22:01 - 000021236 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-03-23 17:38 - 2019-06-27 13:09 - 000000000 ____D C:\Users\ulol\AppData\Local\NVIDIA
2020-03-23 17:38 - 2019-06-25 14:58 - 000017644 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-03-23 17:38 - 2019-06-25 14:58 - 000005338 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-03-23 15:51 - 2019-06-27 13:28 - 000000000 ____D C:\Users\ulol\Documents\My Books
2020-03-23 09:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-23 09:31 - 2019-12-09 19:28 - 000000000 ____D C:\Users\ulol\AppData\Local\PlaceholderTileLogoFolder
2020-03-23 09:31 - 2019-07-07 22:55 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-23 09:31 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-22 23:05 - 2019-06-29 09:29 - 000017996 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-03-22 10:08 - 2020-02-14 12:06 - 000001656 _____ C:\Users\Public\Desktop\Mafia 3.lnk
2020-03-22 10:08 - 2020-02-14 12:06 - 000001656 _____ C:\ProgramData\Desktop\Mafia 3.lnk
2020-03-21 09:01 - 2019-07-02 21:26 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 09:01 - 2019-07-02 21:26 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-21 00:11 - 2019-06-25 14:58 - 000014192 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-03-20 22:55 - 2019-06-27 12:27 - 000000000 ____D C:\Users\ulol\AppData\Local\VirtualStore
2020-03-20 17:09 - 2019-03-19 05:37 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2020-03-20 14:22 - 2019-06-27 21:36 - 000000000 ____D C:\Users\ulol\AppData\Local\CrashDumps
2020-03-20 10:03 - 2019-06-27 13:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-03-20 09:57 - 2019-06-25 20:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-20 09:50 - 2019-06-27 13:37 - 000000000 ____D C:\Users\ulol\.smplayer
2020-03-19 23:09 - 2019-06-27 12:27 - 000009809 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-03-19 16:48 - 2019-07-02 21:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-19 16:48 - 2019-06-27 13:43 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-19 16:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-03-19 03:22 - 2019-07-30 21:12 - 004196160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-03-19 03:22 - 2019-06-27 16:23 - 004927048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-03-18 21:12 - 2019-06-27 12:29 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-18 10:39 - 2019-06-27 17:21 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-03-17 17:31 - 2019-07-02 21:22 - 000444304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-17 17:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-17 17:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-17 09:25 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-17 09:05 - 2019-07-02 21:26 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-489706986-3539278758-563595600-1002
2020-03-17 09:05 - 2019-07-02 17:11 - 000002358 _____ C:\Users\ulol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-17 09:05 - 2019-06-27 12:28 - 000000000 ___RD C:\Users\ulol\OneDrive
2020-03-16 14:56 - 2019-07-07 22:55 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-03-16 14:50 - 2019-11-27 18:23 - 000000000 ____D C:\Users\ulol\AppData\Local\cache
2020-03-16 12:07 - 2019-07-03 07:26 - 000000000 ____D C:\ProgramData\GOG.com
2020-03-16 12:03 - 2019-07-01 19:11 - 000000000 ___RD C:\Users\lucie\OneDrive
2020-03-16 11:41 - 2019-06-27 12:27 - 000000000 ___RD C:\Users\ulol\3D Objects
2020-03-16 11:41 - 2019-06-25 20:15 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-15 22:38 - 2019-07-01 19:11 - 000000000 ____D C:\Users\lucie\AppData\Local\PlaceholderTileLogoFolder
2020-03-15 22:18 - 2019-07-02 21:26 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-489706986-3539278758-563595600-1003
2020-03-15 22:18 - 2019-07-02 17:11 - 000002361 _____ C:\Users\lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-15 22:18 - 2019-07-01 19:09 - 000000000 ___RD C:\Users\lucie\3D Objects
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-12 21:51 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-12 21:51 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-12 15:24 - 2019-08-03 11:31 - 000000000 ____D C:\Users\lucie\AppData\Roaming\vlc
2020-03-11 17:29 - 2019-08-22 20:52 - 000015402 _____ C:\ProgramData\DisplaySessionContainer32.log_backup1
2020-03-11 16:00 - 2019-06-25 14:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-11 15:59 - 2019-06-25 14:32 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-10 09:53 - 2019-08-20 14:50 - 000011994 _____ C:\ProgramData\DisplaySessionContainer30.log_backup1
2020-03-09 19:34 - 2019-08-20 15:19 - 000011004 _____ C:\ProgramData\DisplaySessionContainer31.log_backup1
2020-03-09 19:30 - 2019-06-27 13:20 - 000000000 ____D C:\Users\ulol\AppData\Roaming\vlc
2020-03-08 21:42 - 2019-08-19 17:40 - 000012130 _____ C:\ProgramData\DisplaySessionContainer28.log_backup1
2020-03-08 21:42 - 2019-08-18 20:12 - 000013096 _____ C:\ProgramData\DisplaySessionContainer27.log_backup1
2020-03-06 15:58 - 2019-08-18 17:27 - 000013753 _____ C:\ProgramData\DisplaySessionContainer26.log_backup1
2020-03-05 21:22 - 2019-08-17 21:16 - 000011316 _____ C:\ProgramData\DisplaySessionContainer25.log_backup1
2020-03-04 21:36 - 2019-08-17 20:37 - 000017454 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2020-03-03 21:15 - 2019-08-16 20:58 - 000012125 _____ C:\ProgramData\DisplaySessionContainer22.log_backup1
2020-03-03 21:15 - 2019-08-16 14:33 - 000015105 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2020-03-02 21:19 - 2019-08-15 21:02 - 000014189 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1
2020-03-01 21:03 - 2019-08-14 14:38 - 000012132 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2020-02-28 16:47 - 2019-08-12 18:35 - 000012128 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2020-02-28 16:47 - 2019-08-11 21:06 - 000013360 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-02-27 21:43 - 2019-08-11 17:38 - 000015793 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-02-27 21:43 - 2019-08-11 13:26 - 000017635 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2020-02-26 16:30 - 2019-07-01 19:09 - 000000000 ____D C:\Users\lucie\AppData\Local\Packages
2020-02-25 22:10 - 2019-08-10 22:00 - 000013862 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-02-25 22:10 - 2019-08-10 20:59 - 000015499 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-02-24 21:36 - 2019-07-29 19:18 - 000012125 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-02-24 21:36 - 2019-07-29 18:08 - 000013453 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
==================== Files in the root of some directories ========
2019-09-15 13:54 - 2019-09-15 13:54 - 000007608 _____ () C:\Users\ulol\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-03-2020
Ran by Martin (23-03-2020 23:17:51)
Running from C:\Users\ulol\Documents
Windows 10 Home Version 1903 18362.720 (X64) (2019-07-02 20:26:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-489706986-3539278758-563595600-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-489706986-3539278758-563595600-503 - Limited - Disabled)
Guest (S-1-5-21-489706986-3539278758-563595600-501 - Limited - Disabled)
lucie (S-1-5-21-489706986-3539278758-563595600-1003 - Limited - Enabled) => C:\Users\lucie
Martin (S-1-5-21-489706986-3539278758-563595600-1002 - Administrator - Enabled) => C:\Users\ulol
WDAGUtilityAccount (S-1-5-21-489706986-3539278758-563595600-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Bloody7 (HKLM-x32\...\Bloody3) (Version: 19.09.0012 - Bloody)
ENE_EHD_HAL (HKLM\...\{B8140D28-2CA7-4F6A-8818-BF093C3F3225}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_HAL (HKLM-x32\...\{06ebd5ee-cb8a-487e-a83c-832dab840571}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Network Connections 23.1.100.0 (HKLM\...\PROSetDX) (Version: 23.1.100.0 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
KeyDominator2 (HKLM-x32\...\BloodyKeyboard) (Version: 19.04.0004 - Bloody)
LogMeIn (HKLM-x32\...\{557C3E25-DAF1-4038-843F-7CECE7C96040}) (Version: 4.1.12700 - LogMeIn, Inc.)
Mafia 3 (HKLM-x32\...\Mafia 3_is1) (Version: - )
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11929.20648 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 68.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 68.0.2 (x64 cs)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11929.20648 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20648 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20648 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11929.20648 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.19.0528.1 - GIGABYTE)
SMPlayer 17.1.0 (x64) (HKLM\...\SMPlayer) (Version: 17.1.0 - Ricardo Villalba)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.34161 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Worms Armageddon - New Edition CZ (HKLM-x32\...\Worms Armageddon - New Edition CZ) (Version: - )
Worms World Party Remastered (HKLM-x32\...\1433238834_is1) (Version: 1134 - GOG.com)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-08] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-10-01] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-12-08] (Realtek Semiconductor Corp)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-03-23] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0 [2020-03-12] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvshext.dll [2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\ulol\Desktop\Jedi Fallen Order.lnk -> C:\Program Files (x86)\Star.Wars.Jedi.Fallen.Order.Deluxe.Edition\SwGame\Binaries\Win64\Jedi Fallen Order.bat ()
==================== Loaded Modules (Whitelisted) =============
2018-12-05 12:17 - 2018-12-05 12:17 - 000177664 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_HAL\AacHal_x86.dll
2019-04-15 15:24 - 2019-04-15 15:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
2019-03-04 16:40 - 2019-03-04 16:40 - 000287232 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVBIOSLib.dll
2018-12-19 17:05 - 2018-12-19 17:05 - 000430592 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
2018-09-11 18:53 - 2018-09-11 18:53 - 000237056 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
2019-04-12 15:04 - 2019-04-12 15:04 - 002057216 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
2018-08-30 15:26 - 2018-08-30 15:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\MsIo32_Galax.dll
2017-10-05 14:26 - 2017-10-05 14:26 - 002247168 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
2018-12-08 07:22 - 2018-12-08 07:22 - 002059264 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
2019-05-24 17:03 - 2019-05-24 17:03 - 000415232 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
2019-04-09 10:02 - 2019-04-09 10:02 - 002104832 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll
2017-07-24 15:36 - 2017-07-24 15:36 - 000481792 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\sharepoint.com -> hxxps://lfhk-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-08-05 20:05 - 2019-08-05 20:05 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-489706986-3539278758-563595600-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\ulol\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\11 - jt8gtsl.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "LogMeIn GUI"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{A61976FC-DBD8-4A46-BC7F-C1B8387B26E1}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [TCP Query User{03CE5949-FE8B-4051-8299-98DAD3701F13}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [UDP Query User{4648DE38-0900-47E3-856E-3DDFF2F5AA45}D:\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [TCP Query User{9B884547-7090-42C5-99A8-16E747217265}D:\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [{5E91FAF5-B260-4B3B-84E0-5007F21E9F1F}] => (Allow) D:\Programy\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{529AC2FD-1759-40F3-B534-2C9ED09107AD}] => (Allow) D:\Programy\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{74B29AB0-565B-4029-9316-0BBA5390277F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{44314A15-E2AB-442F-8994-3E4472223706}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E8ADBCF2-741C-4478-8AF9-B8646F3C30C0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{622D8FFB-5D1E-4A62-8455-DA2D100280EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FBB6B166-28A2-489A-A79B-F7648F1E4EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B22B66D8-27E2-40B8-A68A-18425CCDEC6E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8746DB03-E303-4255-969B-40B6F0C68FCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42D80F0A-F724-45B5-B70E-8D1628D5D768}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B49CB671-2CF1-4D80-88A9-9D97E261AE7F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2C392660-8547-45DD-AB2A-70DB0B78DA12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EF0ACEA7-0E05-4EC1-B382-338335EF89C2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{C830097A-0CD1-4F44-A58A-588C8AD3F8C2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [TCP Query User{B6D9CB54-BAAA-4304-BD72-0F76C36E63EF}C:\users\ulol\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ulol\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{7C4BAC45-95E0-42AD-9A58-D3FBA4BC1827}C:\users\ulol\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ulol\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{36BB5C61-F5DE-444A-9C05-DD53668E2351}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{75BFF565-9F5F-4006-8C54-5867E24E3982}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{21EFA9D7-8D59-409E-87A3-34C72313C5DB}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{77A9909C-7A5E-4262-9F49-2BACE395C8B2}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{3D842BA6-7130-4F3E-AFC6-1A982CE1FF4E}D:\hry\star.wars.jedi.fallen.order.deluxe.edition\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\hry\star.wars.jedi.fallen.order.deluxe.edition\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [UDP Query User{B1D09877-2213-49B7-A311-9F469D5CA499}D:\hry\star.wars.jedi.fallen.order.deluxe.edition\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\hry\star.wars.jedi.fallen.order.deluxe.edition\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [TCP Query User{BF7E1570-A32C-42D0-89E8-4627019BBA0D}C:\program files (x86)\star.wars.jedi.fallen.order.deluxe.edition\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star.wars.jedi.fallen.order.deluxe.edition\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [UDP Query User{B66D8935-3E28-40D2-BE53-7AC37C72A999}C:\program files (x86)\star.wars.jedi.fallen.order.deluxe.edition\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star.wars.jedi.fallen.order.deluxe.edition\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [{20B07EF4-C506-4742-A2B4-0D8C59F3ADA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A1293A5E-F003-4149-B9DB-6F538FC42C6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3D4FE0D1-4C6F-4557-A1DE-E8C0770994F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{614F71AC-F115-4E8D-8EC5-0C60932D6161}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E6D8334D-62FE-40F9-9FBF-1745E2EAE06B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A31D78C9-8B6E-4405-80B9-191B556423C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EA66613B-4989-4E19-BBC7-6ADAC014D7C5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C82A25C-D12B-40BA-ACDA-1DAC9360D5EA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F03C7748-285A-4F5B-9504-81F1B5C19235}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C750BE2A-CF01-4BEB-BFCF-0B690FC25112}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FBC1854-420C-4DC6-839D-020DA52C3C76}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{57FEEBCF-303A-48E4-A01C-C2A0DDF01102}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BE5283A9-B325-4F89-8B30-9C4B53C999E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{201D82B6-1617-4AB0-BBCF-36C755435289}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{95A7BADB-1D2C-490D-A158-95821121C6BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{404DA78F-23D9-47AF-ACA5-8756C3064A4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5BEEAE54-3664-472E-953D-9C0E07D1CBCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD2AEC07-0F20-4B05-B28E-70C8E878692E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A97C8A9B-7859-419B-9605-5D52824750EA}C:\program files (x86)\counter-strike 1.6 v35\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 v35\hl.exe No File
FirewallRules: [UDP Query User{F7BCDF4A-CDAB-4EF0-9396-D07122D40EB0}C:\program files (x86)\counter-strike 1.6 v35\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 v35\hl.exe No File
==================== Restore Points =========================
16-03-2020 14:56:41 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
20-03-2020 23:03:36 Installed LogMeIn
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/23/2020 11:16:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Uninstal.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 17a4
Čas spuštění: 01d601606956a73b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Counter-Strike 1.6 V35\Uninstal.exe
ID hlášení: 2ec2b2c6-5678-44ba-a391-93cb8daacbbf
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (03/23/2020 11:10:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12612,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/23/2020 11:05:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5740,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/23/2020 10:29:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5712,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/23/2020 10:09:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6316,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/23/2020 10:02:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2228,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/23/2020 09:33:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7344,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/23/2020 09:28:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15168,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (03/23/2020 10:55:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:19:10, 23.03.2020) bylo neočekávané.
Error: (03/23/2020 05:38:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (03/23/2020 05:38:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (03/23/2020 09:27:02 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/23/2020 09:25:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Update Medic Service byla ukončena s následující chybou:
Windows Update Medic Service není platná aplikace typu Win32.
Error: (03/22/2020 10:27:37 PM) (Source: Netwtw08) (EventID: 5002) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (03/20/2020 05:09:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (03/20/2020 05:09:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Windows Defender:
===================================
Date: 2020-03-15 22:34:24.656
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {DE70E194-9B4D-4A22-9B7F-361D7B326084}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-02-28 15:27:55.187
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {ED375E2F-ACCA-4AE9-9CF8-38C24FA7456A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-02-28 15:14:04.544
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {89DEDC7F-A937-46E2-95ED-FE81CB60B0B2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-02-14 07:34:55.188
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A8C6F90C-04F7-422B-97A2-CBE0EAC89D2A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-02-09 15:56:45.134
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4024D111-EE66-4BCA-B660-2B53EB6673E5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===================================
Date: 2020-03-16 11:43:31.710
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-16 11:43:31.705
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-16 11:43:31.634
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-16 11:43:31.628
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-16 11:43:31.621
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-16 11:43:31.613
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-16 11:43:31.321
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-03-16 11:43:31.301
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F9 03/14/2019
Motherboard: Gigabyte Technology Co., Ltd. Z390 AORUS PRO WIFI-CF
Processor: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz
Percentage of memory in use: 29%
Total physical RAM: 16316.91 MB
Available physical RAM: 11481.15 MB
Total Virtual: 22748.91 MB
Available Virtual: 15950.92 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.43 GB) (Free:38.83 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:536.47 GB) NTFS
\\?\Volume{f665b3e7-c0e8-49f8-9a02-b70a67a363ec}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{4cdab58b-0ac3-461e-b82a-03b6077f4406}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{5a80ef05-2041-40fc-8eec-724c2f12019e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
https://www.diallix.net/programing/192-procterm - stiahnite subor, spustite ako Spravca a log vlozte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
https://www.diallix.net/programing/192-procterm - stiahnite subor, spustite ako Spravca a log vlozte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Preventivka
Dobrý den, zde je log. program nenašel žádné hrozby.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-24-2020
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1406 octets] - [24/03/2020 16:19:43]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
.
----------- Inline Hook Scanner --------[3.6]---
Written by Diallix (C)
http://www.diallix.net
------------------------------------------------
.
.
...[Time/Date]: 16:21/24.2 2020
...[Running as Admin.]: Yes
.
.
=== Running Executable objects and their loaded modules ===
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9619_none_508d9c7abcbd32b6\MSVCR90.dll
C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Program Files (x86)\ASUS\AXSP\4.00.01\ATKEX.dll
C:\Program Files (x86)\ASUS\AXSP\4.00.01\ASUS_WMI.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\X86\MpOav.dll
C:\WINDOWS\SYSTEM32\asio.dll
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\WINDOWS\SYSTEM32\AcLayers.DLL
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackendAPI32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvABHubAPI.node
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryAPI32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.720_none_5f56df818223263f\gdiplus.dll
C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\NvGfeServiceBridge.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\WINDOWS\SYSTEM32\MSVCP140.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\LIBEAY32.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\MessageBus.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryBridge32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\NvGameShare.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\ssleay32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
C:\WINDOWS\SYSTEM32\inputhost.dll
C:\WINDOWS\SYSTEM32\CoreMessaging.dll
C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\PocoInitializer.dll
C:\Program Files (x86)\NVIDIA Corporation\NvAb\NvAbHubClient\NvPluginAbHubClient32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvShadowPlayAPINode.node
C:\WINDOWS\SYSTEM32\XINPUT9_1_0.dll
C:\Program Files (x86)\NVIDIA Corporation\ShadowPlay\nvspapi.dll
C:\Program Files (x86)\NVIDIA Corporation\ShadowPlay\IpcCommon.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
C:\Program Files (x86)\Steam\Steam.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.720_none_2e6bec9c2790ac71\COMCTL32.dll
C:\Program Files (x86)\Steam\crashhandler.dll
C:\Program Files (x86)\Steam\steamui.dll
C:\Program Files (x86)\Steam\SDL2.dll
C:\Program Files (x86)\Steam\tier0_s.dll
C:\Program Files (x86)\Steam\vstdlib_s.dll
C:\Program Files (x86)\Steam\video.dll
C:\Program Files (x86)\Steam\v8.dll
C:\Program Files (x86)\Steam\libavformat-57.dll
C:\Program Files (x86)\Steam\libavresample-3.dll
C:\Program Files (x86)\Steam\libswscale-4.dll
C:\Program Files (x86)\Steam\libavutil-55.dll
C:\Program Files (x86)\Steam\libavcodec-57.dll
C:\Program Files (x86)\Steam\icuuc.dll
C:\Program Files (x86)\Steam\icui18n.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\WINDOWS\SYSTEM32\inputhost.dll
C:\WINDOWS\SYSTEM32\CoreMessaging.dll
C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
C:\Program Files (x86)\Steam\bin\filesystem_stdio.DLL
C:\Program Files (x86)\Steam\bin\vgui2_s.DLL
C:\Program Files (x86)\Steam\bin\chromehtml.DLL
C:\Program Files (x86)\Steam\steamclient.dll
C:\WINDOWS\SYSTEM32\wdmaud.drv
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\X86\MpOav.dll
C:\WINDOWS\SYSTEM32\msacm32.drv
C:\Windows\System32\Windows.UI.dll
C:\Windows\System32\TextInputFramework.dll
C:\Program Files (x86)\Steam\openvr_api.dll
c:\program files (x86)\steam\bin\friendsui.DLL
c:\program files (x86)\steam\bin\serverbrowser.DLL
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\Program Files (x86)\Common Files\Steam\SteamService.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\92d30f3dd1d092e15dd783b14354d8ea\mscorlib.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\fe540975c21bb6f0b57e398ee683b7c4\System.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\8cec84ecb3d50ccbba63dc64d18eefaf\System.Core.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\e320ba92ff2bd523bdbdd72f6f43e7c2\WindowsBase.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\413b74e704364b513cd3abd0d2954a13\PresentationCore.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5b1a203513d3910578fb38c83afd7693\PresentationFramework.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\1e0830df8058cf7e673e0893b0ece41e\System.Xaml.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
C:\WINDOWS\SYSTEM32\MSVCP140_CLR0400.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\132a9ec10529cb2fbc9954f9d763f049\System.Configuration.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\8d4bbd14b198a87068a91066b2e86125\System.Xml.ni.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvldumd.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvd3dum.dll
C:\WINDOWS\SYSTEM32\ColorAdapterClient.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\d7ec5cb75d2dc6a44a1347a6beb35d7d\PresentationFramework.Aero2.ni.dll
C:\WINDOWS\system32\nvspcap.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.720_none_5f56df818223263f\gdiplus.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
C:\WINDOWS\SYSTEM32\MSVCR110D.dll
C:\WINDOWS\SYSTEM32\mfc110ud.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\GVBIOSLib.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.18362.720_none_71d2c04b5ae7c8b4\COMCTL32.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\fd0d1829bc2c4eaa8230ec34aa680fdd\System.Management.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\wminet_utils.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\X86\MpOav.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b452101e80957698b19b9d73a1988f34\System.Xml.Linq.ni.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\MsIo32_Galax.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\SDKDLL.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
C:\Program Files\ENE\Aac_ENE_EHD_HAL\AacHal_x86.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\Check_Kill.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\92d30f3dd1d092e15dd783b14354d8ea\mscorlib.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\fe540975c21bb6f0b57e398ee683b7c4\System.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\8cec84ecb3d50ccbba63dc64d18eefaf\System.Core.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\e320ba92ff2bd523bdbdd72f6f43e7c2\WindowsBase.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\413b74e704364b513cd3abd0d2954a13\PresentationCore.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5b1a203513d3910578fb38c83afd7693\PresentationFramework.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\1e0830df8058cf7e673e0893b0ece41e\System.Xaml.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
C:\WINDOWS\SYSTEM32\MSVCP140_CLR0400.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\132a9ec10529cb2fbc9954f9d763f049\System.Configuration.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\8d4bbd14b198a87068a91066b2e86125\System.Xml.ni.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvldumd.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvd3dum.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\d7ec5cb75d2dc6a44a1347a6beb35d7d\PresentationFramework.Aero2.ni.dll
C:\WINDOWS\system32\nvspcap.dll
C:\Users\ulol\Desktop\adwcleaner_8.0.3.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\WINDOWS\SYSTEM32\TextInputFramework.dll
C:\WINDOWS\SYSTEM32\CoreMessaging.dll
C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\X86\MpOav.dll
C:\Windows\System32\Windows.StateRepositoryPS.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.720_none_2e6bec9c2790ac71\comctl32.dll
C:\WINDOWS\SYSTEM32\CLDAPI.dll
C:\Windows\System32\appresolver.dll
C:\Windows\System32\sppc.dll
C:\Windows\System32\OneCoreCommonProxyStub.dll
C:\Windows\System32\OneCoreUAPCommonProxyStub.dll
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.720_none_2e6bec9c2790ac71\COMCTL32.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\System32\TextInputFramework.dll
C:\WINDOWS\System32\CoreUIComponents.dll
C:\WINDOWS\System32\CoreMessaging.dll
C:\Users\ulol\Desktop\hookscanner.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.18362.720_none_71d2c04b5ae7c8b4\COMCTL32.dll
C:\WINDOWS\System32\UMPDC.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\92d30f3dd1d092e15dd783b14354d8ea\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
.
.
[Total scanned objects]: 854.
.
.
[EOF]
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-24-2020
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1406 octets] - [24/03/2020 16:19:43]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
.
----------- Inline Hook Scanner --------[3.6]---
Written by Diallix (C)
http://www.diallix.net
------------------------------------------------
.
.
...[Time/Date]: 16:21/24.2 2020
...[Running as Admin.]: Yes
.
.
=== Running Executable objects and their loaded modules ===
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9619_none_508d9c7abcbd32b6\MSVCR90.dll
C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Program Files (x86)\ASUS\AXSP\4.00.01\ATKEX.dll
C:\Program Files (x86)\ASUS\AXSP\4.00.01\ASUS_WMI.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\X86\MpOav.dll
C:\WINDOWS\SYSTEM32\asio.dll
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\WINDOWS\SYSTEM32\AcLayers.DLL
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackendAPI32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvABHubAPI.node
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryAPI32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.720_none_5f56df818223263f\gdiplus.dll
C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\NvGfeServiceBridge.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\WINDOWS\SYSTEM32\MSVCP140.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\LIBEAY32.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\MessageBus.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryBridge32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\NvGameShare.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\ssleay32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
C:\WINDOWS\SYSTEM32\inputhost.dll
C:\WINDOWS\SYSTEM32\CoreMessaging.dll
C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\PocoInitializer.dll
C:\Program Files (x86)\NVIDIA Corporation\NvAb\NvAbHubClient\NvPluginAbHubClient32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvShadowPlayAPINode.node
C:\WINDOWS\SYSTEM32\XINPUT9_1_0.dll
C:\Program Files (x86)\NVIDIA Corporation\ShadowPlay\nvspapi.dll
C:\Program Files (x86)\NVIDIA Corporation\ShadowPlay\IpcCommon.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
C:\Program Files (x86)\Steam\Steam.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.720_none_2e6bec9c2790ac71\COMCTL32.dll
C:\Program Files (x86)\Steam\crashhandler.dll
C:\Program Files (x86)\Steam\steamui.dll
C:\Program Files (x86)\Steam\SDL2.dll
C:\Program Files (x86)\Steam\tier0_s.dll
C:\Program Files (x86)\Steam\vstdlib_s.dll
C:\Program Files (x86)\Steam\video.dll
C:\Program Files (x86)\Steam\v8.dll
C:\Program Files (x86)\Steam\libavformat-57.dll
C:\Program Files (x86)\Steam\libavresample-3.dll
C:\Program Files (x86)\Steam\libswscale-4.dll
C:\Program Files (x86)\Steam\libavutil-55.dll
C:\Program Files (x86)\Steam\libavcodec-57.dll
C:\Program Files (x86)\Steam\icuuc.dll
C:\Program Files (x86)\Steam\icui18n.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\WINDOWS\SYSTEM32\inputhost.dll
C:\WINDOWS\SYSTEM32\CoreMessaging.dll
C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
C:\Program Files (x86)\Steam\bin\filesystem_stdio.DLL
C:\Program Files (x86)\Steam\bin\vgui2_s.DLL
C:\Program Files (x86)\Steam\bin\chromehtml.DLL
C:\Program Files (x86)\Steam\steamclient.dll
C:\WINDOWS\SYSTEM32\wdmaud.drv
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\X86\MpOav.dll
C:\WINDOWS\SYSTEM32\msacm32.drv
C:\Windows\System32\Windows.UI.dll
C:\Windows\System32\TextInputFramework.dll
C:\Program Files (x86)\Steam\openvr_api.dll
c:\program files (x86)\steam\bin\friendsui.DLL
c:\program files (x86)\steam\bin\serverbrowser.DLL
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\Program Files (x86)\Common Files\Steam\SteamService.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\92d30f3dd1d092e15dd783b14354d8ea\mscorlib.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\fe540975c21bb6f0b57e398ee683b7c4\System.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\8cec84ecb3d50ccbba63dc64d18eefaf\System.Core.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\e320ba92ff2bd523bdbdd72f6f43e7c2\WindowsBase.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\413b74e704364b513cd3abd0d2954a13\PresentationCore.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5b1a203513d3910578fb38c83afd7693\PresentationFramework.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\1e0830df8058cf7e673e0893b0ece41e\System.Xaml.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
C:\WINDOWS\SYSTEM32\MSVCP140_CLR0400.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\132a9ec10529cb2fbc9954f9d763f049\System.Configuration.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\8d4bbd14b198a87068a91066b2e86125\System.Xml.ni.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvldumd.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvd3dum.dll
C:\WINDOWS\SYSTEM32\ColorAdapterClient.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\d7ec5cb75d2dc6a44a1347a6beb35d7d\PresentationFramework.Aero2.ni.dll
C:\WINDOWS\system32\nvspcap.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.18362.720_none_5f56df818223263f\gdiplus.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
C:\WINDOWS\SYSTEM32\MSVCR110D.dll
C:\WINDOWS\SYSTEM32\mfc110ud.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\GVBIOSLib.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.18362.720_none_71d2c04b5ae7c8b4\COMCTL32.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\fd0d1829bc2c4eaa8230ec34aa680fdd\System.Management.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\wminet_utils.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\X86\MpOav.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b452101e80957698b19b9d73a1988f34\System.Xml.Linq.ni.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\MsIo32_Galax.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\SDKDLL.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
C:\Program Files\ENE\Aac_ENE_EHD_HAL\AacHal_x86.dll
C:\Program Files (x86)\GIGABYTE\RGBFusion\Check_Kill.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\92d30f3dd1d092e15dd783b14354d8ea\mscorlib.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\fe540975c21bb6f0b57e398ee683b7c4\System.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\8cec84ecb3d50ccbba63dc64d18eefaf\System.Core.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\e320ba92ff2bd523bdbdd72f6f43e7c2\WindowsBase.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\413b74e704364b513cd3abd0d2954a13\PresentationCore.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5b1a203513d3910578fb38c83afd7693\PresentationFramework.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\1e0830df8058cf7e673e0893b0ece41e\System.Xaml.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
C:\WINDOWS\SYSTEM32\MSVCP140_CLR0400.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\132a9ec10529cb2fbc9954f9d763f049\System.Configuration.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\8d4bbd14b198a87068a91066b2e86125\System.Xml.ni.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvldumd.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvd3dum.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\d7ec5cb75d2dc6a44a1347a6beb35d7d\PresentationFramework.Aero2.ni.dll
C:\WINDOWS\system32\nvspcap.dll
C:\Users\ulol\Desktop\adwcleaner_8.0.3.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\WINDOWS\SYSTEM32\TextInputFramework.dll
C:\WINDOWS\SYSTEM32\CoreMessaging.dll
C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\X86\MpOav.dll
C:\Windows\System32\Windows.StateRepositoryPS.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.720_none_2e6bec9c2790ac71\comctl32.dll
C:\WINDOWS\SYSTEM32\CLDAPI.dll
C:\Windows\System32\appresolver.dll
C:\Windows\System32\sppc.dll
C:\Windows\System32\OneCoreCommonProxyStub.dll
C:\Windows\System32\OneCoreUAPCommonProxyStub.dll
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.720_none_2e6bec9c2790ac71\COMCTL32.dll
C:\WINDOWS\System32\UMPDC.dll
C:\WINDOWS\System32\TextInputFramework.dll
C:\WINDOWS\System32\CoreUIComponents.dll
C:\WINDOWS\System32\CoreMessaging.dll
C:\Users\ulol\Desktop\hookscanner.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.18362.720_none_71d2c04b5ae7c8b4\COMCTL32.dll
C:\WINDOWS\System32\UMPDC.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\92d30f3dd1d092e15dd783b14354d8ea\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
.
.
[Total scanned objects]: 854.
.
.
[EOF]
Re: Preventivka
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\MountPoints2: {26b33e8b-03a9-11ea-9bb0-48f17fdd5c9c} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\MountPoints2: {ab018d50-3d28-11ea-9bbb-48f17fdd5c9c} - "E:\HiSuiteDownLoader.exe"
Task: {39717EE8-01AF-4214-8480-EA1E470680BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
Task: {8EC410E6-518C-4EFF-96D8-C92C03CAC9D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S4 LMIRfsClientNP; no ImagePath
FirewallRules: [UDP Query User{A61976FC-DBD8-4A46-BC7F-C1B8387B26E1}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [TCP Query User{03CE5949-FE8B-4051-8299-98DAD3701F13}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [UDP Query User{4648DE38-0900-47E3-856E-3DDFF2F5AA45}D:\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [TCP Query User{9B884547-7090-42C5-99A8-16E747217265}D:\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [{74B29AB0-565B-4029-9316-0BBA5390277F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{44314A15-E2AB-442F-8994-3E4472223706}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EF0ACEA7-0E05-4EC1-B382-338335EF89C2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{C830097A-0CD1-4F44-A58A-588C8AD3F8C2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [TCP Query User{36BB5C61-F5DE-444A-9C05-DD53668E2351}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{75BFF565-9F5F-4006-8C54-5867E24E3982}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{21EFA9D7-8D59-409E-87A3-34C72313C5DB}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{77A9909C-7A5E-4262-9F49-2BACE395C8B2}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{A97C8A9B-7859-419B-9605-5D52824750EA}C:\program files (x86)\counter-strike 1.6 v35\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 v35\hl.exe No File
FirewallRules: [UDP Query User{F7BCDF4A-CDAB-4EF0-9396-D07122D40EB0}C:\program files (x86)\counter-strike 1.6 v35\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 v35\hl.exe No File
EmptyTemp:
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Preventivka
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-03-2020
Ran by Martin (24-03-2020 16:38:17) Run:1
Running from C:\Users\ulol\Documents
Loaded Profiles: Martin (Available Profiles: Martin & lucie)
Boot Mode: Normal
==============================================
fixlist content:
*****************
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\MountPoints2: {26b33e8b-03a9-11ea-9bb0-48f17fdd5c9c} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\MountPoints2: {ab018d50-3d28-11ea-9bbb-48f17fdd5c9c} - "E:\HiSuiteDownLoader.exe"
Task: {39717EE8-01AF-4214-8480-EA1E470680BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
Task: {8EC410E6-518C-4EFF-96D8-C92C03CAC9D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S4 LMIRfsClientNP; no ImagePath
FirewallRules: [UDP Query User{A61976FC-DBD8-4A46-BC7F-C1B8387B26E1}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [TCP Query User{03CE5949-FE8B-4051-8299-98DAD3701F13}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [UDP Query User{4648DE38-0900-47E3-856E-3DDFF2F5AA45}D:\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [TCP Query User{9B884547-7090-42C5-99A8-16E747217265}D:\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [{74B29AB0-565B-4029-9316-0BBA5390277F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{44314A15-E2AB-442F-8994-3E4472223706}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EF0ACEA7-0E05-4EC1-B382-338335EF89C2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{C830097A-0CD1-4F44-A58A-588C8AD3F8C2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [TCP Query User{36BB5C61-F5DE-444A-9C05-DD53668E2351}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{75BFF565-9F5F-4006-8C54-5867E24E3982}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{21EFA9D7-8D59-409E-87A3-34C72313C5DB}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{77A9909C-7A5E-4262-9F49-2BACE395C8B2}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{A97C8A9B-7859-419B-9605-5D52824750EA}C:\program files (x86)\counter-strike 1.6 v35\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 v35\hl.exe No File
FirewallRules: [UDP Query User{F7BCDF4A-CDAB-4EF0-9396-D07122D40EB0}C:\program files (x86)\counter-strike 1.6 v35\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 v35\hl.exe No File
EmptyTemp:
*****************
"HKU\S-1-5-21-489706986-3539278758-563595600-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
HKU\S-1-5-21-489706986-3539278758-563595600-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26b33e8b-03a9-11ea-9bb0-48f17fdd5c9c} => removed successfully
HKU\S-1-5-21-489706986-3539278758-563595600-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab018d50-3d28-11ea-9bbb-48f17fdd5c9c} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39717EE8-01AF-4214-8480-EA1E470680BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39717EE8-01AF-4214-8480-EA1E470680BD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8EC410E6-518C-4EFF-96D8-C92C03CAC9D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EC410E6-518C-4EFF-96D8-C92C03CAC9D6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\System\CurrentControlSet\Services\LMIRfsClientNP => removed successfully
LMIRfsClientNP => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A61976FC-DBD8-4A46-BC7F-C1B8387B26E1}D:\hry\worms 4 mayhem\worms 4 mayhem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{03CE5949-FE8B-4051-8299-98DAD3701F13}D:\hry\worms 4 mayhem\worms 4 mayhem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4648DE38-0900-47E3-856E-3DDFF2F5AA45}D:\worms 4 mayhem\worms 4 mayhem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9B884547-7090-42C5-99A8-16E747217265}D:\worms 4 mayhem\worms 4 mayhem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74B29AB0-565B-4029-9316-0BBA5390277F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44314A15-E2AB-442F-8994-3E4472223706}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF0ACEA7-0E05-4EC1-B382-338335EF89C2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C830097A-0CD1-4F44-A58A-588C8AD3F8C2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{36BB5C61-F5DE-444A-9C05-DD53668E2351}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{75BFF565-9F5F-4006-8C54-5867E24E3982}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{21EFA9D7-8D59-409E-87A3-34C72313C5DB}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{77A9909C-7A5E-4262-9F49-2BACE395C8B2}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A97C8A9B-7859-419B-9605-5D52824750EA}C:\program files (x86)\counter-strike 1.6 v35\hl.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F7BCDF4A-CDAB-4EF0-9396-D07122D40EB0}C:\program files (x86)\counter-strike 1.6 v35\hl.exe" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 246345027 B
Java, Flash, Steam htmlcache => 317224506 B
Windows/system/drivers => 6556887 B
Edge => 1289539 B
Chrome => 479861192 B
Firefox => 61918677 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7430 B
NetworkService => 6151806 B
ulol => 577550237 B
lucie => 614327839 B
RecycleBin => 10594377598 B
EmptyTemp: => 12 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:39:19 ====
Ran by Martin (24-03-2020 16:38:17) Run:1
Running from C:\Users\ulol\Documents
Loaded Profiles: Martin (Available Profiles: Martin & lucie)
Boot Mode: Normal
==============================================
fixlist content:
*****************
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\MountPoints2: {26b33e8b-03a9-11ea-9bb0-48f17fdd5c9c} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-489706986-3539278758-563595600-1002\...\MountPoints2: {ab018d50-3d28-11ea-9bbb-48f17fdd5c9c} - "E:\HiSuiteDownLoader.exe"
Task: {39717EE8-01AF-4214-8480-EA1E470680BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
Task: {8EC410E6-518C-4EFF-96D8-C92C03CAC9D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-27] (Google Inc -> Google LLC)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S4 LMIRfsClientNP; no ImagePath
FirewallRules: [UDP Query User{A61976FC-DBD8-4A46-BC7F-C1B8387B26E1}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [TCP Query User{03CE5949-FE8B-4051-8299-98DAD3701F13}D:\hry\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\hry\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [UDP Query User{4648DE38-0900-47E3-856E-3DDFF2F5AA45}D:\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [TCP Query User{9B884547-7090-42C5-99A8-16E747217265}D:\worms 4 mayhem\worms 4 mayhem.exe] => (Allow) D:\worms 4 mayhem\worms 4 mayhem.exe No File
FirewallRules: [{74B29AB0-565B-4029-9316-0BBA5390277F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{44314A15-E2AB-442F-8994-3E4472223706}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EF0ACEA7-0E05-4EC1-B382-338335EF89C2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{C830097A-0CD1-4F44-A58A-588C8AD3F8C2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [TCP Query User{36BB5C61-F5DE-444A-9C05-DD53668E2351}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{75BFF565-9F5F-4006-8C54-5867E24E3982}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{21EFA9D7-8D59-409E-87A3-34C72313C5DB}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe No File
FirewallRules: [UDP Query User{77A9909C-7A5E-4262-9F49-2BACE395C8B2}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe No File
FirewallRules: [TCP Query User{A97C8A9B-7859-419B-9605-5D52824750EA}C:\program files (x86)\counter-strike 1.6 v35\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 v35\hl.exe No File
FirewallRules: [UDP Query User{F7BCDF4A-CDAB-4EF0-9396-D07122D40EB0}C:\program files (x86)\counter-strike 1.6 v35\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 v35\hl.exe No File
EmptyTemp:
*****************
"HKU\S-1-5-21-489706986-3539278758-563595600-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
HKU\S-1-5-21-489706986-3539278758-563595600-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26b33e8b-03a9-11ea-9bb0-48f17fdd5c9c} => removed successfully
HKU\S-1-5-21-489706986-3539278758-563595600-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab018d50-3d28-11ea-9bbb-48f17fdd5c9c} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39717EE8-01AF-4214-8480-EA1E470680BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39717EE8-01AF-4214-8480-EA1E470680BD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8EC410E6-518C-4EFF-96D8-C92C03CAC9D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EC410E6-518C-4EFF-96D8-C92C03CAC9D6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\System\CurrentControlSet\Services\LMIRfsClientNP => removed successfully
LMIRfsClientNP => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A61976FC-DBD8-4A46-BC7F-C1B8387B26E1}D:\hry\worms 4 mayhem\worms 4 mayhem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{03CE5949-FE8B-4051-8299-98DAD3701F13}D:\hry\worms 4 mayhem\worms 4 mayhem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4648DE38-0900-47E3-856E-3DDFF2F5AA45}D:\worms 4 mayhem\worms 4 mayhem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9B884547-7090-42C5-99A8-16E747217265}D:\worms 4 mayhem\worms 4 mayhem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74B29AB0-565B-4029-9316-0BBA5390277F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44314A15-E2AB-442F-8994-3E4472223706}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF0ACEA7-0E05-4EC1-B382-338335EF89C2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C830097A-0CD1-4F44-A58A-588C8AD3F8C2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{36BB5C61-F5DE-444A-9C05-DD53668E2351}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{75BFF565-9F5F-4006-8C54-5867E24E3982}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{21EFA9D7-8D59-409E-87A3-34C72313C5DB}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{77A9909C-7A5E-4262-9F49-2BACE395C8B2}C:\program files (x86)\kingdom come deliverance a womans lot\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A97C8A9B-7859-419B-9605-5D52824750EA}C:\program files (x86)\counter-strike 1.6 v35\hl.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F7BCDF4A-CDAB-4EF0-9396-D07122D40EB0}C:\program files (x86)\counter-strike 1.6 v35\hl.exe" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 246345027 B
Java, Flash, Steam htmlcache => 317224506 B
Windows/system/drivers => 6556887 B
Edge => 1289539 B
Chrome => 479861192 B
Firefox => 61918677 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7430 B
NetworkService => 6151806 B
ulol => 577550237 B
lucie => 614327839 B
RecycleBin => 10594377598 B
EmptyTemp: => 12 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:39:19 ====
Re: Preventivka
Oki, ako je na tom pocitac?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Preventivka
Přijde mi, že bez problémů, jako před tím.
Tak snad by mělo být vše v pořádku.
Vřele děkuji.
Tak snad by mělo být vše v pořádku.
Vřele děkuji.
Re: Preventivka
Tak je to ok :]] nemate zac
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?