Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Poprosím preventívku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Poprosím preventívku

#1 Příspěvek od PureHate44 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC1 at 2020-06-02 16:31:59
Microsoft Windows 10 Home
System drive C: has 71 GB (31%) free of 229 GB
Total RAM: 16335 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:32:05, on 2. 6. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI\Dragon Center\APP_Dragon_Center_Keeper.exe
C:\Program Files (x86)\MSI\Dragon Center\StorageMonitor\StorageMonitor.exe
E:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
E:\Program Files\TxGameAssistant\AppMarket\TBSWebRenderer.exe
C:\Users\PC1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
E:\Program Files\TxGameAssistant\AppMarket\TBSWebRenderer.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Adguard\Adguard.exe
C:\Program Files\trend micro\PC1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.net # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
O4 - HKCU\..\Run: [OneDrive] "C:\Users\PC1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_19ACBD9F62975BB0B01B7468665DF1C7] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Discord] C:\Users\PC1\AppData\Local\Discord\app-0.0.306\Discord.exe
O4 - HKCU\..\Run: [Adguard] C:\Program Files (x86)\Adguard\Adguard.exe /nosplash
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adguard Service - Adguard Software Ltd - C:\Program Files (x86)\Adguard\AdguardSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\Windows\System32\DriverStore\FileRepository\c0354308.inf_amd64_e6089e8d995128c8\B354265\atiesrxx.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_8a0f1de - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: Dragon Center Service (DragonCenter_Service) - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: QMEmulatorService - Tencent - E:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9695 bytes

======Listing Processes======








C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k RPCSS -p
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\Windows\system32\svchost.exe -k LocalService -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
"E:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\Windows\System32\DriverStore\FileRepository\c0354308.inf_amd64_e6089e8d995128c8\B354265\atiesrxx.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache
C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\Windows\System32\svchost.exe -k utcsvc -p
C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Adguard\AdguardSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe"
C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\System32\svchost.exe -k netsvcs -p
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc


"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo

C:\Windows\system32\svchost.exe -k LocalService -p -s BthAvctpSvc

C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe"
"C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe"
"C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s XblAuthManager

C:\Windows\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
Global\GameInputSession_9
atieclxx
sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"ctfmon.exe"
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Program Files (x86)\MSI\Dragon Center\APP_Dragon_Center_Keeper.exe"
"C:\Program Files (x86)\MSI\Dragon Center\StorageMonitor\StorageMonitor.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.91.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\PC1\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\PC1\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=83.0.4103.61 --initial-client-data=0xe8,0xec,0xf0,0xc4,0xf4,0x7fffda74bd28,0x7fffda74bd38,0x7fffda74bd48
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1644 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1824 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3764 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3828 /prefetch:1
"C:\Program Files (x86)\MSI\Dragon Center\CC_Engine_x64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"E:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe" -launchtray
"C:\Windows\System32\SecurityHealthSystray.exe"
"E:\Program Files\TxGameAssistant\AppMarket\TBSWebRenderer.exe" --type=gpu-process --channel="2912.0.117070440\1482398444" --mojo-application-channel-token=0006680C2B14363968E35C3A6E6E8EC0 --no-sandbox --lang=en-US --log-file="E:\Program Files\TxGameAssistant\AppMarket\debug.log" --dummy-exception-handler --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,16,18,31,56 --gpu-vendor-id=0x1002 --gpu-device-id=0x67df --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=26.20.15029.27016 --gpu-driver-date=4-21-2020 --lang=en-US --log-file="E:\Program Files\TxGameAssistant\AppMarket\debug.log" --dummy-exception-handler --mojo-platform-channel-handle=1976 /prefetch:2
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
"C:\Users\PC1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"E:\Program Files\TxGameAssistant\AppMarket\TBSWebRenderer.exe" --type=renderer --enable-smooth-scrolling --force-device-scale-factor=1,00 --no-sandbox --enable-begin-frame-scheduling --client-id=TGB_Market --primordial-pipe-token=CE471A656FC4B6DD395E1113A83EF219 --user-agent-extra="TGBSdk/3.8.7 Tencent AppMarket/3.11.377.100" --lang=en-US --lang=en-US --log-file="E:\Program Files\TxGameAssistant\AppMarket\debug.log" --dummy-exception-handler --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=DD8C5B927D376FF18AF874DA283DBC82 --mojo-application-channel-token=CE471A656FC4B6DD395E1113A83EF219 --channel="2912.1.1309012686\1829107607" --fix-fasa --mojo-platform-channel-handle=3132 /prefetch:1
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Steam\steam.exe" -silent
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\PC1\AppData\Local\Steam\htmlcache" "-steampid=28264" "-buildid=1589513816" "-steamid=0" "-steamuniverse=Public" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\PC1\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1589513816 --initial-client-data=0x310,0x314,0x318,0x30c,0x31c,0x7fffb8edbed0,0x7fffb8edbee0,0x7fffb8edbef0
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1540,11053551278411896343,17773650728636268223,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=sk-SK --buildid=1589513816 --steamid=0 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=14453513085102631986 --mojo-platform-channel-handle=1556 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --field-trial-handle=1540,11053551278411896343,17773650728636268223,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --lang=sk --service-sandbox-type=network --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=sk-SK --buildid=1589513816 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=9731152468684667967 --mojo-platform-channel-handle=2136 /prefetch:8
"C:\Program Files (x86)\Adguard\Adguard.exe" /nosplash
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\Xbox.exe" --minimize
"C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe"
"C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\Xbox.exe" --type=gpu-process --enable-features=SharedArrayBuffer --disable-features=SpareRendererForSitePerProcess --no-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=16481948104310657088 --mojo-platform-channel-handle=1660 /prefetch:2
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1540,11053551278411896343,17773650728636268223,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=sk --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1589513816 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2082304976133363216 --renderer-client-id=6 --mojo-platform-channel-handle=2884 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1540,11053551278411896343,17773650728636268223,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=sk --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1589513816 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=14093297158567876600 --renderer-client-id=7 --mojo-platform-channel-handle=3008 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\Xbox.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --enable-features=SharedArrayBuffer --disable-features=SpareRendererForSitePerProcess --service-pipe-token=3109028905660714385 --lang=sk --app-user-model-id=Microsoft.GamingApp_8wekyb3d8bbwe!Microsoft.Xbox.App --app-path="C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\resources\app" --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Xbox/2003.1001.4.0 Chrome/69.0.3497.128 Electron/4.2.2 Safari/537.36" --node-integration=true --webview-tag=true --no-sandbox --background-color=#FF171717 --enable-blink-features=CSSBackdropFilter,WebAnimationsAPI --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=3109028905660714385 --renderer-client-id=6 --mojo-platform-channel-handle=2236 /prefetch:1
"C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/Win64/UnrealCEFSubProcess.exe" --type=gpu-process --no-sandbox --lang=en --locales-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-file=C:/Users/PC1/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-severity=warning --product-version="EpicGamesLauncher/10.16.1-13343695+++Portal+Release-Live UnrealEngine/4.23.0-13343695+++Portal+Release-Live Chrome/59.0.3071.15" --resources-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x67df --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=26.20.15029.27016 --gpu-driver-date=4-21-2020 --lang=en --locales-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-file=C:/Users/PC1/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-severity=warning --product-version="EpicGamesLauncher/10.16.1-13343695+++Portal+Release-Live UnrealEngine/4.23.0-13343695+++Portal+Release-Live Chrome/59.0.3071.15" --resources-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --service-request-channel-token=AF0E9F6D823FAD0AC9F32B1B3EAA3396 --mojo-platform-channel-handle=1308 /prefetch:2
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=4024 /prefetch:8
C:\Windows\System32\svchost.exe -k UnistackSvcGroup


"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
"C:\Program Files\qBittorrent\qbittorrent.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Windows\system32\AUDIODG.EXE 0x754
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1540,11053551278411896343,17773650728636268223,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=sk --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1589513816 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=877676391098049797 --renderer-client-id=9 --mojo-platform-channel-handle=3344 /prefetch:1
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=347 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe" -Embedding
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFT.exe" /InvokerPRAID: App
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\totalcmd\TOTALCMD64.EXE"
C:\Windows\system32\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=379 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8648 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=391 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=399 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=401 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=402 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8060 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=409 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8092 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=418 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe154_ Global\UsGthrCtrlFltPipeMssGthrPipe154 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 768 772 780 8192 776
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=421 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7812 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,1255433221386418488,3990519794494446869,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=422 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9472 /prefetch:1
C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\PC1\Downloads\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\ocl9vi7m.default-release

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.10]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Windows\system32\SecurityHealthSystray.exe [2020-02-13 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2020-04-10 9277520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\PC1\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-05-29 1591656]
"GoogleChromeAutoLaunch_19ACBD9F62975BB0B01B7468665DF1C7"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2020-05-16 1798640]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-09-04 731240]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2020-05-15 3372832]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-05-01 27775672]
"Discord"=C:\Users\PC1\AppData\Local\Discord\app-0.0.306\Discord.exe [2020-02-24 90950968]
"Adguard"=C:\Program Files (x86)\Adguard\Adguard.exe [2020-04-06 5571432]
"EpicGamesLauncher"=C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2020-05-20 31867792]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-06-02 16:31:59 ----D---- C:\rsit
2020-06-02 16:31:59 ----D---- C:\Program Files\trend micro
2020-06-01 12:17:17 ----D---- C:\Users\PC1\AppData\Roaming\Adguard Software Ltd
2020-05-31 18:00:06 ----D---- C:\Users\PC1\AppData\Roaming\WeMod
2020-05-29 21:43:44 ----D---- C:\Program Files\UNP
2020-05-24 22:22:11 ----D---- C:\Program Files (x86)\Windows Kits
2020-05-24 22:22:11 ----D---- C:\Program Files (x86)\Microsoft GameInput
2020-05-24 22:22:08 ----A---- C:\Windows\system32\gameplatformservices.dll
2020-05-24 01:55:12 ----D---- C:\Program Files (x86)\OpenAL
2020-05-24 01:55:12 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2020-05-24 01:55:12 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2020-05-24 01:55:12 ----A---- C:\Windows\system32\wrap_oal.dll
2020-05-24 01:55:12 ----A---- C:\Windows\system32\OpenAL32.dll
2020-05-24 01:55:03 ----D---- C:\Program Files (x86)\Microsoft XNA
2020-05-24 01:20:18 ----D---- C:\Windows\LastGood.Tmp
2020-05-24 01:18:39 ----A---- C:\Windows\SYSWOW64\vulkan-1-999-0-0-0.dll
2020-05-24 01:18:39 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2020-05-24 01:18:39 ----A---- C:\Windows\SYSWOW64\detoured.dll
2020-05-24 01:18:39 ----A---- C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-05-24 01:18:39 ----A---- C:\Windows\system32\vulkan-1.dll
2020-05-24 01:18:39 ----A---- C:\Windows\system32\detoured.dll
2020-05-24 01:18:35 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2020-05-24 01:18:35 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2020-05-24 01:18:35 ----A---- C:\Windows\system32\OpenCL.dll
2020-05-24 01:18:23 ----A---- C:\Windows\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-24 01:18:23 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2020-05-24 01:18:23 ----A---- C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-24 01:18:23 ----A---- C:\Windows\system32\vulkaninfo.exe
2020-05-17 14:22:30 ----D---- C:\ProgramData\Rockstar Games
2020-05-17 14:21:53 ----D---- C:\Program Files (x86)\Rockstar Games
2020-05-17 14:21:47 ----D---- C:\Program Files\Rockstar Games
2020-05-14 23:16:39 ----D---- C:\ProgramData\Epic
2020-05-14 23:16:39 ----D---- C:\Program Files (x86)\Epic Games
2020-05-13 23:12:14 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Picker.dll
2020-05-13 23:12:14 ----A---- C:\Windows\SYSWOW64\ConsoleLogon.dll
2020-05-13 23:12:14 ----A---- C:\Windows\SYSWOW64\AccountsRt.dll
2020-05-13 23:12:14 ----A---- C:\Windows\system32\Windows.UI.BioFeedback.dll
2020-05-13 23:12:14 ----A---- C:\Windows\system32\Windows.Devices.Picker.dll
2020-05-13 23:12:14 ----A---- C:\Windows\system32\WinBioDataModel.dll
2020-05-13 23:12:14 ----A---- C:\Windows\system32\wbengine.exe
2020-05-13 23:12:14 ----A---- C:\Windows\system32\wbadmin.exe
2020-05-13 23:12:14 ----A---- C:\Windows\system32\TSSessionUX.dll
2020-05-13 23:12:14 ----A---- C:\Windows\system32\RDXService.dll
2020-05-13 23:12:14 ----A---- C:\Windows\system32\ConsoleLogon.dll
2020-05-13 23:12:14 ----A---- C:\Windows\system32\AccountsRt.dll
2020-05-13 23:12:12 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2020-05-13 23:12:12 ----A---- C:\Windows\SYSWOW64\Windows.Media.Editing.dll
2020-05-13 23:12:12 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2020-05-13 23:12:12 ----A---- C:\Windows\SYSWOW64\MixedRealityRuntime.dll
2020-05-13 23:12:12 ----A---- C:\Windows\SYSWOW64\mfsrcsnk.dll
2020-05-13 23:12:12 ----A---- C:\Windows\SYSWOW64\HoloShellRuntime.dll
2020-05-13 23:12:05 ----A---- C:\Windows\SYSWOW64\Windows.Media.Audio.dll
2020-05-13 23:12:05 ----A---- C:\Windows\SYSWOW64\MSPhotography.dll
2020-05-13 23:12:05 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2020-05-13 23:12:05 ----A---- C:\Windows\SYSWOW64\mfds.dll
2020-05-13 23:12:05 ----A---- C:\Windows\system32\MixedRealityRuntime.dll
2020-05-13 23:12:05 ----A---- C:\Windows\system32\MixedReality.Broker.dll
2020-05-13 23:12:05 ----A---- C:\Windows\system32\HoloSI.PCShell.dll
2020-05-13 23:12:05 ----A---- C:\Windows\system32\HologramCompositor.dll
2020-05-13 23:12:04 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2020-05-13 23:12:04 ----A---- C:\Windows\system32\Hydrogen.dll
2020-05-13 23:12:04 ----A---- C:\Windows\system32\HoloShellRuntime.dll
2020-05-13 23:12:04 ----A---- C:\Windows\system32\HologramWorld.dll
2020-05-13 23:12:04 ----A---- C:\Windows\system32\DMRServer.dll
2020-05-13 23:12:03 ----A---- C:\Windows\system32\Windows.Media.Editing.dll
2020-05-13 23:12:03 ----A---- C:\Windows\system32\Windows.Media.dll
2020-05-13 23:12:03 ----A---- C:\Windows\system32\Windows.Media.Audio.dll
2020-05-13 23:12:03 ----A---- C:\Windows\system32\MSPhotography.dll
2020-05-13 23:12:03 ----A---- C:\Windows\system32\mfsrcsnk.dll
2020-05-13 23:12:03 ----A---- C:\Windows\system32\mfplat.dll
2020-05-13 23:12:03 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2020-05-13 23:12:03 ----A---- C:\Windows\system32\mfds.dll
2020-05-13 23:12:03 ----A---- C:\Windows\system32\mfcore.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\wkspbrokerAx.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\Windows.Mirage.Internal.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\tapi32.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\RdpSaProxy.exe
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\RdpSa.exe
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\rdpendp.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\pla.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\msi.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\iemigplugin.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2020-05-13 23:11:59 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2020-05-13 23:11:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2020-05-13 23:11:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2020-05-13 23:11:58 ----A---- C:\Windows\SYSWOW64\IndexedDbLegacy.dll
2020-05-13 23:11:58 ----A---- C:\Windows\SYSWOW64\ieproxy.dll
2020-05-13 23:11:58 ----A---- C:\Windows\SYSWOW64\Chakrathunk.dll
2020-05-13 23:11:58 ----A---- C:\Windows\SYSWOW64\Chakradiag.dll
2020-05-13 23:11:58 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Scanners.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\werui.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\webplatstorageserver.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\PlayToManager.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\jscript.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\fdWSD.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\EdgeManager.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\easwrt.dll
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\DWWIN.EXE
2020-05-13 23:11:57 ----A---- C:\Windows\SYSWOW64\dialclient.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\wkspbrokerAx.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\wkspbroker.exe
2020-05-13 23:11:56 ----A---- C:\Windows\system32\Windows.Internal.PredictionUnit.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\TSWbPrxy.exe
2020-05-13 23:11:56 ----A---- C:\Windows\system32\tsmf.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\tsgqec.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\termsrv.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\SIHClient.exe
2020-05-13 23:11:56 ----A---- C:\Windows\system32\SettingsHandlers_Clipboard.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\rdsdwmdr.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\RdpSaProxy.exe
2020-05-13 23:11:56 ----A---- C:\Windows\system32\RdpSa.exe
2020-05-13 23:11:56 ----A---- C:\Windows\system32\RdpRelayTransport.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\plasrv.exe
2020-05-13 23:11:56 ----A---- C:\Windows\system32\pla.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\fhsettingsprovider.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\DiagSvc.dll
2020-05-13 23:11:56 ----A---- C:\Windows\system32\CXHProvisioningServer.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\umrdp.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\tapi32.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\rdpinput.exe
2020-05-13 23:11:55 ----A---- C:\Windows\system32\rdpendp.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\rdpcorets.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\rdpcore.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\rdpclip.exe
2020-05-13 23:11:55 ----A---- C:\Windows\system32\mstscax.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\msimsg.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\msi.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\jscript9diag.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\jscript9.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\iemigplugin.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\ieframe.dll
2020-05-13 23:11:55 ----A---- C:\Windows\system32\Chakradiag.dll
2020-05-13 23:11:54 ----A---- C:\Windows\system32\IndexedDbLegacy.dll
2020-05-13 23:11:54 ----A---- C:\Windows\system32\ieproxy.dll
2020-05-13 23:11:54 ----A---- C:\Windows\system32\Chakrathunk.dll
2020-05-13 23:11:54 ----A---- C:\Windows\system32\Chakra.dll
2020-05-13 23:11:44 ----A---- C:\Windows\system32\webplatstorageserver.dll
2020-05-13 23:11:44 ----A---- C:\Windows\system32\mshtml.dll
2020-05-13 23:11:44 ----A---- C:\Windows\system32\EdgeManager.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\Windows.Devices.Scanners.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\werui.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\wercplsupport.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\werconcpl.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\PlayToManager.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\jscript.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\fdWSD.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\edgehtml.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\easwrt.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\DWWIN.EXE
2020-05-13 23:11:43 ----A---- C:\Windows\system32\dialclient.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\DataExchangeHost.exe
2020-05-13 23:11:43 ----A---- C:\Windows\system32\ConsentUxClient.dll
2020-05-13 23:11:43 ----A---- C:\Windows\system32\CBDHSvc.dll
2020-05-13 23:11:42 ----A---- C:\Windows\SYSWOW64\shell32.dll
2020-05-13 23:11:42 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2020-05-13 23:11:42 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2020-05-13 23:11:42 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2020-05-13 23:11:42 ----A---- C:\Windows\system32\tcbloader.dll
2020-05-13 23:11:42 ----A---- C:\Windows\system32\tcblaunch.exe
2020-05-13 23:11:42 ----A---- C:\Windows\system32\sdengin2.dll
2020-05-13 23:11:42 ----A---- C:\Windows\system32\hvix64.exe
2020-05-13 23:11:42 ----A---- C:\Windows\system32\hvax64.exe
2020-05-13 23:11:42 ----A---- C:\Windows\system32\bcastdvruserservice.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\Windows.UI.CredDialogController.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\Windows.Internal.Management.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Sensors.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\rasdlg.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\printui.exe
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\policymanager.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\npmproxy.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\nlmsprep.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\nlmproxy.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\netprofm.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\msIso.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\MrmIndexer.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\lpk.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\findnetprinters.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\efswrt.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\edgeIso.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\ddrawex.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\ddraw.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\credssp.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\CredProvDataModel.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\ConfigureExpandedStorage.dll
2020-05-13 23:11:41 ----A---- C:\Windows\SYSWOW64\compstui.dll
2020-05-13 23:11:28 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2020-05-13 23:11:28 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2020-05-13 23:11:28 ----A---- C:\Windows\SYSWOW64\weretw.dll
2020-05-13 23:11:28 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2020-05-13 23:11:28 ----A---- C:\Windows\SYSWOW64\wer.dll
2020-05-13 23:11:28 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2020-05-13 23:11:28 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\WinTypes.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\Windows.System.Profile.RetailInfo.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\Windows.Media.Speech.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\Windows.Media.MediaControl.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Perception.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\wincorlib.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\win32k.sys
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\usoapi.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\tzres.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\PickerPlatform.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\msvcp_win.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\dtdump.exe
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\dhcpcsvc.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\dcomp.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\daxexec.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\CoreMessaging.dll
2020-05-13 23:11:27 ----A---- C:\Windows\SYSWOW64\combase.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\wups.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.System.SystemManagement.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.System.Diagnostics.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Storage.Compression.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Storage.ApplicationData.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryPS.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryCore.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryClient.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryBroker.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Services.TargetedContent.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Networking.Vpn.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Management.Workplace.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Internal.Devices.Sensors.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Graphics.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Energy.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Devices.WiFi.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Devices.SerialCommunication.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Devices.LowLevel.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Lights.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Bluetooth.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Windows.AI.MachineLearning.Preview.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\win32u.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\vaultcli.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\user32.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\twinapi.appcore.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\StateRepository.Core.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\RTMediaFrame.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\rdpbase.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\propsys.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\KerbClientShared.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\Geolocation.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\ErrorDetails.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\DiagnosticInvoker.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\deviceaccess.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\CapabilityAccessManagerClient.dll
2020-05-13 23:11:26 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\Windows.Payments.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\Windows.Devices.PointOfService.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Wallet.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\UserDataAccountApis.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\TileDataRepository.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\TaskApis.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\socialapis.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\rdpsharercom.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\PhoneOm.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\PhoneCallHistoryApis.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\PeopleAPIs.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\mbussdapi.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\mbsmsapi.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\MbaeApiPublic.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\MapGeocoder.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\JpMapControl.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\InstallServiceTasks.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\InstallService.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\InputHost.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\ChatApis.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\EmailApis.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\ContactApis.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\BingMaps.dll
2020-05-13 23:11:25 ----A---- C:\Windows\SYSWOW64\AppointmentApis.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\Windows.Gaming.Preview.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\Windows.Devices.SmartCards.Phone.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\windows.applicationmodel.datatransfer.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\useractivitybroker.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\mscms.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\icm32.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\coloradapterclient.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\CloudExperienceHostUser.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\CloudExperienceHostCommon.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\CameraCaptureUI.dll
2020-05-13 23:11:24 ----A---- C:\Windows\SYSWOW64\ActivationManager.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\wlidprov.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.System.Launcher.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Perception.Stub.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Media.Ocr.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Media.FaceAnalysis.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Graphics.Printing.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Graphics.Printing.3D.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Gaming.Input.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Devices.SmartCards.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Radios.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Printers.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Haptics.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Devices.AllJoyn.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\Windows.AccountsControl.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\UserDeviceRegistration.Ngc.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\UserDeviceRegistration.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\ShareHost.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\MicrosoftAccountWAMExtension.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\gamingtcui.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\ffbroker.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\ExecModelClient.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\dsregtask.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\dsreg.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\DataExchange.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\AuthBroker.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\AssignedAccessRuntime.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\AppExtension.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\AppContracts.dll
2020-05-13 23:11:14 ----A---- C:\Windows\SYSWOW64\aadWamExtension.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\WwaApi.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.Web.Http.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.Web.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.Maps.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.Networking.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.Networking.Connectivity.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Usb.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Core.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\MiracastReceiver.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\LaunchWinApp.exe
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\cdprt.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\BcastDVRClient.dll
2020-05-13 23:11:13 ----A---- C:\Windows\SYSWOW64\BcastDVRBroker.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\winsta.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\Windows.Devices.WiFiDirect.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\twinui.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\twinapi.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\TokenBrokerCookies.exe
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\tbauth.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\SystemSettings.DataModel.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\SyncSettings.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\sppcext.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\sppc.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\slcext.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\slc.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\RADCUI.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\PCPKsp.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\msutb.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\LicensingWinRT.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\explorer.exe
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\DeviceReactivation.dll
2020-05-13 23:11:12 ----A---- C:\Windows\SYSWOW64\CloudNotifications.exe
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\Windows.Media.Devices.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Midi.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\VoipRT.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\SpatialAudioLicenseSrv.exe
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\remoteaudioendpoint.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\FlightSettings.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\ContentDeliveryManager.Utilities.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\BTAGService.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2020-05-13 23:11:11 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\Windows.Cortana.OneCore.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\Windows.Cortana.Desktop.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\vbscript.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\usbmon.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\TSpkg.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\tcpmon.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\SettingSyncCore.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\scrrun.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\scesrv.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\rasdlg.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\puiobj.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\puiapi.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\printui.exe
2020-05-13 23:11:11 ----A---- C:\Windows\system32\LsaIso.exe
2020-05-13 23:11:11 ----A---- C:\Windows\system32\localui.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\iumcrypt.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\findnetprinters.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\Family.Client.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\Family.Authentication.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\efswrt.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\DafPrintProvider.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\credssp.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\ConfigureExpandedStorage.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\compstui.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\comdlg32.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\comctl32.dll
2020-05-13 23:11:11 ----A---- C:\Windows\system32\APMon.dll
2020-05-13 23:11:10 ----A---- C:\Windows\system32\SystemSettings.Handlers.dll
2020-05-13 23:11:10 ----A---- C:\Windows\system32\SettingsHandlers_nt.dll
2020-05-13 23:11:10 ----A---- C:\Windows\system32\npmproxy.dll
2020-05-13 23:11:10 ----A---- C:\Windows\system32\nlmsprep.dll
2020-05-13 23:11:10 ----A---- C:\Windows\system32\nlmproxy.dll
2020-05-13 23:11:10 ----A---- C:\Windows\system32\netprofmsvc.dll
2020-05-13 23:11:10 ----A---- C:\Windows\system32\netprofm.dll
2020-05-13 23:11:01 ----A---- C:\Windows\system32\pnidui.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\WUDFx02000.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\Windows.UI.CredDialogController.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\Windows.Internal.Management.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\Windows.Devices.Sensors.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\WebRuntimeManager.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\urlmon.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\t2embed.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\policymanager.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\omadmclient.exe
2020-05-13 23:11:00 ----A---- C:\Windows\system32\msIso.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\MrmIndexer.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\LogonController.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\iertutil.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\GdiPlus.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\gdi32full.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\enterprisecsps.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\edgeIso.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\ddrawex.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\ddraw.dll
2020-05-13 23:11:00 ----A---- C:\Windows\system32\CredProvDataModel.dll
2020-05-13 23:10:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2020-05-13 23:10:59 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\winsrvext.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\usermgr.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\msimg32.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\mf3216.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\lpk.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\KernelBase.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\fontsub.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\fontdrvhost.exe
2020-05-13 23:10:59 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2020-05-13 23:10:59 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2020-05-13 23:10:59 ----A---- C:\Windows\system32\drivers\tcpip.sys
2020-05-13 23:10:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2020-05-13 23:10:59 ----A---- C:\Windows\system32\drivers\clfs.sys
2020-05-13 23:10:59 ----A---- C:\Windows\system32\drivers\afd.sys
2020-05-13 23:10:59 ----A---- C:\Windows\system32\dciman32.dll
2020-05-13 23:10:59 ----A---- C:\Windows\system32\bcryptprimitives.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\WinTypes.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\wincorlib.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\wersvc.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\wermgr.exe
2020-05-13 23:10:58 ----A---- C:\Windows\system32\WerFault.exe
2020-05-13 23:10:58 ----A---- C:\Windows\system32\weretw.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\werdiagcontroller.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\wer.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\utcutil.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\ucrtbase.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\tzres.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\runexehelper.exe
2020-05-13 23:10:58 ----A---- C:\Windows\system32\oleaut32.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2020-05-13 23:10:58 ----A---- C:\Windows\system32\ntdll.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\mswsock.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\msvcp_win.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\Faultrep.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\drivers\cng.sys
2020-05-13 23:10:58 ----A---- C:\Windows\system32\dnsrslvr.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\dnsapi.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\diagtrack.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\dhcpcsvc.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\dhcpcore6.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\dhcpcore.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\CoreShell.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\combase.dll
2020-05-13 23:10:58 ----A---- C:\Windows\system32\ci.dll
2020-05-13 23:10:57 ----A---- C:\Windows\system32\wksprt.exe
2020-05-13 23:10:57 ----A---- C:\Windows\system32\winsta.dll
2020-05-13 23:10:57 ----A---- C:\Windows\system32\twinui.dll
2020-05-13 23:10:57 ----A---- C:\Windows\system32\twinapi.dll
2020-05-13 23:10:57 ----A---- C:\Windows\system32\TSWorkspace.dll
2020-05-13 23:10:57 ----A---- C:\Windows\system32\TabSvc.dll
2020-05-13 23:10:57 ----A---- C:\Windows\system32\schedsvc.dll
2020-05-13 23:10:57 ----A---- C:\Windows\system32\RADCUI.dll
2020-05-13 23:10:57 ----A---- C:\Windows\system32\msutb.dll
2020-05-13 23:10:57 ----A---- C:\Windows\system32\LaunchWinApp.exe
2020-05-13 23:10:57 ----A---- C:\Windows\system32\ComposerFramework.dll
2020-05-13 23:10:44 ----A---- C:\Windows\system32\UpgradeResultsUI.exe
2020-05-13 23:10:44 ----A---- C:\Windows\system32\sppcommdlg.dll
2020-05-13 23:10:44 ----A---- C:\Windows\system32\sppcext.dll
2020-05-13 23:10:44 ----A---- C:\Windows\system32\sppc.dll
2020-05-13 23:10:44 ----A---- C:\Windows\system32\slui.exe
2020-05-13 23:10:44 ----A---- C:\Windows\system32\slcext.dll
2020-05-13 23:10:44 ----A---- C:\Windows\system32\slc.dll
2020-05-13 23:10:44 ----A---- C:\Windows\system32\phoneactivate.exe
2020-05-13 23:10:44 ----A---- C:\Windows\system32\LicensingWinRT.dll
2020-05-13 23:10:44 ----A---- C:\Windows\system32\LicensingUI.exe
2020-05-13 23:10:44 ----A---- C:\Windows\system32\changepk.exe
2020-05-13 23:10:44 ----A---- C:\Windows\system32\DeviceReactivation.dll
2020-05-13 23:10:43 ----A---- C:\Windows\system32\sppsvc.exe
2020-05-13 23:10:43 ----A---- C:\Windows\system32\shell32.dll
2020-05-13 23:10:43 ----A---- C:\Windows\system32\drivers\cldflt.sys
2020-05-13 23:10:43 ----A---- C:\Windows\system32\dcomp.dll
2020-05-13 23:10:43 ----A---- C:\Windows\system32\CredDialogBroker.dll
2020-05-13 23:10:43 ----A---- C:\Windows\system32\CoreMessaging.dll
2020-05-13 23:10:43 ----A---- C:\Windows\system32\CloudExperienceHostBroker.dll
2020-05-13 23:10:43 ----A---- C:\Windows\system32\CloudExperienceHost.dll
2020-05-13 23:10:43 ----A---- C:\Windows\system32\CaptureService.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\Windows.UI.Logon.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\Windows.Media.MediaControl.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\Windows.Internal.CapturePicker.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\Windows.Data.Activities.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\SwitcherDataModel.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\SettingsHandlers_Cortana.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\PasswordEnrollmentManager.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\NotificationController.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\MtcModel.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\DevicesFlowBroker.dll
2020-05-13 23:10:42 ----A---- C:\Windows\system32\DevicePairingExperienceMEM.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\Windows.Media.Speech.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\usosvc.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\usocoreworker.exe
2020-05-13 23:10:41 ----A---- C:\Windows\system32\usoapi.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\twinui.pcshell.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\SHCore.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\PickerPlatform.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\MusNotifyIcon.exe
2020-05-13 23:10:41 ----A---- C:\Windows\system32\MusNotificationUx.exe
2020-05-13 23:10:41 ----A---- C:\Windows\system32\MusNotification.exe
2020-05-13 23:10:41 ----A---- C:\Windows\system32\musdialoghandlers.dll
2020-05-13 23:10:41 ----A---- C:\Windows\system32\DesktopSwitcherDataModel.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\wpnprv.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\wpnapps.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.StateRepositoryPS.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.StateRepositoryCore.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.StateRepositoryClient.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.StateRepositoryBroker.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.Services.TargetedContent.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.Networking.Vpn.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.Devices.Perception.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Windows.Devices.Lights.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\win32u.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\win32kfull.sys
2020-05-13 23:10:40 ----A---- C:\Windows\system32\win32k.sys
2020-05-13 23:10:40 ----A---- C:\Windows\system32\wcimage.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\user32.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\StateRepository.Core.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\rdpbase.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\psmsrv.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\kerberos.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\KerbClientShared.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\Geolocation.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\daxexec.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\bthserv.dll
2020-05-13 23:10:40 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\windows.storage.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\Windows.Devices.PointOfService.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\WindowManagement.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\WaaSAssessment.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\UserDataService.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\UserDataAccountApis.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\TileDataRepository.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\TaskApis.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\socialapis.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\rdpsharercom.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\propsys.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\PhoneOm.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\PhoneCallHistoryApis.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\PeopleAPIs.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\MrmCoreR.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\InstallServiceTasks.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\InstallService.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\ChatApis.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\EmailApis.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\ContactApis.dll
2020-05-13 23:10:39 ----A---- C:\Windows\system32\AppointmentApis.dll
2020-05-13 23:10:38 ----A---- C:\Windows\system32\Windows.Payments.dll
2020-05-13 23:10:38 ----A---- C:\Windows\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 23:10:38 ----A---- C:\Windows\system32\mbussdapi.dll
2020-05-13 23:10:38 ----A---- C:\Windows\system32\mbsmsapi.dll
2020-05-13 23:10:38 ----A---- C:\Windows\system32\MbaeApiPublic.dll
2020-05-13 23:10:38 ----A---- C:\Windows\system32\MapGeocoder.dll
2020-05-13 23:10:38 ----A---- C:\Windows\system32\ISM.dll
2020-05-13 23:10:38 ----A---- C:\Windows\system32\InputHost.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\Windows.Gaming.Preview.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\SEMgrSvc.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\mscms.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\JpMapControl.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\icm32.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\FntCache.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\EdgeContent.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\dxgi.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\DWrite.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\coloradapterclient.dll
2020-05-13 23:10:29 ----A---- C:\Windows\system32\BingMaps.dll
2020-05-13 23:10:25 ----A---- C:\Windows\system32\wups2.dll
2020-05-13 23:10:25 ----A---- C:\Windows\system32\wuaueng.dll
2020-05-13 23:10:25 ----A---- C:\Windows\system32\wuauclt.exe
2020-05-13 23:10:25 ----A---- C:\Windows\system32\Windows.System.Diagnostics.dll
2020-05-13 23:10:25 ----A---- C:\Windows\system32\Windows.Graphics.dll
2020-05-13 23:10:25 ----A---- C:\Windows\system32\vaultsvc.dll
2020-05-13 23:10:25 ----A---- C:\Windows\system32\vaultcli.dll
2020-05-13 23:10:25 ----A---- C:\Windows\system32\UpdateDeploymentProvider.dll
2020-05-13 23:10:25 ----A---- C:\Windows\system32\msxml6.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\wups.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\wuapi.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.System.SystemManagement.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Storage.Compression.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Management.Workplace.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Internal.Devices.Sensors.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Globalization.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Energy.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Devices.WiFi.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Devices.Usb.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Devices.LowLevel.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.Devices.Bluetooth.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\Windows.AI.MachineLearning.Preview.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\win32kbase.sys
2020-05-13 23:10:24 ----A---- C:\Windows\system32\twinapi.appcore.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\RTMediaFrame.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\ErrorDetails.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2020-05-13 23:10:24 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2020-05-13 23:10:24 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2020-05-13 23:10:24 ----A---- C:\Windows\system32\DiagnosticInvoker.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\deviceaccess.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\CloudExperienceHostUser.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\CloudExperienceHostCommon.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\cdd.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\CapabilityAccessManagerClient.dll
2020-05-13 23:10:24 ----A---- C:\Windows\system32\CapabilityAccessManager.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\wlidprov.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.System.Launcher.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.Perception.Stub.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.Media.Ocr.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.Gaming.Input.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.Devices.SmartCards.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.Devices.AllJoyn.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.ApplicationModel.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\windows.applicationmodel.datatransfer.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\Windows.AccountsControl.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\useractivitybroker.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\twinui.appcore.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\TokenBrokerCookies.exe
2020-05-13 23:10:23 ----A---- C:\Windows\system32\TokenBroker.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\tbauth.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\smartscreen.exe
2020-05-13 23:10:23 ----A---- C:\Windows\system32\gamingtcui.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\ffbroker.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\CameraCaptureUI.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\AuthBroker.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\AppExtension.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\AppContracts.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\ActivationManager.dll
2020-05-13 23:10:23 ----A---- C:\Windows\system32\aadcloudap.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\Windows.Graphics.Printing.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\Windows.Devices.Radios.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\Windows.Devices.Printers.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\Windows.Devices.Haptics.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\ShareHost.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\MiracastReceiver.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\MicrosoftAccountExtension.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\ExecModelClient.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\DataExchange.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\cdpsvc.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\cdprt.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\AssignedAccessRuntime.dll
2020-05-13 23:10:22 ----A---- C:\Windows\system32\aadWamExtension.dll
2020-05-13 23:10:14 ----A---- C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 23:10:14 ----A---- C:\Windows\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 23:10:14 ----A---- C:\Windows\system32\CustomInstallExec.exe
2020-05-13 23:10:14 ----A---- C:\Windows\system32\BcastDVRClient.dll
2020-05-13 23:10:14 ----A---- C:\Windows\system32\BcastDVRBroker.dll
2020-05-13 23:10:14 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-05-13 23:10:14 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-05-13 23:10:14 ----A---- C:\Windows\system32\AppXApplicabilityBlob.dll
2020-05-13 23:10:14 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2020-05-13 23:10:13 ----A---- C:\Windows\system32\WwaApi.dll
2020-05-13 23:10:13 ----A---- C:\Windows\system32\Windows.Web.Http.dll
2020-05-13 23:10:13 ----A---- C:\Windows\system32\Windows.Web.dll
2020-05-13 23:10:13 ----A---- C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-13 23:10:13 ----A---- C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2020-05-13 23:10:13 ----A---- C:\Windows\system32\Windows.Networking.dll
2020-05-13 23:10:13 ----A---- C:\Windows\system32\Windows.Networking.Connectivity.dll
2020-05-13 23:10:13 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2020-05-13 23:10:13 ----A---- C:\Windows\system32\Windows.ApplicationModel.Core.dll
2020-05-13 23:10:13 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\Wpc.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\Windows.UI.Storage.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\Windows.UI.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\Windows.Internal.Signals.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\vdsbas.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\UtcDecoderHost.exe
2020-05-13 23:10:12 ----A---- C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\UserDeviceRegistration.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\SystemSettings.DataModel.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\SyncSettings.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\StartTileData.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2020-05-13 23:10:12 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\PCPKsp.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\MDMAgent.exe
2020-05-13 23:10:12 ----A---- C:\Windows\system32\localspl.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\FlightSettings.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\FaxPrinterInstaller.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\dsregtask.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\dsreg.dll
2020-05-13 23:10:12 ----A---- C:\Windows\system32\CredentialEnrollmentManager.exe
2020-05-13 23:10:12 ----A---- C:\Windows\system32\CloudNotifications.exe
2020-05-13 23:10:12 ----A---- C:\Windows\explorer.exe
2020-05-13 23:10:11 ----A---- C:\Windows\system32\XblGameSaveTask.exe
2020-05-13 23:10:11 ----A---- C:\Windows\system32\XblGameSave.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\wwansvc.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\wwanprotdim.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\Windows.Media.Devices.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\Windows.Management.Service.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\Windows.Devices.Midi.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\VoipRT.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\TelephonyInteractiveUser.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\TaskFlowDataEngine.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\SpatialAudioLicenseSrv.exe
2020-05-13 23:10:11 ----A---- C:\Windows\system32\remoteaudioendpoint.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\PhoneService.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\Microsoft.Bluetooth.UserService.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\drivers\winnat.sys
2020-05-13 23:10:11 ----A---- C:\Windows\system32\drivers\tpm.sys
2020-05-13 23:10:11 ----A---- C:\Windows\system32\drivers\storport.sys
2020-05-13 23:10:11 ----A---- C:\Windows\system32\drivers\KNetPwrDepBroker.sys
2020-05-13 23:10:11 ----A---- C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\BTAGService.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\autopilot.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\audiosrv.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\AudioSes.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\audioresourceregistrar.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\AUDIOKSE.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\AudioEng.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2020-05-13 23:10:11 ----A---- C:\Windows\system32\audiodg.exe
2020-05-13 23:10:10 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2020-05-13 23:10:10 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2020-05-13 23:10:10 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2020-05-13 23:10:10 ----A---- C:\Windows\system32\drivers\storufs.sys
2020-05-13 23:10:10 ----A---- C:\Windows\system32\drivers\hidbth.sys
2020-05-12 22:08:33 ----HD---- C:\OneDriveTemp
2020-05-05 15:37:18 ----D---- C:\Windows\SYSWOW64\directx
2020-05-05 09:31:31 ----A---- C:\Windows\SYSWOW64\GameInput.dll
2020-05-05 09:31:31 ----A---- C:\Windows\system32\GameInput.dll
2020-05-05 09:31:29 ----A---- C:\Windows\system32\xgameruntime.dll
2020-05-05 09:31:29 ----A---- C:\Windows\system32\gamingtcuihelpers.dll
2020-05-05 09:31:29 ----A---- C:\Windows\system32\gamingservicesproxy.dll
2020-05-05 09:31:29 ----A---- C:\Windows\system32\gamemodcontrol.exe
2020-05-05 09:31:29 ----A---- C:\Windows\system32\gameconfighelper.dll
2020-05-04 15:33:46 ----D---- C:\Program Files\qBittorrent

======List of files/folders modified in the last 1 month======

2020-06-02 16:32:05 ----D---- C:\Windows\Temp
2020-06-02 16:31:59 ----RD---- C:\Program Files
2020-06-02 16:30:49 ----D---- C:\ProgramData\Adguard
2020-06-02 16:29:06 ----D---- C:\Windows\Prefetch
2020-06-02 16:24:51 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-06-02 16:20:34 ----D---- C:\Users\PC1\AppData\Roaming\qBittorrent
2020-06-02 16:15:55 ----D---- C:\Windows\system32\SleepStudy
2020-06-02 15:49:00 ----D---- C:\Windows\system32\sru
2020-06-02 10:39:39 ----SHD---- C:\System Volume Information
2020-06-02 09:39:03 ----HD---- C:\Program Files\WindowsApps
2020-06-02 09:38:44 ----D---- C:\Windows\AppReadiness
2020-06-01 17:38:12 ----RD---- C:\Windows\Microsoft.NET
2020-06-01 17:37:43 ----D---- C:\Windows\system32\drivers\wd
2020-06-01 17:28:00 ----D---- C:\Program Files (x86)\Steam
2020-06-01 17:27:31 ----D---- C:\Windows\system32\Tasks
2020-06-01 12:46:54 ----D---- C:\ProgramData\ProductData
2020-05-31 18:00:00 ----D---- C:\Windows\system32\LogFiles
2020-05-31 17:54:06 ----D---- C:\Users\PC1\AppData\Roaming\Wise Uninstaller
2020-05-31 13:11:17 ----D---- C:\Windows\Logs
2020-05-31 13:11:10 ----D---- C:\Windows\system32\config
2020-05-29 22:15:37 ----D---- C:\Windows\system32\DriverStore
2020-05-29 22:15:37 ----D---- C:\Windows\INF
2020-05-24 22:22:11 ----SHD---- C:\Windows\Installer
2020-05-24 22:22:11 ----RD---- C:\Program Files (x86)
2020-05-24 22:22:08 ----D---- C:\Windows\system32\catroot2
2020-05-24 22:22:08 ----AD---- C:\Windows\System32
2020-05-24 10:12:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-05-24 10:06:08 ----D---- C:\Windows\SysWOW64
2020-05-24 10:06:03 ----D---- C:\Windows
2020-05-24 01:55:37 ----D---- C:\Windows\WinSxS
2020-05-24 01:55:05 ----RSD---- C:\Windows\assembly
2020-05-24 01:54:39 ----D---- C:\Program Files\Common Files\microsoft shared
2020-05-24 01:22:59 ----D---- C:\Users\PC1\AppData\Roaming\vlc
2020-05-24 01:20:58 ----D---- C:\ProgramData\Package Cache
2020-05-24 01:20:10 ----D---- C:\Windows\system32\CatRoot
2020-05-24 01:18:39 ----A---- C:\Windows\SYSWOW64\RapidFireServer.dll
2020-05-24 01:18:39 ----A---- C:\Windows\SYSWOW64\Rapidfire.dll
2020-05-24 01:18:39 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2020-05-24 01:18:39 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2020-05-24 01:18:39 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2020-05-24 01:18:39 ----A---- C:\Windows\system32\RapidFireServer64.dll
2020-05-24 01:18:39 ----A---- C:\Windows\system32\Rapidfire64.dll
2020-05-24 01:18:39 ----A---- C:\Windows\system32\mantleaxl64.dll
2020-05-24 01:18:39 ----A---- C:\Windows\system32\mantle64.dll
2020-05-24 01:18:39 ----A---- C:\Windows\system32\GameManager64.dll
2020-05-24 01:18:39 ----A---- C:\Windows\system32\coinst_19.50.dll
2020-05-24 01:18:37 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2020-05-24 01:18:37 ----A---- C:\Windows\system32\atisamu64.dll
2020-05-24 01:18:36 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2020-05-24 01:18:36 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2020-05-24 01:18:36 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2020-05-24 01:18:36 ----A---- C:\Windows\system32\atimuixx.dll
2020-05-24 01:18:36 ----A---- C:\Windows\system32\atimpc64.dll
2020-05-24 01:18:36 ----A---- C:\Windows\system32\atig6txx.dll
2020-05-24 01:18:36 ----A---- C:\Windows\system32\atidxx64.dll
2020-05-24 01:18:35 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2020-05-24 01:18:35 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2020-05-24 01:18:35 ----A---- C:\Windows\SYSWOW64\amfrt32.dll
2020-05-24 01:18:35 ----A---- C:\Windows\system32\atidemgy.dll
2020-05-24 01:18:35 ----A---- C:\Windows\system32\aticfx64.dll
2020-05-24 01:18:35 ----A---- C:\Windows\system32\atiadlxx.dll
2020-05-24 01:18:35 ----A---- C:\Windows\system32\ati2erec.dll
2020-05-24 01:18:35 ----A---- C:\Windows\system32\amfrt64.dll
2020-05-24 01:18:34 ----A---- C:\Windows\SYSWOW64\amd_comgr32.dll
2020-05-24 01:18:33 ----A---- C:\Windows\system32\amd_comgr.dll
2020-05-24 01:18:31 ----A---- C:\Windows\SYSWOW64\amdxc32.dll
2020-05-24 01:18:31 ----A---- C:\Windows\system32\amdxc64.dll
2020-05-24 01:18:30 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2020-05-24 01:18:30 ----A---- C:\Windows\system32\amdpcom64.dll
2020-05-24 01:18:26 ----A---- C:\Windows\SYSWOW64\amdmcl32.dll
2020-05-24 01:18:26 ----A---- C:\Windows\system32\amdmiracast.dll
2020-05-24 01:18:26 ----A---- C:\Windows\system32\amdmcl64.dll
2020-05-24 01:18:25 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2020-05-24 01:18:25 ----A---- C:\Windows\SYSWOW64\amdihk32.dll
2020-05-24 01:18:25 ----A---- C:\Windows\system32\amdlvr64.dll
2020-05-24 01:18:25 ----A---- C:\Windows\system32\amdihk64.dll
2020-05-24 01:18:23 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2020-05-24 01:18:23 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2020-05-24 01:18:23 ----A---- C:\Windows\system32\dgtrayicon.exe
2020-05-24 01:18:23 ----A---- C:\Windows\system32\clinfo.exe
2020-05-24 01:18:23 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2020-05-24 01:18:23 ----A---- C:\Windows\system32\amdave64.dll
2020-05-24 01:18:10 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2020-05-24 01:18:10 ----A---- C:\Windows\system32\atieclxx.exe
2020-05-24 01:18:10 ----A---- C:\Windows\system32\atieah64.exe
2020-05-17 14:22:30 ----HD---- C:\ProgramData
2020-05-14 00:11:28 ----D---- C:\Windows\system32\drivers
2020-05-14 00:10:37 ----D---- C:\Windows\TextInput
2020-05-14 00:10:37 ----D---- C:\Windows\SYSWOW64\sk-SK
2020-05-14 00:10:37 ----D---- C:\Windows\SYSWOW64\migration
2020-05-14 00:10:37 ----D---- C:\Windows\SYSWOW64\en-US
2020-05-14 00:10:37 ----D---- C:\Windows\SYSWOW64\Dism
2020-05-14 00:10:35 ----D---- C:\Windows\SystemResources
2020-05-14 00:10:35 ----D---- C:\Windows\system32\wbem
2020-05-14 00:10:34 ----D---- C:\Windows\system32\sk-SK
2020-05-14 00:10:34 ----D---- C:\Windows\system32\oobe
2020-05-14 00:10:34 ----D---- C:\Windows\system32\migration
2020-05-14 00:10:34 ----D---- C:\Windows\system32\en-US
2020-05-14 00:10:34 ----D---- C:\Windows\system32\drivers\en-US
2020-05-14 00:10:34 ----D---- C:\Windows\system32\Dism
2020-05-14 00:10:32 ----RD---- C:\Windows\ImmersiveControlPanel
2020-05-14 00:10:32 ----D---- C:\Windows\ShellExperiences
2020-05-14 00:10:32 ----D---- C:\Windows\Provisioning
2020-05-14 00:10:32 ----D---- C:\Windows\bcastdvr
2020-05-14 00:10:32 ----D---- C:\Windows\apppatch
2020-05-14 00:10:31 ----D---- C:\PerfLogs
2020-05-13 23:22:03 ----D---- C:\Windows\CbsTemp
2020-05-13 23:18:19 ----D---- C:\Windows\system32\MRT
2020-05-13 23:18:19 ----D---- C:\Windows\debug
2020-05-13 23:18:16 ----AC---- C:\Windows\system32\MRT.exe
2020-05-13 23:10:11 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll
2020-05-05 15:38:43 ----D---- C:\Windows\system32\drivers\etc
2020-05-05 09:34:29 ----SD---- C:\Users\PC1\AppData\Roaming\Microsoft
2020-05-05 09:32:16 ----D---- C:\ProgramData\Packages
2020-05-04 08:17:04 ----D---- C:\Program Files (x86)\Adguard

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2020-04-10 93240]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2020-04-10 33336]
R0 amdkmpfd;@oem10.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2019-09-18 102832]
R0 amdpsp;@oem19.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\Windows\System32\drivers\amdpsp.sys [2020-04-10 146304]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2019-03-19 56632]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\Windows\system32\drivers\SgrmAgent.sys [2019-03-19 89096]
R1 adgnetworkwfpdrv;adgnetworkwfpdrv; C:\Windows\system32\drivers\adgnetworkwfpdrv.sys [2020-01-31 92672]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2020-03-12 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2019-03-19 70456]
R1 EneIo;EneIo; \??\C:\Windows\system32\drivers\ene.sys [2018-03-20 16320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2020-04-10 27552]
R2 aow_drv;aow_drv; \??\E:\Program Files\TxGameAssistant\UI\3.21.736.100\aow_drv_x64_ev.sys [2020-04-27 871296]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2020-05-13 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 amdgpio2;@oem9.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio2.sys [2019-10-01 45832]
R3 amdgpio3;@oem16.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio3.sys [2020-04-10 24528]
R3 amdkmdag;amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0354308.inf_amd64_e6089e8d995128c8\B354265\atikmdag.sys [2020-05-24 65752800]
R3 amdkmdap;amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0354308.inf_amd64_e6089e8d995128c8\B354265\atikmpag.sys [2020-05-24 592096]
R3 AMDPCIDev;@oem15.inf,%AMDPCIDev.SVCDESC%;AMD PCI; C:\Windows\System32\drivers\AMDPCIDev.sys [2020-04-10 31520]
R3 AtiHDAudioService;@oem21.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWT6.sys [2020-04-10 108152]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2020-02-13 117264]
R3 dtlitescsibus;@oem8.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2020-01-03 30264]
R3 dtliteusbbus;@oem13.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2020-01-03 47672]
R3 gameflt;@oem27.inf,%ServiceName%;gameflt; C:\Windows\System32\DriverStore\FileRepository\gameflt.inf_amd64_ed149265feff3131\gameflt.sys [2020-05-21 71528]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2020-04-10 6886992]
R3 ipadtst;ipadtst; \??\C:\ProgramData\MSI\Super_Charger\ipadtst_64.sys [2013-11-11 20464]
R3 ipadtst2;ipadtst2; \??\C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [2016-07-29 16336]
R3 NTIOLib_CC_COMM;NTIOLib_CC_COMM; \??\C:\Program Files (x86)\MSI\Dragon Center\Lib\SYS\NTIOLib_X64.sys [2017-07-10 14288]
R3 NTIOLib_CC_CPU;NTIOLib_CC_CPU; \??\C:\Program Files (x86)\MSI\Dragon Center\Lib\Super_Charger\NTIOLib_X64.sys [2017-07-10 14288]
R3 rt640x64;@oem22.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2020-04-10 1162832]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2020-04-04 151352]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\Windows\system32\drivers\Acx01000.sys [2020-03-12 337920]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\Windows\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 amdkmcsp;@oem5.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2017-06-12 95080]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2019-12-30 18432]
S3 AscFileFilter;AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscFileFilter.sys []
S3 AscRegistryFilter;AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscRegistryFilter.sys []
S3 atillk64;atillk64; \??\C:\Users\PC1\AppData\Local\Temp\LiveUpdateAPI\AGT\atillk64.sys []
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\Windows\System32\drivers\BthA2dp.sys [2019-10-07 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2020-03-12 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2020-03-12 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2020-03-12 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\drivers\BTHUSB.sys [2020-03-12 99328]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2019-03-19 64312]
S3 cpuz145;cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-10-07 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2019-10-07 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2020-04-04 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\Windows\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 iobit_monitor_server;iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys []
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2019-12-30 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\Windows\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\Windows\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2019-12-30 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Adguard Service;Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [2020-04-06 182632]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0354308.inf_amd64_e6089e8d995128c8\B354265\atiesrxx.exe [2020-05-24 524512]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_8a0f1de;Connected Devices Platform User Service_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R2 DragonCenter_Service;Dragon Center Service; C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe [2019-04-29 142512]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R2 GameInput;GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [2020-05-09 37816]
R2 GamingServices;GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe [2020-05-21 46008]
R2 GamingServicesNet;GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.41.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [2020-05-21 46008]
R2 OneSyncSvc_8a0f1de;Sync Host_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 QMEmulatorService;QMEmulatorService; E:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [2020-04-21 197712]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\Windows\system32\SgrmBroker.exe [2019-03-19 263904]
R3 BcastDVRUserService_8a0f1de;GameDVR and Broadcast User Service_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_8a0f1de;Používateľská služba schránky_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-09-04 3648104]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_8a0f1de;Kontaktné údaje_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2020-03-12 929144]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-12-30 156968]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_8a0f1de;Agent Activation Runtime_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_8a0f1de;Služba podpory používateľov rozhrania Bluetooth_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_8a0f1de;CaptureService_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_8a0f1de;ConsentUX_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\Windows\system32\CredentialEnrollmentManager.exe [2020-05-13 380632]
S3 CredentialEnrollmentManagerUserSvc_8a0f1de;CredentialEnrollmentManagerUserSvc_8a0f1de; C:\Windows\system32\CredentialEnrollmentManager.exe [2020-05-13 380632]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_8a0f1de;DeviceAssociationBroker_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_8a0f1de;DevicePicker_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_8a0f1de;DevicesFlow_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-03-12 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-03-01 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\elevation_service.exe [2020-05-16 1287152]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-12-30 156968]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_8a0f1de;MessagingService_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-02-15 244936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_8a0f1de;PrintWorkflow_8a0f1de; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2020-05-12 1705088]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2019-03-19 1264128]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]

-----------------EOF-----------------
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím preventívku

#2 Příspěvek od PureHate44 »

info.txt logfile of random's system information tool 1.10 2020-06-02 16:32:08

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A1977D7D000008020210007FEFFFF000800000058707400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

AdGuard-->"C:\ProgramData\Package Cache\{d0fb8712-c0fe-42b2-b721-3b1477077175}\setup1.exe" /uninstall
AdGuard-->MsiExec.exe /X{685F6AB3-7C61-42D1-AE5B-3864E48D1035}
Adobe Acrobat Reader DC - Slovak-->MsiExec.exe /I{AC76BA86-7AD7-1051-7B44-AC0F074E4100}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824369436}
AMD Ryzen Master SDK-->MsiExec.exe /X{DBD50508-5F75-416B-995D-C42433A00944}
Assassin's Creed: Odyssey-->"E:\Games\Assassin's Creed - Odyssey\unins000.exe"
BS.Player PRO-->"C:\Program Files (x86)\Webteh\BSplayerPro\uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike: Global Offensive-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/730
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Dragon Center-->"C:\Program Files (x86)\MSI\Dragon Center\unins000.exe"
Driver Booster 7-->"C:\Program Files (x86)\IObit\Driver Booster\7.4.0\unins000.exe"
ENE RGB HAL-->"C:\ProgramData\Package Cache\{546469ee-3f9d-4fe4-bf1c-893f79cf7327}\AacSetup.exe" /uninstall
ENE RGB HAL-->MsiExec.exe /I{2914DF72-932B-4DF2-9696-C2821EDA1CA9}
ENE_EHD_HAL-->"C:\ProgramData\Package Cache\{cc33eebd-777b-4177-8cd7-6ab9fd06ceed}\AacSetup.exe" /uninstall
ENE_EHD_HAL-->MsiExec.exe /I{F56EC5A0-3A93-492E-882A-E036F5897CC7}
Epic Games Launcher Prerequisites (x64)-->MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF}
Epic Games Launcher-->MsiExec.exe /X{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}
GameInput Redistributable-->MsiExec.exe /I{AD78C5EF-EAAF-12E7-83A3-B335A79A3DB1}
Gameloop-->e:\program files\txgameassistant\appmarket\GF186\TUninstall.exe
GOM Player-->"C:\Program Files (x86)\GRETECH\GOMPlayer\Uninstall.exe"
Google Drive-->MsiExec.exe /X{459CE109-4E46-4340-92BC-054642BC3BC2}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\Installer\setup.exe" --uninstall --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
IObit Software Updater-->"C:\Program Files (x86)\IObit\Software Updater\unins000.exe"
JDownloader 2-->"C:\Users\PC1\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe"
Kinect for Windows Speech Recognition Language Pack (en-AU)-->MsiExec.exe /X{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}
Kinect for Windows Speech Recognition Language Pack (en-CA)-->MsiExec.exe /X{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}
Kinect for Windows Speech Recognition Language Pack (en-GB)-->MsiExec.exe /X{A0186231-0A8B-455A-8A25-B64AABCC11A6}
Kinect for Windows Speech Recognition Language Pack (en-IE)-->MsiExec.exe /X{998D5259-3BED-4710-98FF-D63387B5429E}
Kinect for Windows Speech Recognition Language Pack (en-NZ)-->MsiExec.exe /X{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}
Kinect for Windows Speech Recognition Language Pack (en-US)-->MsiExec.exe /X{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}
Launcher Prerequisites (x64)-->"C:\ProgramData\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe" /uninstall
Mafia II: Definitive Edition-->"E:\Games\Mafia II - Definitive Edition\unins000.exe"
Microsoft Server Speech Platform Runtime (x64)-->MsiExec.exe /X{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}
Microsoft Server Speech Recognition Language - TELE (en-IN)-->MsiExec.exe /I{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005-->"C:\ProgramData\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660-->"C:\ProgramData\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005-->"C:\ProgramData\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660-->"C:\ProgramData\Package Cache\{61087a79-ac85-455c-934d-1fa22cc64f36}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660-->MsiExec.exe /X{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660-->MsiExec.exe /X{CB0836EC-B072-368D-82B2-D3470BF95707}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660-->MsiExec.exe /X{7DAD0258-515C-3DD4-8964-BD714199E0F7}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660-->MsiExec.exe /X{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820-->"C:\ProgramData\Package Cache\{852adda4-4c78-4a38-b583-c0b360a329d6}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820-->"C:\ProgramData\Package Cache\{45231ab4-69fd-486a-859d-7a59fcd11013}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.23.27820-->MsiExec.exe /I{9CA7111B-263D-45DE-B898-61FAD30B3237}
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.23.27820-->MsiExec.exe /I{A94EC1B2-932B-49D7-8AF2-4FBD29FF314B}
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820-->MsiExec.exe /I{86BE78D9-65A1-4E69-86F8-C1F5281F8553}
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820-->MsiExec.exe /I{00AC3934-26B4-406E-807C-1692AC7329EC}
Microsoft XNA Framework Redistributable 4.0 Refresh-->MsiExec.exe /I{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}
Mozilla Firefox 72.0.2 (x64 sk)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Music NFO Builder verzia 1.21a-->"C:\Program Files (x86)\Music NFO Builder\unins000.exe"
OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
qBittorrent 4.2.5-->"C:\Program Files\qBittorrent\uninst.exe"
Realtek Ethernet Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe" -runfromtemp -removeonly
Realtek High Definition Audio Driver-->"C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe" -r -m -nrg2709
RecordAnyVID 1.0.8-->"C:\Program Files (x86)\VidPaw\RecordAnyVID\unins000.exe"
Rockstar Games Launcher-->"C:\Program Files\Rockstar Games\Launcher\uninstall.exe"
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Shutdown Timer-->MsiExec.exe /I{5E1DDD46-A5AF-4A06-B0FC-9C3E510BE742}
SnowRunner-->"E:\Games\SnowRunner\unins000.exe"
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
The Witcher 3 - Wild Hunt - Game of the Year Edition-->"E:\Games\The Witcher 3 Wild Hunt GOTY\unins000.exe"
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
VLC media player-->"C:\Program Files\VideoLAN\VLC\uninstall.exe"
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
WinRAR 5.90 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Wise Care 365 5.4.6.542-->"C:\Program Files (x86)\Wise Care 365\unins000.exe"

======Hosts File======

127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com
127.0.0.1 api.adguard.com
127.0.0.1 api.adguard.com
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site

======System event log======

Computer Name: DESKTOP-NORVJE6
Event Code: 7030
Message: Služba Rozšírenia a oznámenia tlačiarne je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.
Record Number: 197
Source Name: Service Control Manager
Time Written: 20191230124946.385210-000
Event Type: Error
User:

Computer Name: DESKTOP-NORVJE6
Event Code: 1014
Message: Name resolution for the name fe2cr.update.microsoft.com timed out after none of the configured DNS servers responded.
Record Number: 195
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20191230124941.635942-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: WIN-DNFU6CHH9GT
Event Code: 14
Message:
Record Number: 66
Source Name: Application Popup
Time Written: 20191230124648.889895-000
Event Type: Error
User:

Computer Name: WIN-DNFU6CHH9GT
Event Code: 7023
Message: Služba iphlpsvc bola ukončená s nasledujúcou chybou:
The device is not ready.
Record Number: 47
Source Name: Service Control Manager
Time Written: 20191230124647.233520-000
Event Type: Error
User:

Computer Name: WIN-DNFU6CHH9GT
Event Code: 7023
Message: Služba netprofm bola ukončená s nasledujúcou chybou:
The device is not ready.
Record Number: 45
Source Name: Service Control Manager
Time Written: 20191230124645.514640-000
Event Type: Error
User:

=====Application event log=====

Computer Name: DESKTOP-NORVJE6
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 17
Source Name: Microsoft-Windows-Search
Time Written: 20191230124902.221279-000
Event Type: Warning
User:

Computer Name: DESKTOP-NORVJE6
Event Code: 636
Message: Catalog Database (1484,D,35) Catalog Database: Flush map file "C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb.jfm" will be deleted. Reason: ReadHdrFailed.
Record Number: 15
Source Name: ESENT
Time Written: 20191230124901.049314-000
Event Type: Warning
User:

Computer Name: DESKTOP-NORVJE6
Event Code: 640
Message: Catalog Database (1484,D,35) Catalog Database: Error -1919 validating header page on flush map file "C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb.jfm". The flush map file will be invalidated.
Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:12/30/2019 12:48:56.752 Rand:3396003837 Computer:] [SignFmHdrFromFm:Create time:12/30/2019 12:49:00.721 Rand:251525924 Computer:]
Record Number: 14
Source Name: ESENT
Time Written: 20191230124901.049314-000
Event Type: Warning
User:

Computer Name: DESKTOP-NORVJE6
Event Code: 636
Message: Catalog Database (1484,D,35) Catalog Database: Flush map file "C:\Windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb.jfm" will be deleted. Reason: ReadHdrFailed.
Record Number: 13
Source Name: ESENT
Time Written: 20191230124900.971183-000
Event Type: Warning
User:

Computer Name: DESKTOP-NORVJE6
Event Code: 640
Message: Catalog Database (1484,D,35) Catalog Database: Error -1919 validating header page on flush map file "C:\Windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb.jfm". The flush map file will be invalidated.
Additional information: [SignDbHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignFmHdrFromDb:Create time:00/00/1900 00:00:00.000 Rand:0 Computer:] [SignDbHdrFromFm:Create time:12/30/2019 12:48:56.736 Rand:2906963545 Computer:] [SignFmHdrFromFm:Create time:12/30/2019 12:48:59.330 Rand:3970903146 Computer:]
Record Number: 12
Source Name: ESENT
Time Written: 20191230124900.971183-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: DESKTOP-NORVJE6
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
SeDelegateSessionUserImpersonatePrivilege
Record Number: 78275
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200513182310.812646-000
Event Type: Audit Success
User:

Computer Name: DESKTOP-NORVJE6
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: DESKTOP-NORVJE6$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Logon Information:
Logon Type: 5
Restricted Admin Mode: -
Virtual Account: No
Elevated Token: Yes

Impersonation Level: Impersonation

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Linked Logon ID: 0x0
Network Account Name: -
Network Account Domain: -
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x320
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 78274
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200513182310.812637-000
Event Type: Audit Success
User:

Computer Name: DESKTOP-NORVJE6
Event Code: 5379
Message: Credential Manager credentials were read.

Subject:
Security ID: S-1-5-21-3805889190-2908880830-1705731779-1001
Account Name: PC1
Account Domain: DESKTOP-NORVJE6
Logon ID: 0x4FA1DB5B
Read Operation: Enumerate Credentials

This event occurs when a user performs a read operation on stored credentials in Credential Manager.
Record Number: 78273
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200513182310.793755-000
Event Type: Audit Success
User:

Computer Name: DESKTOP-NORVJE6
Event Code: 5379
Message: Credential Manager credentials were read.

Subject:
Security ID: S-1-5-21-3805889190-2908880830-1705731779-1001
Account Name: PC1
Account Domain: DESKTOP-NORVJE6
Logon ID: 0x4FA1DB5B
Read Operation: Enumerate Credentials

This event occurs when a user performs a read operation on stored credentials in Credential Manager.
Record Number: 78272
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200513182310.793466-000
Event Type: Audit Success
User:

Computer Name: DESKTOP-NORVJE6
Event Code: 5379
Message: Credential Manager credentials were read.

Subject:
Security ID: S-1-5-21-3805889190-2908880830-1705731779-1001
Account Name: PC1
Account Domain: DESKTOP-NORVJE6
Logon ID: 0x4FA1DB5B
Read Operation: Enumerate Credentials

This event occurs when a user performs a read operation on stored credentials in Credential Manager.
Record Number: 78271
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20200513182310.792146-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"DriverData"=C:\Windows\System32\Drivers\DriverData
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=12
"PROCESSOR_LEVEL"=23
"PROCESSOR_IDENTIFIER"=AMD64 Family 23 Model 8 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0802
"AMDRMSDKPATH"=C:\Program Files\AMD\RyzenMasterSDK\
"VBOX_HWVIRTEX_IGNORE_SVM_IN_USE"=1
"ProgramData"=C:\ProgramData

-----------------EOF-----------------
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Poprosím preventívku

#3 Příspěvek od Conder »

Ahoj :)

:arrow: Tie zaznamy v hosts subore mas nastavene umyselne?

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Spustit skenovani a pockaj na dokoncenie
  • V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
  • V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
  • Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím preventívku

#4 Příspěvek od PureHate44 »

Nemám to nastavené umyselne :-/

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-05-26.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-05-2020
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 19
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\PC1\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\PC1\AppData\Local\Temp\Tencent
Deleted C:\Users\PC1\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Not Deleted C:\ProgramData\Tencent
Not Deleted C:\Users\PC1\AppData\Local\Tencent
Not Deleted C:\Users\PC1\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F73B76-36E2-4463-B96C-72EA9F9E22EA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{030D70CF-FC4C-4AC9-8CC4-D57A43D6CA0B}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3A559015-2A64-4970-89ED-173EF48057BE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7A40F514-F400-4859-9FB1-1CB49F388CB6}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C528A614-6C07-4AD8-A8D3-D32AA3F55764}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CB54CDCC-259C-4BE7-99F3-291E2142043F}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E27F6018-8EB5-47AB-8034-FFD92D699E70}
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3644 octets] - [05/06/2020 12:22:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Poprosím preventívku

#5 Příspěvek od Conder »

:arrow: Odporucam nepouzivat programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd.) - su to cinske smejdy, ktore mozu poskodit system.

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím preventívku

#6 Příspěvek od PureHate44 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2020
Ran by PC1 (administrator) on DESKTOP-NORVJE6 (MSI MS-7A39) (20-06-2020 20:11:51)
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1
Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0354308.inf_amd64_e6089e8d995128c8\B354265\atiesrxx.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\PC1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2006.2001.18.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.42.5001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.42.5001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4292.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.9-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\APP_Dragon_Center_Keeper.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\StorageMonitor\StorageMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Dragon Center\CC_Engine_x64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) E:\Program Files\txgameassistant\appmarket\AppMarket.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) E:\Program Files\txgameassistant\appmarket\QMEmulatorService.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) E:\Program Files\txgameassistant\appmarket\TBSWebRenderer.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2020-04-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [GoogleChromeAutoLaunch_19ACBD9F62975BB0B01B7468665DF1C7] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-09-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [Discord] => C:\Users\PC1\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32339344 2020-06-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5597032 2020-06-04] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {283cab94-2c81-11ea-925c-309c239b7301} - "F:\setup_the_witcher_3_wild_hunt_goty_1.31_(a)_(9709).exe"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {9ac74462-ab51-11ea-9278-309c239b7301} - "H:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.54\Installer\setup.exe [2020-06-19] (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0723222F-5DD2-4AC4-87C9-44D2F8161DF9} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {138965F3-786A-4B33-BD67-D621B4EA35E7} - System32\Tasks\Software Updater SkipUAC(PC1) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4526352 2020-05-07] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {1A4A1B7C-ED0F-4703-93ED-3D4D35F8161F} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\Scheduler.exe [149776 2020-06-08] (IObit Information Technology -> IObit)
Task: {25627D35-9D1C-42E9-9643-D720C88A2FCD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A1151BF-4DFB-46B8-B402-A2BB6C88A023} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1788688 2020-03-12] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {31A9AAAC-1AF5-4062-9129-70564FE726CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3864E160-CA8C-431C-957B-A13304D43FC1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3BFDF372-094F-491A-9B14-17B0EB3CBEDB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\MpCmdRun.exe [512280 2020-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47CEE2A7-63C2-4136-85BF-5258710C13FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\MpCmdRun.exe [512280 2020-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B0141AF-A466-4AF0-9C75-B42051E7A5C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-12-30] (Google Inc -> Google Inc.)
Task: {55C0DA28-EE27-494F-8385-3E738FC3BBBA} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4526352 2020-05-07] (IObit Information Technology -> IObit)
Task: {64F37519-4C60-4FB0-846D-14C5F1349527} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\MpCmdRun.exe [512280 2020-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68E07D55-2A99-490C-981A-41ED0A638EE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-12-30] (Google Inc -> Google Inc.)
Task: {6ACF82E7-3AEE-4486-B570-B0D89394D7FE} - System32\Tasks\Driver Booster SkipUAC (PC1) => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\DriverBooster.exe [7941392 2020-06-08] (IObit Information Technology -> IObit)
Task: {84EBDA34-B6D3-4EFB-A509-689EE6DE6AF8} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\AutoUpdate.exe [2369808 2020-06-08] (IObit Information Technology -> IObit)
Task: {9BE6C7BE-80B4-4069-B061-78CC23786216} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\MpCmdRun.exe [512280 2020-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CFDBB24-ABB3-450E-B506-21AA416A70FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{a50c53b0-d4f4-49ee-b467-78734889d75b}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Internet Explorer:
==================

Edge:
======
Edge Profile: C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-10]

FireFox:
========
FF DefaultProfile: 29i8chys.default
FF ProfilePath: C:\Users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\29i8chys.default [2020-02-03]
FF ProfilePath: C:\Users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\ocl9vi7m.default-release [2020-06-20]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2020-06-20]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Prezentácie) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-31]
CHR Extension: (Magio GO) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2020-01-01]
CHR Extension: (Dokumenty) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-31]
CHR Extension: (Disk Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-31]
CHR Extension: (YouTube) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-31]
CHR Extension: (Aliexpress SuperStar - price history & currency) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2020-04-20]
CHR Extension: (Tabuľky) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-31]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-30]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-06-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-31]
CHR Extension: (GearBest Star, Price history, coupons ) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\obahoaepjklfhghnafdcganehbokgffh [2020-01-01]
CHR Extension: (Gmail) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [175976 2020-06-04] (Adguard Software Limited -> Adguard Software Ltd)
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0354308.inf_amd64_e6089e8d995128c8\B354265\atiesrxx.exe [524512 2020-05-24] (Advanced Micro Devices, Inc. -> AMD)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3648104 2018-09-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DragonCenter_Service; C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe [142512 2019-04-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation -> Microsoft Corporation)
R2 GameInput; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [37808 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.42.5001.0_x64__8wekyb3d8bbwe\GamingServices.exe [46000 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.42.5001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [46000 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.54\elevation_service.exe [1507208 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
R2 QMEmulatorService; E:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [197712 2020-04-21] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\NisSrv.exe [2496152 2020-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\MsMpEng.exe [104200 2020-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files (x86)\Wise Care 365\BootTime.exe [658600 2018-12-06] (Lespeed Technology Ltd. -> WiseCleaner.com)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [93184 2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24528 2020-04-10] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0354308.inf_amd64_e6089e8d995128c8\B354265\atikmdag.sys [65752800 2020-05-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0354308.inf_amd64_e6089e8d995128c8\B354265\atikmpag.sys [592096 2020-05-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [102832 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31520 2020-04-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [146304 2020-04-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [93240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [33336 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 aow_drv; E:\Program Files\TxGameAssistant\UI\3.21.736.100\aow_drv_x64_ev.sys [871296 2020-04-27] (Tencent Technology (Shenzhen) Company Limited -> Tencent)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [108152 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2020-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2020-01-03] (Disc Soft Ltd -> Disc Soft Ltd)
R1 EneIo; C:\Windows\system32\drivers\ene.sys [16320 2018-03-20] (Ptolemy Tech Co., Ltd -> )
R3 gameflt; C:\Windows\System32\DriverStore\FileRepository\gameflt.inf_amd64_ad5ce1f12ff43d18\gameflt.sys [71528 2020-06-14] (Microsoft Windows -> Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-04-10] (Martin Malik - REALiX -> REALiX(tm))
R3 ipadtst; C:\ProgramData\MSI\Super_Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider)
R3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\Dragon Center\Lib\Super_Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [812208 2020-04-11] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [555064 2020-04-08] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\Windows\system32\drivers\UniSafe.sys [581912 2020-06-14] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45976 2020-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [408800 2020-06-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64232 2020-06-20] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2020-01-02] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
R3 Xvdd; C:\Windows\System32\DriverStore\FileRepository\xvdd.inf_amd64_dbf5e4a1b4cd7ed7\xvdd.sys [509288 2020-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 atillk64; \??\C:\Users\PC1\AppData\Local\Temp\LiveUpdateAPI\AGT\atillk64.sys [X] <==== ATTENTION
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-20 20:11 - 2020-06-20 20:11 - 002289664 _____ (Farbar) C:\Users\PC1\Downloads\FRST64 (1).exe
2020-06-16 00:24 - 2020-06-16 00:24 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2020-06-16 00:24 - 2020-06-16 00:24 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2020-06-13 18:42 - 2020-06-13 18:42 - 000000000 ____D C:\Users\PC1\AppData\Local\2K Games
2020-06-13 18:36 - 2020-06-13 18:41 - 000000803 _____ C:\Users\PC1\Desktop\Mafia III Definitive Edition.lnk
2020-06-13 18:36 - 2020-06-13 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia III Definitive Edition
2020-06-13 17:58 - 2020-06-13 17:58 - 000391953 _____ C:\Users\PC1\Downloads\Mafia2-Definitive-Edition-ScriptHook-master.zip
2020-06-13 16:08 - 2020-06-20 20:12 - 000000000 ____D C:\ProgramData\Adguard
2020-06-13 16:08 - 2020-06-20 19:58 - 000000000 ____D C:\Program Files (x86)\Adguard
2020-06-13 16:08 - 2020-06-13 16:08 - 000173416 _____ C:\Users\PC1\Downloads\adguardInstaller.exe
2020-06-13 16:08 - 2020-06-13 16:08 - 000001002 _____ C:\Users\Public\Desktop\Adguard.lnk
2020-06-13 16:08 - 2020-06-13 16:08 - 000001002 _____ C:\ProgramData\Desktop\Adguard.lnk
2020-06-13 16:08 - 2020-06-13 16:08 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Adguard Software Ltd
2020-06-13 16:08 - 2020-06-13 16:08 - 000000000 ____D C:\Users\PC1\AppData\Local\Adguard_Software_Ltd
2020-06-13 16:08 - 2020-06-13 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard
2020-06-13 16:08 - 2020-04-07 09:31 - 000093184 _____ () C:\Windows\system32\Drivers\adgnetworkwfpdrv.sys
2020-06-12 23:56 - 2020-06-12 23:56 - 000003184 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler
2020-06-12 23:56 - 2020-06-12 23:56 - 000003170 _____ C:\Windows\system32\Tasks\Driver Booster Update
2020-06-12 23:56 - 2020-06-12 23:56 - 000002940 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (PC1)
2020-06-12 23:56 - 2020-06-12 23:56 - 000002361 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2020-06-12 23:56 - 2020-06-12 23:56 - 000002361 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2020-06-12 23:56 - 2020-06-12 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-06-10 21:36 - 2020-06-19 19:25 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-10 21:36 - 2020-06-19 19:25 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-10 21:36 - 2020-06-19 19:25 - 000002282 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-10 21:36 - 2020-06-12 23:54 - 000003576 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-10 21:36 - 2020-06-12 23:54 - 000003452 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-10 21:28 - 2020-06-10 21:28 - 025902080 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 019851776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 018029056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 011608064 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 009712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 008015360 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 007760384 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 007268864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 007012864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 006526448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 006292480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 006091048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 005909504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 005765144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 005195432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 005111808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 005004344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 004610560 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 003525608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 003515392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 003398656 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 002831872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 002798592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-06-10 21:28 - 2020-06-10 21:28 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-06-10 21:28 - 2020-06-10 21:28 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-06-10 21:28 - 2020-06-10 21:28 - 002583496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 002281472 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 002230240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 002204160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 002184504 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001803776 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 001704448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001654960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001637888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001539072 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 001467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001416224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001410048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001344512 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001284608 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001272160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpsharercom.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 001193984 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001151824 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001138688 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001099608 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 001066496 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001055184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 001012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000994304 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000992256 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\tapi3.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000940544 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000920064 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000897536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000894024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapi3.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000783496 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000747832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000740664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000692224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkObjCore.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000684856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000674304 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000668672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000651776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000651264 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000640000 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000632320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000628408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000619008 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000596992 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000593424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000575488 _____ (Microsoft® Windows® Operating System) C:\Windows\system32\wvc.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000572200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000569856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000567808 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2020-06-10 21:28 - 2020-06-10 21:28 - 000564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000529920 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000529920 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000522240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000516544 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000508720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000508216 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2020-06-10 21:28 - 2020-06-10 21:28 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000478208 _____ (Microsoft® Windows® Operating System) C:\Windows\SysWOW64\wvc.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000462848 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000453944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000451864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000430592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000430592 _____ (Microsoft Corporation) C:\Windows\system32\WalletService.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000426496 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000423424 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000407864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000405936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000398336 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000398336 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000361472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassdo.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswmdm.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000325120 _____ (Microsoft Corporation) C:\Windows\system32\rdpviewerax.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-06-10 21:28 - 2020-06-10 21:28 - 000323584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Preview.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000283136 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpviewerax.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2020-06-10 21:28 - 2020-06-10 21:28 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\FileHistory.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000248320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000223544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2020-06-10 21:28 - 2020-06-10 21:28 - 000204008 _____ (Microsoft Corporation) C:\Windows\system32\SecurityCenterBroker.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000199992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\wmidx.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000196096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000194560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psr.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000183808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000166912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000165192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSM.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000150328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidx.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\wkspbrokerAx.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaatext.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000114688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000099712 _____ (Microsoft Corporation) C:\Windows\system32\FsIso.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkspbrokerAx.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000093448 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000090952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000089344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\WwanRadioManager.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2020-06-10 21:28 - 2020-06-10 21:28 - 000083600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2020-06-10 21:28 - 2020-06-10 21:28 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasads.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollCtrl.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000041864 _____ (Microsoft Corporation) C:\Windows\system32\SecurityCenterBrokerPS.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-06-10 21:28 - 2020-06-10 21:28 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000028368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-06-10 21:28 - 2020-06-10 21:28 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-06-10 21:27 - 2020-06-10 21:27 - 009931576 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 007911176 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 007604592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 007266080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 006435840 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 006066808 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 005283264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 004565248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 004012032 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 003726848 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-06-10 21:27 - 2020-06-10 21:27 - 003712000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 003581240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-06-10 21:27 - 2020-06-10 21:27 - 003368104 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 003187200 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-06-10 21:27 - 2020-06-10 21:27 - 002656256 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 002289664 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 002235520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001919488 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001743680 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001683968 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001649152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001637888 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001583104 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001486336 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 001466368 _____ (Microsoft Corporation) C:\Windows\system32\rdpsharercom.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001447424 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 001393952 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001283072 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001274128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001261568 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001260744 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001158144 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001155944 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001100288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001073664 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001007104 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 001003832 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000932256 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000931840 _____ (Microsoft Corporation) C:\Windows\system32\InkObjCore.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000892048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000881664 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-06-10 21:27 - 2020-06-10 21:27 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000797464 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000784896 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000777216 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000760296 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000736768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntime.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000716320 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000716288 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntimewindows.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000696832 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000650752 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000648192 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000614400 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-06-10 21:27 - 2020-06-10 21:27 - 000557056 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000553984 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-06-10 21:27 - 2020-06-10 21:27 - 000548984 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000531768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2020-06-10 21:27 - 2020-06-10 21:27 - 000518456 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000472064 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000467952 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000461112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000441152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-06-10 21:27 - 2020-06-10 21:27 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000427008 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000425056 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000394752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Preview.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000368640 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000357176 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-06-10 21:27 - 2020-06-10 21:27 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000280376 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000269312 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000264192 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000247856 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManagerClient.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\psr.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000221496 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000209216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\NPSM.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SIUF.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\AarSvc.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-06-10 21:27 - 2020-06-10 21:27 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\msaatext.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000165832 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000165296 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000132424 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000129600 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\NetworkStatus.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000128312 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000108856 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\RpcEpMap.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\WlanRadioManager.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\XboxGipRadioManager.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000063288 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\NfcRadioMedia.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnosticsTool.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2020-06-10 21:27 - 2020-06-10 21:27 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe
2020-06-10 21:27 - 2020-06-10 21:27 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-06-10 21:23 - 2020-05-15 06:29 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-06-10 21:23 - 2020-05-15 06:10 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-06-05 19:05 - 2020-04-02 11:19 - 000000000 ____D C:\Users\PC1\Desktop\RDR2cz
2020-06-05 19:03 - 2020-06-05 19:03 - 059959733 _____ C:\Users\PC1\Downloads\RDR2cz_v1.zip
2020-06-05 14:30 - 2020-06-05 14:30 - 000291247 _____ C:\Users\PC1\Downloads\ScriptHookRDR2_1.0.1232.17.zip
2020-06-05 14:29 - 2020-06-05 14:29 - 000743165 _____ C:\Users\PC1\Downloads\Rampage-233-1-1-1591126801.zip
2020-06-05 12:44 - 2020-06-05 12:44 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2020-06-05 12:21 - 2020-06-05 16:48 - 000000000 ____D C:\AdwCleaner
2020-06-05 12:21 - 2020-06-05 12:21 - 008402608 _____ (Malwarebytes) C:\Users\PC1\Downloads\adwcleaner_8.0.5.exe
2020-06-05 09:21 - 2020-06-05 09:21 - 000120190 _____ C:\Users\PC1\Downloads\Steam.DN.rar
2020-06-05 09:20 - 2020-06-05 09:20 - 000108032 _____ C:\Users\PC1\Desktop\Red Dead Redemption 2 (Steam).exe
2020-06-03 12:39 - 2020-06-03 12:39 - 000124253 _____ C:\Users\PC1\Downloads\Mafia 2 Definitive Edition Scripthook and Trainer Scripts-155-1-1-1590004623.zip
2020-06-03 12:28 - 2020-06-03 12:28 - 000000000 ____D C:\Users\PC1\AppData\Local\OneDrive
2020-06-03 12:12 - 2020-06-03 12:12 - 000005385 _____ C:\Users\PC1\Downloads\[CzT]Adguard_Premium_v_3_5_14_CZ_SK_Android_.torrent
2020-06-03 11:31 - 2020-06-03 11:31 - 062620472 _____ (Discord Inc.) C:\Users\PC1\Downloads\DiscordSetup (1).exe
2020-06-03 11:31 - 2020-06-03 11:31 - 000000000 ____D C:\Users\PC1\AppData\Local\Discord
2020-06-03 11:23 - 2020-06-03 11:24 - 229157252 _____ C:\Users\PC1\Downloads\DLC Unlocker for M2DE-170-1-0-1590928852.zip
2020-06-02 16:31 - 2020-06-02 16:32 - 000000000 ____D C:\rsit
2020-06-02 16:31 - 2020-06-02 16:32 - 000000000 ____D C:\Program Files\trend micro
2020-06-02 16:31 - 2020-06-02 16:31 - 001222144 _____ C:\Users\PC1\Downloads\RSITx64.exe
2020-06-02 15:45 - 2020-06-02 15:49 - 925128554 _____ C:\Users\PC1\Downloads\d187.rar
2020-06-01 12:27 - 2020-06-01 12:27 - 119947873 _____ C:\Users\PC1\Downloads\Act Of Violence - 2017 - Alte Liebe rostet nicht.rar
2020-05-31 18:00 - 2020-05-31 18:00 - 000000000 ____D C:\Users\PC1\AppData\Roaming\WeMod
2020-05-31 17:58 - 2020-05-31 17:58 - 000143184 _____ C:\Users\PC1\Downloads\[SkT]Mafia_III__Definitive_Edition_(2020)(CZ).torrent
2020-05-29 21:43 - 2020-05-29 21:43 - 000000000 ____D C:\Program Files\UNP
2020-05-24 22:22 - 2020-06-14 08:43 - 000137152 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2020-05-24 01:55 - 2020-05-24 01:55 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2020-05-24 01:55 - 2020-05-24 01:55 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2020-05-24 01:55 - 2020-05-24 01:55 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2020-05-24 01:55 - 2020-05-24 01:55 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2020-05-24 01:55 - 2020-05-24 01:55 - 000000000 ____D C:\Program Files (x86)\OpenAL
2020-05-24 01:55 - 2020-05-24 01:55 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2020-05-24 01:18 - 2020-05-24 01:18 - 001784536 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-24 01:18 - 2020-05-24 01:18 - 001784536 _____ C:\Windows\system32\vulkaninfo.exe
2020-05-24 01:18 - 2020-05-24 01:18 - 001374936 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-24 01:18 - 2020-05-24 01:18 - 001374936 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-05-24 01:18 - 2020-05-24 01:18 - 001243360 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2020-05-24 01:18 - 2020-05-24 01:18 - 001085976 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-05-24 01:18 - 2020-05-24 01:18 - 001085976 _____ C:\Windows\system32\vulkan-1.dll
2020-05-24 01:18 - 2020-05-24 01:18 - 000944824 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-05-24 01:18 - 2020-05-24 01:18 - 000944824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-05-24 01:18 - 2020-05-24 01:18 - 000135392 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-05-24 01:18 - 2020-05-24 01:18 - 000121568 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-05-24 01:18 - 2020-05-24 01:18 - 000020408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2020-05-24 01:18 - 2020-05-24 01:18 - 000020408 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2020-05-23 21:21 - 2020-05-23 21:21 - 000656157 _____ C:\Users\PC1\Downloads\Mafia.II.Definitive.Edition.v1.0.Plus.12.Trainer-FLiNG.zip
2020-05-22 22:22 - 2020-05-22 22:22 - 000000000 ____D C:\Users\Public\Documents\Steam
2020-05-22 22:22 - 2020-05-22 22:22 - 000000000 ____D C:\ProgramData\Documents\Steam
2020-05-22 21:10 - 2020-05-22 21:10 - 000129292 _____ C:\Users\PC1\Downloads\[SkT]Mafia_II__Definitive_Edition_(2020)(CZ).torrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-20 20:12 - 2020-01-31 14:14 - 000022836 _____ C:\Users\PC1\Downloads\FRST.txt
2020-06-20 20:12 - 2020-01-31 14:14 - 000000000 ____D C:\FRST
2020-06-20 20:01 - 2019-12-30 14:46 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-06-20 19:58 - 2019-12-30 14:51 - 000000000 ___RD C:\Users\PC1\OneDrive
2020-06-19 07:16 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-19 07:03 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-19 07:03 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
2020-06-19 00:03 - 2019-12-30 14:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-06-17 21:33 - 2019-12-30 15:02 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-17 21:33 - 2019-12-30 15:02 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-17 21:33 - 2019-12-30 15:02 - 000002272 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-16 00:24 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-06-14 19:52 - 2019-12-30 15:03 - 000000000 ____D C:\Users\PC1\AppData\Local\D3DSCache
2020-06-14 18:01 - 2020-04-09 15:53 - 000581912 _____ (TENCENT) C:\Windows\system32\Drivers\UniSafe.sys
2020-06-14 08:43 - 2020-05-05 09:31 - 001541048 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2020-06-14 08:43 - 2020-05-05 09:31 - 000156608 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2020-06-14 08:43 - 2020-05-05 09:31 - 000134072 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2020-06-14 08:43 - 2020-05-05 09:31 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2020-06-14 08:43 - 2020-05-05 09:31 - 000033712 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2020-06-13 16:08 - 2019-12-30 14:59 - 000000000 ____D C:\ProgramData\Package Cache
2020-06-12 23:56 - 2020-04-02 20:19 - 000000000 ____D C:\Users\PC1\AppData\Roaming\IObit
2020-06-12 23:56 - 2020-04-02 20:19 - 000000000 ____D C:\ProgramData\ProductData
2020-06-10 22:07 - 2020-04-02 20:19 - 000000000 ____D C:\ProgramData\IObit
2020-06-10 21:40 - 2020-01-04 19:25 - 000647112 _____ C:\Windows\system32\perfh01B.dat
2020-06-10 21:40 - 2020-01-04 19:25 - 000122510 _____ C:\Windows\system32\perfc01B.dat
2020-06-10 21:40 - 2019-12-30 14:55 - 001521678 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-10 21:37 - 2019-12-30 14:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-10 21:37 - 2019-12-30 14:50 - 000000000 ___RD C:\Users\PC1\3D Objects
2020-06-10 21:36 - 2020-01-05 12:36 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2020-06-10 21:36 - 2019-12-30 14:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-10 21:35 - 2019-12-30 15:02 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-06-10 21:35 - 2019-03-19 12:55 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-10 21:35 - 2019-03-19 12:55 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\SysWOW64\F12
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\system32\F12
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\Com
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SystemResources
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\oobe
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\Dism
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\Com
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-06-10 21:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\bcastdvr
2020-06-10 21:35 - 2019-03-19 06:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-06-10 21:30 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
2020-06-10 21:27 - 2019-12-30 14:49 - 002876416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-06-07 13:09 - 2020-01-08 10:43 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-06 13:31 - 2019-12-30 14:50 - 000000000 ____D C:\Users\PC1\AppData\Local\Packages
2020-06-05 23:03 - 2019-03-19 06:56 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2019-03-19 06:56 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-05 16:48 - 2020-04-02 20:19 - 000000000 ____D C:\Users\PC1\AppData\LocalLow\IObit
2020-06-05 15:54 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\NDF
2020-06-05 14:24 - 2020-03-21 14:57 - 000000000 ____D C:\Users\PC1\AppData\Local\ElevatedDiagnostics
2020-06-05 13:01 - 2020-01-01 12:33 - 000000000 ____D C:\Users\PC1\AppData\Roaming\qBittorrent
2020-06-05 12:45 - 2020-05-17 14:25 - 000000000 ____D C:\Users\PC1\AppData\Local\Rockstar Games
2020-06-05 12:45 - 2020-04-08 08:32 - 000000000 ____D C:\Users\PC1\Documents\Rockstar Games
2020-06-05 12:44 - 2020-05-17 14:21 - 000000000 ____D C:\Program Files\Rockstar Games
2020-06-05 12:44 - 2020-05-17 14:21 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-06-05 12:29 - 2020-01-04 13:36 - 000000000 ____D C:\Users\PC1\AppData\Roaming\vlc
2020-06-05 09:17 - 2020-04-13 20:05 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-05 04:48 - 2020-05-05 09:31 - 000201656 _____ (Microsoft Corporation) C:\Windows\system32\GameInput.dll
2020-06-05 02:38 - 2020-05-05 09:31 - 000162744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GameInput.dll
2020-06-04 16:39 - 2020-01-05 15:48 - 000000000 ____D C:\Users\PC1\AppData\Local\Tencent
2020-06-04 16:39 - 2020-01-05 15:47 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Tencent
2020-06-03 12:43 - 2020-03-30 17:07 - 000000000 ____D C:\Users\PC1\AppData\Roaming\discord
2020-06-03 11:31 - 2020-03-30 17:07 - 000002227 _____ C:\Users\PC1\Desktop\Discord.lnk
2020-06-03 11:31 - 2020-03-30 17:07 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-06-03 11:31 - 2020-03-30 17:07 - 000000000 ____D C:\Users\PC1\AppData\Local\SquirrelTemp
2020-06-01 12:46 - 2020-04-02 20:19 - 000002187 _____ C:\Users\Public\Desktop\IObit Software Updater.lnk
2020-06-01 12:46 - 2020-04-02 20:19 - 000002187 _____ C:\ProgramData\Desktop\IObit Software Updater.lnk
2020-05-31 17:54 - 2020-01-02 11:29 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Wise Uninstaller
2020-05-29 21:40 - 2019-12-30 14:51 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3805889190-2908880830-1705731779-1001
2020-05-29 21:40 - 2019-12-30 14:50 - 000002349 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-24 10:59 - 2020-04-02 20:19 - 000003442 _____ C:\Windows\system32\Tasks\SU_AutoUpdate
2020-05-24 10:59 - 2020-04-02 20:19 - 000003176 _____ C:\Windows\system32\Tasks\Software Updater Scheduler
2020-05-24 10:59 - 2020-04-02 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater
2020-05-24 01:54 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-05-24 01:18 - 2020-04-10 20:25 - 062867680 _____ C:\Windows\system32\amd_comgr.dll
2020-05-24 01:18 - 2020-04-10 20:25 - 052403424 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2020-05-24 01:18 - 2020-04-10 20:25 - 001594080 _____ (AMD) C:\Windows\system32\coinst_19.50.dll
2020-05-24 01:18 - 2020-04-10 20:25 - 000198120 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2020-05-24 01:18 - 2020-04-10 20:25 - 000167720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 004585696 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 004095200 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2020-05-24 01:18 - 2019-12-30 15:02 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2020-05-24 01:18 - 2019-12-30 15:02 - 001730784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 001243360 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000941992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000769448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000761056 _____ (AMD) C:\Windows\system32\atieclxx.exe
2020-05-24 01:18 - 2019-12-30 15:02 - 000574680 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000554408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000546328 _____ C:\Windows\system32\amdmiracast.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000543168 _____ C:\Windows\SysWOW64\atiapfxx.blb
2020-05-24 01:18 - 2019-12-30 15:02 - 000543168 _____ C:\Windows\system32\atiapfxx.blb
2020-05-24 01:18 - 2019-12-30 15:02 - 000493792 _____ C:\Windows\system32\dgtrayicon.exe
2020-05-24 01:18 - 2019-12-30 15:02 - 000491744 _____ C:\Windows\system32\GameManager64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000485592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000484800 _____ C:\Windows\system32\amdgfxinfo64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000469216 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000451808 _____ C:\Windows\system32\atieah64.exe
2020-05-24 01:18 - 2019-12-30 15:02 - 000384448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000374496 _____ C:\Windows\SysWOW64\GameManager32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000374184 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000345824 _____ C:\Windows\SysWOW64\atieah32.exe
2020-05-24 01:18 - 2019-12-30 15:02 - 000344800 _____ C:\Windows\system32\clinfo.exe
2020-05-24 01:18 - 2019-12-30 15:02 - 000241888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000209120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000184544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000178880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000163040 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000159456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000158224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000153312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000138464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000136416 _____ (AMD) C:\Windows\system32\atimuixx.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000136416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000134952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000128752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000124640 _____ C:\Windows\system32\atidxx64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000121256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000120072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000107232 _____ C:\Windows\SysWOW64\atidxx32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000106408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000070880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000047320 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2020-05-24 01:18 - 2019-12-30 15:02 - 000044248 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2020-05-22 22:22 - 2020-05-05 15:37 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-05-22 22:22 - 2020-03-15 15:31 - 000000000 ____D C:\Users\PC1\Documents\My Games

==================== Files in the root of some directories ========

2020-01-22 20:25 - 2020-01-22 20:25 - 000000227 _____ () C:\ProgramData\fontcacheev1.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím preventívku

#7 Příspěvek od PureHate44 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2020
Ran by PC1 (20-06-2020 20:12:53)
Running from C:\Users\PC1\Downloads
Windows 10 Home Version 1909 18363.900 (X64) (2019-12-30 12:49:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3805889190-2908880830-1705731779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3805889190-2908880830-1705731779-503 - Limited - Disabled)
Guest (S-1-5-21-3805889190-2908880830-1705731779-501 - Limited - Disabled)
PC1 (S-1-5-21-3805889190-2908880830-1705731779-1001 - Administrator - Enabled) => C:\Users\PC1
WDAGUtilityAccount (S-1-5-21-3805889190-2908880830-1705731779-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.4.3247.0 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{dcbde765-64fe-4330-8b23-63969890f1e7}) (Version: 7.4.3247.0 - Adguard Software Ltd)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.0.0.1110 - Advanced Micro Devices, Inc.)
Assassin's Creed: Odyssey (HKLM-x32\...\Assassin's Creed: Odyssey_is1) (Version: - )
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.75.1088 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0616 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dragon Center (HKLM-x32\...\{B252FABF-9582-4824-B02B-6D2DC93685C7}}_is1) (Version: 1.0.0.50 - MSI)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.5.0 - IObit)
ENE IO Driver (HKLM-x32\...\{D0512FF6-6194-4D2E-967E-25B82A3322FF}) (Version: 1.0.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{2914DF72-932B-4DF2-9696-C2821EDA1CA9}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{546469ee-3f9d-4fe4-bf1c-893f79cf7327}) (Version: 1.00.09 - Ene Tech.) Hidden
ENE_EHD_HAL (HKLM\...\{F56EC5A0-3A93-492E-882A-E036F5897CC7}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_HAL (HKLM-x32\...\{cc33eebd-777b-4177-8cd7-6ab9fd06ceed}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GameInput Redistributable (HKLM-x32\...\{93B91052-9882-92F9-45E4-2EA38BC07D9E}) (Version: 10.1.19041.3357 - Microsoft Corporation)
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.52.5316 - GOM & Company)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 3.0.1.1425 - IObit)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Mafia III Definitive Edition (HKLM-x32\...\Mafia III Definitive Edition_is1) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.54 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft OneDrive (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 72.0.2 (x64 sk)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
Music NFO Builder verzia 1.21a (HKLM-x32\...\{CC9F74BA-CA3D-4C13-A97A-738DA26ED686}_is1) (Version: 1.21a - Paweł Piecuch)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
RecordAnyVID 1.0.8 (HKLM-x32\...\{E6D336D4-5803-452C-A20B-1CBDB574A53E}_is1) (Version: 1.0.8 - VidPaw)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
Shutdown Timer (HKLM-x32\...\{5E1DDD46-A5AF-4A06-B0FC-9C3E510BE742}) (Version: 1.0.0 - Newton Software Solutions)
SnowRunner (HKLM-x32\...\SnowRunner_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3 - Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.30.0.0 - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wise Care 365 5.4.6.542 (HKLM-x32\...\Wise Care 365_is1) (Version: 5.4.6.542 - lrepacks.ru)

Packages:
=========
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation)
Herné služby -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.42.5001.0_x64__8wekyb3d8bbwe [2020-06-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.19.31501.0_x64__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-01] (Spotify AB) [Startup Task]
Xbox -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2006.2001.18.0_x64__8wekyb3d8bbwe [2020-06-18] (Microsoft Corporation) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2020-05-14 23:17 - 2020-05-14 23:17 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2020-05-14 23:17 - 2020-05-14 23:17 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2020-05-14 23:17 - 2020-05-14 23:17 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-05-14 00:22 - 2020-05-14 00:22 - 003155968 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DotNetCommon\a9cd005950c44e4b9c71d47b1b18b7d7\DotNetCommon.ni.dll
2020-05-14 00:22 - 2020-05-14 00:22 - 004811776 _____ (Disc Soft Ltd) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\2a3ffe7ddd7750969b4b89759352ebd1\DiscSoft.NET.Common.ni.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2020-05-14 23:17 - 2020-05-14 23:17 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
AlternateDataStreams: C:\Windows\System32:tdsrset_i.gfc [5846]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-05-05 15:38 - 000001944 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com
127.0.0.1 api.adguard.com
127.0.0.1 api.adguard.com
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B1635F01-399D-4AB0-8B13-D3F0791AA788}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{47D84D1F-2480-46B8-B9B7-95DFD83E7A3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AD89387D-338D-4180-9D79-00CDDF75F432}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{BBDDF042-F102-4390-BC3C-CBD422ABF084}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F9FF5EE5-6D67-4C59-8A19-99FC2C94914E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1AEF008A-7B41-4431-AFE8-D82916538CA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3D8018CC-AE93-4E53-8BD5-5648701D8AEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{BCE8A597-3C4F-43DF-8A39-86136B5804F8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5708FB3E-6636-41FF-BFA3-905AB6D47F3F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{E94CEAD2-A92D-48D6-870E-6A5074D59089}E:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{A5EF453F-FB33-490E-8F12-5359245B49BC}E:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [{D644BFC4-D082-4E7F-9815-2340F3AB33A1}] => (Allow) e:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{2072B4FA-5E4B-4CC0-92DE-99DB97BC7EBA}] => (Allow) e:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{5F04E17D-C45F-4CEE-B181-EBD57D7A524A}] => (Allow) e:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{957E11C8-EA35-4A24-AC29-BE2293A89010}] => (Allow) e:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D60ED8F3-542D-411F-974D-4925403149A0}] => (Allow) e:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{01EE47DF-C795-4BA8-A43D-236B3FCCEECC}] => (Allow) e:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{237D5BA8-D077-43A4-8EBF-274CBCB577E4}] => (Allow) e:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{C8EE4BA1-5BDF-44F8-A8CB-F0E7871F025C}] => (Allow) e:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{C8C0CD5D-4ACB-4324-B45C-8B7CB34E0DED}] => (Allow) e:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{EA370E5F-8F09-475D-A77D-5D36287041BE}] => (Allow) e:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{0552693C-A473-4785-93B2-D9B1907B3764}] => (Allow) e:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{30A53DBA-5AAA-4936-8732-B35A701D6368}E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe] => (Block) E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe => No File
FirewallRules: [UDP Query User{BDB7602D-DC67-4E70-BEDB-57F99073C460}E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe] => (Block) E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe => No File
FirewallRules: [{E7E73EE7-0936-48EC-9A5F-18B678630352}] => (Allow) e:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A4A434BB-66BC-4779-8041-8EAC671143CB}] => (Allow) e:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{F2E30FD7-471E-4A41-999A-0689E1F3E460}] => (Allow) e:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{AE31E3E0-A1C7-4943-B1F3-A99B599BE269}] => (Allow) e:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{394D50A2-4E1E-430B-878B-C78390AEC04E}] => (Allow) e:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{5A6B1260-C81B-4F5C-9E84-D8E2DE0725B4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{2B7699AC-3F82-4CD3-96D1-B16F736DF81A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{CAB11F35-0EB1-449A-BB10-B7242E978BEA}] => (Allow) e:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{5DFDDF40-16A5-4108-A36D-612E298DC383}] => (Allow) e:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{1758D022-375E-4C81-901F-B4C7895A29F5}] => (Allow) e:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{3855220A-29C0-4FA9-B680-E42A65755B3F}] => (Allow) e:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{0EF0BE99-1DFF-4371-BDDD-8C918D2E4900}] => (Allow) e:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{474F5D64-52F8-479C-9E87-68580BB331C5}] => (Allow) e:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{DF217D3B-F09C-4FCF-90C1-F687A73EE971}] => (Allow) e:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{5AF6C7A0-AAA5-4965-9C3B-E33177D405EF}] => (Allow) e:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{7FF19D80-26D0-46E9-8C4C-9A462FB1A3BB}] => (Allow) e:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C330E73C-912E-4B53-AB0E-C3D4DA7B2A22}] => (Allow) e:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B73FBD65-385C-4CB2-83AE-7B9F1AD0FE57}] => (Allow) e:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{2B7601D0-102D-4B8E-8832-A59B35FCC2EC}] => (Allow) e:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{27C83B69-782B-446F-B288-30B5DB343E0B}] => (Allow) e:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{C84DC81B-2C84-4E1F-AF7B-585152CDA59C}] => (Allow) e:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{7AB9AC9C-D254-46F8-8DC2-87E65EF21F38}] => (Allow) e:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{DA121990-99ED-48C8-8EF9-FA156618BEDA}] => (Allow) e:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{86243910-BBFE-4105-8CE0-7E9F60A083F2}] => (Allow) e:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{92E03105-712A-41A8-9BE6-B4F6AE75E4FF}] => (Allow) e:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A30E0462-3C70-473E-A303-60C8171D4364}] => (Allow) e:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{EBBE647C-7C6F-4531-B693-6B528192B168}] => (Allow) e:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{692D951F-EADD-4761-AAC7-6E6C3460AA80}] => (Allow) e:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{FCF624BE-E009-488D-8724-6174D6AD4005}] => (Allow) e:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9A3EE5DD-BCE0-45E8-9C6D-B6582EEE05D6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{91FEB8B2-BE2B-4EF2-AD31-A33176427B11}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{6780B160-6B48-4605-9A80-BD1F3D7B92F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2B944E53-7F5C-4FF0-911F-CC23511F854F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5D4665AD-A8D1-436A-9966-7232B82989EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E73AAC36-0B6E-4DF3-A5E8-2F9AF5EE5DAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD027141-0A97-4D6B-9949-E69B4ABD99ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1ABC03F-3476-426A-A57D-2EF950C08926}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9B306C8-AD93-4C82-AAC9-BADD9BF36DC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F3F99E84-2409-43C6-85B1-947397CA52F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{157430A0-AE41-4A82-BD56-3594345E3EFB}] => (Allow) E:\Games\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{828C11DA-E07D-4FE3-BC71-6307BA474C06}] => (Allow) E:\Games\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{4CF7F038-3F7A-4E09-9B03-3ECFEFF0A9BE}] => (Allow) E:\Games\Steam\steamapps\common\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{41730FE3-2135-4ACF-A4CE-1358139DE835}] => (Allow) E:\Games\Steam\steamapps\common\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{EB8866D5-F7EC-4EB8-AC3F-815DC6B608DC}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{FD83032A-CF06-481E-81EF-483068983C5C}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A0AF11E0-CE1A-46E3-9228-A96563A78E98}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{09585749-B394-4856-8021-865A82E383DF}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{0DFFB94D-C9AF-4408-8B06-7B66A341D3F2}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A9D91CFD-A5AA-45AB-A278-5A8840C18645}] => (Allow) C:\Users\PC1\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{DC2CB359-7193-498E-9CA1-23E119EDA266}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{01C741DB-FC3F-4AE9-A2EC-AD83BBE695F8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6906E0A9-1C40-45D1-BF79-1D40489E3652}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

24-05-2020 01:16:42 Driver Booster : Radeon RX 570 Series
02-06-2020 10:39:33 Scheduled Checkpoint
10-06-2020 21:18:01 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/13/2020 06:11:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Mafia II Definitive Edition.exe, verzia: 1.0.0.1, časová značka: 0x5ec255fb
Názov chybujúceho modulu: Mafia II Definitive Edition.exe, verzia: 1.0.0.1, časová značka: 0x5ec255fb
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000a60987
Identifikácia chybujúceho procesu: 0x34b0
Čas spustenia chybujúcej aplikácie: 0x01d6419d31b0a52c
Cesta chybujúcej aplikácie: E:\Games\Mafia II - Definitive Edition\pc\Mafia II Definitive Edition.exe
Cesta chybujúceho modulu: E:\Games\Mafia II - Definitive Edition\pc\Mafia II Definitive Edition.exe
Identifikácia hlásenia: efedfbca-a6f2-40b8-90c4-314aa5386a23
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/13/2020 06:10:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Mafia II Definitive Edition.exe, verzia: 1.0.0.1, časová značka: 0x5ec255fb
Názov chybujúceho modulu: Mafia II Definitive Edition.exe, verzia: 1.0.0.1, časová značka: 0x5ec255fb
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000a60987
Identifikácia chybujúceho procesu: 0x35a4
Čas spustenia chybujúcej aplikácie: 0x01d6419bcb4bc1e9
Cesta chybujúcej aplikácie: E:\Games\Mafia II - Definitive Edition\pc\Mafia II Definitive Edition.exe
Cesta chybujúceho modulu: E:\Games\Mafia II - Definitive Edition\pc\Mafia II Definitive Edition.exe
Identifikácia hlásenia: 29664231-5d33-482d-ac36-a17d25096fb6
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/13/2020 04:08:32 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-NORVJE6)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).

Error: (06/03/2020 12:44:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Mafia II Definitive Edition.exe, verzia: 1.0.0.1, časová značka: 0x5ec255fb
Názov chybujúceho modulu: M2DEScriptHook.dll, verzia: 0.0.0.0, časová značka: 0x5ec449cb
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001e960
Identifikácia chybujúceho procesu: 0x70fc
Čas spustenia chybujúcej aplikácie: 0x01d6398fe35f15ae
Cesta chybujúcej aplikácie: E:\Games\Mafia II - Definitive Edition\pc\Mafia II Definitive Edition.exe
Cesta chybujúceho modulu: E:\Games\Mafia II - Definitive Edition\pc\M2DEScriptHook.dll
Identifikácia hlásenia: 3f60a24c-d5a7-429c-8e49-e10fcfd1035a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (05/24/2020 10:16:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Mafia II Definitive Edition.exe, verzia: 1.0.0.1, časová značka: 0x5ec255fb
Názov chybujúceho modulu: Mafia II Definitive Edition.exe, verzia: 1.0.0.1, časová značka: 0x5ec255fb
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000126048
Identifikácia chybujúceho procesu: 0x3a1c
Čas spustenia chybujúcej aplikácie: 0x01d631a35b417861
Cesta chybujúcej aplikácie: E:\Games\Mafia II - Definitive Edition\pc\Mafia II Definitive Edition.exe
Cesta chybujúceho modulu: E:\Games\Mafia II - Definitive Edition\pc\Mafia II Definitive Edition.exe
Identifikácia hlásenia: 04ece387-4cfa-47a9-90ef-dd7484ceaa01
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (05/24/2020 01:25:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: EpicGamesLauncher.exe, verzia: 10.16.1.0, časová značka: 0x5ec2e62e
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.18362.815, časová značka: 0xb89efff3
Kód výnimky: 0xc000041d
Odstup chyby: 0x000000000003a799
Identifikácia chybujúceho procesu: 0x5844
Čas spustenia chybujúcej aplikácie: 0x01d630f49e88ba1b
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
Cesta chybujúceho modulu: C:\Windows\System32\KERNELBASE.dll
Identifikácia hlásenia: c83ee29d-bbef-4ee6-a15c-b6fcf7166e53
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (05/24/2020 01:25:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: EpicGamesLauncher.exe, verzia: 10.16.1.0, časová značka: 0x5ec2e62e
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.18362.815, časová značka: 0xb89efff3
Kód výnimky: 0x00004000
Odstup chyby: 0x000000000003a799
Identifikácia chybujúceho procesu: 0x5844
Čas spustenia chybujúcej aplikácie: 0x01d630f49e88ba1b
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
Cesta chybujúceho modulu: C:\Windows\System32\KERNELBASE.dll
Identifikácia hlásenia: 2cced82c-75ef-437c-b413-3c13ca229378
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (05/23/2020 08:28:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Mafia II Definitive Edition.exe, verzia: 1.0.0.1, časová značka: 0x5ec255fb
Názov chybujúceho modulu: Mafia II Definitive Edition.exe, verzia: 1.0.0.1, časová značka: 0x5ec255fb
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000126196
Identifikácia chybujúceho procesu: 0x3720
Čas spustenia chybujúcej aplikácie: 0x01d6312d857dcd64
Cesta chybujúcej aplikácie: E:\Games\Mafia II - Definitive Edition\pc\Mafia II Definitive Edition.exe
Cesta chybujúceho modulu: E:\Games\Mafia II - Definitive Edition\pc\Mafia II Definitive Edition.exe
Identifikácia hlásenia: 594ac7b7-8d51-4c3c-89d2-e5a85ddc1b53
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (06/18/2020 11:50:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9MV0B5HZVK9Z-Microsoft.GamingApp.

Error: (06/15/2020 05:22:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (06/14/2020 08:44:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (06/14/2020 12:51:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (06/13/2020 07:35:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NORVJE6)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (06/13/2020 04:07:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adguard Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/12/2020 11:59:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (06/10/2020 09:21:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.


Windows Defender:
===================================
Date: 2020-06-13 10:03:47.133
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:Win32/CrackSearch
ID: 2147730914
Severity: Vysoká
Category: Nástroj
Path: file:_E:\Games\Assassin's Creed - Odyssey\dbdata.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: E:\Games\Assassin's Creed - Odyssey\ACOdyssey.exe
Security intelligence Version: AV: 1.317.1232.0, AS: 1.317.1232.0, NIS: 1.317.1232.0
Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2

Date: 2020-06-10 21:48:00.953
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {CD7FDD36-0D04-49A1-8CE6-3C28CE2BCBE1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-06-02 19:40:19.579
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:Win32/CrackSearch
ID: 2147730914
Severity: Vysoká
Category: Nástroj
Path: file:_E:\Games\Assassin's Creed - Odyssey\dbdata.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: E:\Games\Assassin's Creed - Odyssey\ACOdyssey.exe
Security intelligence Version: AV: 1.317.452.0, AS: 1.317.452.0, NIS: 1.317.452.0
Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2

Date: 2020-05-09 14:38:51.706
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Users\PC1\Desktop\adguardmagic.exe; systemfilecachefile:_c:\windows\system32\drivers\etc\hosts; systemfilecachefile:_c:\windows\system32\drivers\etc\hosts:14399253803478409869
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.315.315.0, AS: 1.315.315.0, NIS: 1.315.315.0
Engine Version: AM: 1.1.17000.7, NIS: 1.1.17000.7

Date: 2020-05-09 14:38:51.330
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Users\PC1\Desktop\adguardmagic.exe; systemfilecachefile:_c:\windows\system32\drivers\etc\hosts:14399253803478409869
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.315.315.0, AS: 1.315.315.0, NIS: 1.315.315.0
Engine Version: AM: 1.1.17000.7, NIS: 1.1.17000.7

Date: 2020-06-10 21:27:32.007
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.832.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2.L0 01/22/2019
Motherboard: MSI B350M GAMING PRO (MS-7A39)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 30%
Total physical RAM: 16335.14 MB
Available physical RAM: 11411.39 MB
Total Virtual: 18767.14 MB
Available Virtual: 10778.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.58 GB) (Free:55.26 GB) NTFS
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:225.31 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Nové) (CDROM) (Total:43.93 GB) (Free:0 GB) UDF
Drive h: (Mafia III Definitive Edition) (CDROM) (Total:55.68 GB) (Free:0 GB) UDF


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D0D77719)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 33D4E0CA)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Poprosím preventívku

#8 Příspěvek od Conder »

:arrow: Otazka - trvas na pouzivani programov od IObit (Driver Booster, Advanced SystemCare, atd...)? :???: Ako som upozornoval aj v predchadzajucom prispevku, tieto programy su nespolahlive smejdy a ich pouzivanie moze sposobit rozne problemy alebo aj poskodenie systemu...

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {283cab94-2c81-11ea-925c-309c239b7301} - "F:\setup_the_witcher_3_wild_hunt_goty_1.31_(a)_(9709).exe" 
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {9ac74462-ab51-11ea-9278-309c239b7301} - "H:\setup.exe" 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {138965F3-786A-4B33-BD67-D621B4EA35E7} - System32\Tasks\Software Updater SkipUAC(PC1) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4526352 2020-05-07] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {1A4A1B7C-ED0F-4703-93ED-3D4D35F8161F} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\Scheduler.exe [149776 2020-06-08] (IObit Information Technology -> IObit)
Task: {2A1151BF-4DFB-46B8-B402-A2BB6C88A023} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1788688 2020-03-12] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {55C0DA28-EE27-494F-8385-3E738FC3BBBA} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4526352 2020-05-07] (IObit Information Technology -> IObit)
Task: {6ACF82E7-3AEE-4486-B570-B0D89394D7FE} - System32\Tasks\Driver Booster SkipUAC (PC1) => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\DriverBooster.exe [7941392 2020-06-08] (IObit Information Technology -> IObit)
Task: {84EBDA34-B6D3-4EFB-A509-689EE6DE6AF8} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\AutoUpdate.exe [2369808 2020-06-08] (IObit Information Technology -> IObit)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 atillk64; \??\C:\Users\PC1\AppData\Local\Temp\LiveUpdateAPI\AGT\atillk64.sys [X] <==== ATTENTION
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys [X]
AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
AlternateDataStreams: C:\Windows\System32:tdsrset_i.gfc [5846]
FirewallRules: [TCP Query User{E94CEAD2-A92D-48D6-870E-6A5074D59089}E:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{A5EF453F-FB33-490E-8F12-5359245B49BC}E:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{30A53DBA-5AAA-4936-8732-B35A701D6368}E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe] => (Block) E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe => No File
FirewallRules: [UDP Query User{BDB7602D-DC67-4E70-BEDB-57F99073C460}E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe] => (Block) E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe => No File

EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím preventívku

#9 Příspěvek od PureHate44 »

Programy od Iobit odinštalované :-)

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-06-2020
Ran by PC1 (21-06-2020 08:23:04) Run:2
Running from C:\Users\PC1\Desktop
Loaded Profiles: PC1
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {283cab94-2c81-11ea-925c-309c239b7301} - "F:\setup_the_witcher_3_wild_hunt_goty_1.31_(a)_(9709).exe"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {9ac74462-ab51-11ea-9278-309c239b7301} - "H:\setup.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {138965F3-786A-4B33-BD67-D621B4EA35E7} - System32\Tasks\Software Updater SkipUAC(PC1) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4526352 2020-05-07] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {1A4A1B7C-ED0F-4703-93ED-3D4D35F8161F} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\Scheduler.exe [149776 2020-06-08] (IObit Information Technology -> IObit)
Task: {2A1151BF-4DFB-46B8-B402-A2BB6C88A023} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1788688 2020-03-12] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {55C0DA28-EE27-494F-8385-3E738FC3BBBA} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4526352 2020-05-07] (IObit Information Technology -> IObit)
Task: {6ACF82E7-3AEE-4486-B570-B0D89394D7FE} - System32\Tasks\Driver Booster SkipUAC (PC1) => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\DriverBooster.exe [7941392 2020-06-08] (IObit Information Technology -> IObit)
Task: {84EBDA34-B6D3-4EFB-A509-689EE6DE6AF8} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\AutoUpdate.exe [2369808 2020-06-08] (IObit Information Technology -> IObit)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 atillk64; \??\C:\Users\PC1\AppData\Local\Temp\LiveUpdateAPI\AGT\atillk64.sys [X] <==== ATTENTION
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys [X]
AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
AlternateDataStreams: C:\Windows\System32:tdsrset_i.gfc [5846]
FirewallRules: [TCP Query User{E94CEAD2-A92D-48D6-870E-6A5074D59089}E:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{A5EF453F-FB33-490E-8F12-5359245B49BC}E:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{30A53DBA-5AAA-4936-8732-B35A701D6368}E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe] => (Block) E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe => No File
FirewallRules: [UDP Query User{BDB7602D-DC67-4E70-BEDB-57F99073C460}E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe] => (Block) E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 591
Average :
Sum : 5201493964
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{283cab94-2c81-11ea-925c-309c239b7301} => removed successfully
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ac74462-ab51-11ea-9278-309c239b7301} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{138965F3-786A-4B33-BD67-D621B4EA35E7}" => not found
"C:\Windows\System32\Tasks\Software Updater SkipUAC(PC1)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater SkipUAC(PC1)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A4A1B7C-ED0F-4703-93ED-3D4D35F8161F}" => not found
"C:\Windows\System32\Tasks\Driver Booster Scheduler" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A1151BF-4DFB-46B8-B402-A2BB6C88A023}" => not found
"C:\Windows\System32\Tasks\Software Updater Scheduler" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater Scheduler" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55C0DA28-EE27-494F-8385-3E738FC3BBBA}" => not found
"C:\Windows\System32\Tasks\SU_AutoUpdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SU_AutoUpdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ACF82E7-3AEE-4486-B570-B0D89394D7FE}" => not found
"C:\Windows\System32\Tasks\Driver Booster SkipUAC (PC1)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (PC1)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84EBDA34-B6D3-4EFB-A509-689EE6DE6AF8}" => not found
"C:\Windows\System32\Tasks\Driver Booster Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update" => not found
HKLM\System\CurrentControlSet\Services\AscFileFilter => removed successfully
AscFileFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\AscRegistryFilter => removed successfully
AscRegistryFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\atillk64 => removed successfully
atillk64 => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz145 => removed successfully
cpuz145 => service removed successfully
HKLM\System\CurrentControlSet\Services\iobit_monitor_server => removed successfully
iobit_monitor_server => service removed successfully
C:\Windows\System32 => ":tdsrset.gfc" ADS removed successfully
C:\Windows\System32 => ":tdsrset_i.gfc" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E94CEAD2-A92D-48D6-870E-6A5074D59089}E:\games\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A5EF453F-FB33-490E-8F12-5359245B49BC}E:\games\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30A53DBA-5AAA-4936-8732-B35A701D6368}E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BDB7602D-DC67-4E70-BEDB-57F99073C460}E:\games\max payne 3 - complete edition\max payne 3\maxpayne3.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 77837583 B
Java, Flash, Steam htmlcache => 413592754 B
Windows/system/drivers => 7154310 B
Edge => 37995 B
Chrome => 565422693 B
Firefox => 23113128 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 113984 B
PC1 => 5320654 B

RecycleBin => 5332 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:23:42 ====
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Poprosím preventívku

#10 Příspěvek od Conder »

:arrow: OK, tak este upraceme aj po IObit programoch.

:arrow: Plocha ma cca 4 GB, co je vela. Odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\AllUserName\AppData\Local\IObit
C:\Users\AllUserName\AppData\LocalLow\IObit
C:\Users\AllUserName\AppData\Roaming\IObit
C:\Users\AllUserName\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\AllUserName\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím preventívku

#11 Příspěvek od PureHate44 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-06-2020
Ran by PC1 (27-06-2020 10:11:04) Run:3
Running from C:\Users\PC1\Desktop
Loaded Profiles: PC1
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Default\AppData\Local\IObit
C:\Users\PC1\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\PC1\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\PC1\AppData\Roaming\IObit
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\PC1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\PC1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

EmptyTemp:
End

*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 592
Average :
Sum : 5203780750
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

"C:\Program Files\IObit" => not found
C:\Program Files (x86)\IObit => moved successfully
"C:\Program Files\Common Files\IObit" => not found
C:\ProgramData\IObit => moved successfully
C:\ProgramData\ProductData => moved successfully
"C:\Users\Default\AppData\Local\IObit" => not found
"C:\Users\PC1\AppData\Local\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
C:\Users\PC1\AppData\LocalLow\IObit => moved successfully
"C:\Users\Default\AppData\Roaming\IObit" => not found
C:\Users\PC1\AppData\Roaming\IObit => moved successfully

=========== "C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\PC1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\PC1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========


=========== "C:\Users\PC1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\PC1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Local\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
"C:\Users\Default\AppData\Roaming\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========


=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

"C:\Windows\IObit" => not found
C:\Windows\Tasks\ImCleanDisabled => moved successfully
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17168479 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 5774858 B
Edge => 0 B
Chrome => 369076356 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 2976 B
PC1 => 39628145 B

RecycleBin => 0 B
EmptyTemp: => 420.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:11:33 ====
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Poprosím preventívku

#12 Příspěvek od Conder »

OK, este odporucam upratat tu plochu, ako som pisal. Ako to vyzera s PC? Su nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím preventívku

#13 Příspěvek od PureHate44 »

Zatiaľ žiadne porblémy.....Ďakujem veľmi pekne :-)
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Poprosím preventívku

#14 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Poprosím preventívku

#15 Příspěvek od PureHate44 »

# DelFix v1.013 - Logfile created 02/07/2020 at 07:02:30
# Updated 17/04/2016 by Xplode
# Username : PC1 - DESKTOP-NORVJE6
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\PC1\Downloads\FRST-OlderVersion
Deleted : C:\Users\PC1\Desktop\FRST-OlderVersion
Deleted : C:\Users\PC1\Desktop\Fixlog.txt
Deleted : C:\Users\PC1\Desktop\FRST64 (1).exe
Deleted : C:\Users\PC1\Downloads\Addition.txt
Deleted : C:\Users\PC1\Downloads\adwcleaner_8.0.2.exe
Deleted : C:\Users\PC1\Downloads\adwcleaner_8.0.5.exe
Deleted : C:\Users\PC1\Downloads\Fixlog.txt
Deleted : C:\Users\PC1\Downloads\FRST.txt
Deleted : C:\Users\PC1\Downloads\FRST64.exe
Deleted : C:\Users\PC1\Downloads\RSITx64.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“