Prosim o kontrolu

[d0uble]

Zdravím, prosím o kontrolu PC. Začíná se mi občas sypat obraz, tak jestli je to problém hardwaru nebo nějaký vir. Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-08-2020
Ran by PC (administrator) on PC-STOLNI (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (28-08-2020 18:25:44)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Platform: Windows 10 Pro Version 1909 18363.1016 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe <26>
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2005.23.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-09-20] (Nero AG -> Nero AG)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\PC\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-04-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKLM\...\Windows x64\Print Processors\HP1120PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1120PP.DLL [65024 2012-12-07] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP LJ M1120 MFP LM: C:\WINDOWS\system32\ZLM1120.dll [167424 2012-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs [2020-08-26] () [File not signed]
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02775204-F1C3-4949-B0B8-8FBA7463EFFA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe [1471032 2020-08-18] (Adobe Inc. -> Adobe)
Task: {088CD6EB-082E-4386-BCA0-3C6243BA594B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core1d2583baaa50420 => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {0DF6D448-FD6B-429F-B1AF-D12205A9AA5C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {2043A140-6C62-4493-8392-72F04A8AAD6E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {226C2529-419F-4882-B9F0-3516F43E036C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {28F3FED5-BE24-4DC3-A049-5CC47136D328} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {290D399A-CABA-4915-9326-09E75A56A316} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {49993180-11FB-4961-B8B5-DF4EDD4F2571} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {4D5D2D56-C92A-498D-B959-979EEA397653} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5E6A0E9F-EDA2-4CC3-BF94-418E3FEED8C5} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {66D8C7CF-78B9-4475-9144-61F9657E1AA9} - System32\Tasks\SpeedFan\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [8166536 2016-06-29] (SOKNO S.R.L. -> )
Task: {712BA746-2E2A-4019-B4FA-89C021FFB5DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {71EBD431-7DD9-4469-B458-E0FA953ACF3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {85189E59-5C37-4C42-A357-636E8A908FF0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {9070718C-DE78-402B-85A7-4EEBA21549CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91C60497-6D96-43D4-A233-AD3DC3CB94E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {B12BB15C-E249-4DC3-BA11-60CC70C0134C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {B81014C2-929C-4895-9C45-AD4132F48D84} - System32\Tasks\{66CE6B2C-CE2B-4E51-9196-0D695038B415} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\PC\Desktop\NFS11.exe -d C:\Users\PC\Desktop
Task: {CA922CB7-365F-4C9A-9C2D-056EEC43CE4D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-01-29] (Garmin International, Inc. -> )
Task: {CC43F2E9-67C8-4B64-B4E5-7C628AAEF043} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {D394C887-CE3F-4CD7-8B20-700F30A84B3A} - System32\Tasks\Microsoft\Windows\MemDiag => C:\WINDOWS\system32\mdres.exe [87040 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {D75C4118-D85A-43EF-9348-FDB4C6AF376E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {D77AA762-B8DB-450D-8A8D-04CCE1AB2F1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCCAD6A9-A73E-4EDD-BDF5-3D22018212A8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E17F37FA-0DE1-4A44-9F3C-68E558C4BB16} - System32\Tasks\Core Temp Autostart PC => C:\Program Files\Core Temp\Core Temp.exe [1009984 2020-06-29] (ALCPU -> ALCPU)
Task: {EEF7D7DC-BB2F-4C6E-8690-003BC244563B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA1d2583baaa788d1 => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{859b686b-c2e5-47f5-910c-da7d016e00b5}: [DhcpNameServer] 1.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{e0c8963d-854b-4bab-a41c-55348fa8c41a}: [DhcpNameServer] 1.1.1.1 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-3850399385-1112106150-548709150-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-3850399385-1112106150-548709150-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3850399385-1112106150-548709150-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-28]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-08-28]
CHR Notifications: Profile 2 -> hxxps://www.autodoc.cz; hxxps://www.banggood.com; hxxps://www.dobrestroje.cz; hxxps://www.global-sport.cz; hxxps://www.kupi.cz; hxxps://www.youtube.com
CHR HomePage: Profile 2 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 2 -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-19]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-19]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-19]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-19]
CHR Extension: (Tabulky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-19]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-08-28]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2020-08-28]

Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-06-11]
OPR Extension: (ScriptMonkey) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-06-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd -> Disc Soft Ltd)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG -> Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6149984 2020-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\PC\AppData\Local\Temp\ALSysIO64.sys [47240 2020-08-28] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-18] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 etdrv; C:\WINDOWS\etdrv.sys [25640 2020-03-17] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R1 eusk2par; C:\WINDOWS\system32\Drivers\eusk2par-amd64.sys [42816 2006-12-13] (Eutron -> Eutron)
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2020-07-24] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2020-02-18] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVTDrv64; C:\WINDOWS\GVTDrv64.sys [30528 2020-03-17] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R1 MpKslcae00f94; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{23D1323A-73FB-4D27-A162-8BA6522902A0}\MpKslcae00f94.sys [78056 2020-08-28] (Microsoft Windows -> Microsoft Corporation)
R1 MpKslcdeebbd4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E402C28D-D7D0-40B9-BF7E-2B3902AF2965}\MpKslcdeebbd4.sys [78056 2020-08-28] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2016-07-18] (Acronis International GmbH -> Acronis International GmbH)
S3 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [198432 2016-07-18] (Acronis International GmbH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-28 18:25 - 2020-08-28 18:26 - 000022092 _____ C:\Users\PC\Desktop\FRST.txt
2020-08-28 18:25 - 2020-08-28 18:26 - 000000000 ____D C:\FRST
2020-08-28 18:23 - 2020-08-28 18:23 - 002298368 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2020-08-28 14:46 - 2020-08-28 14:46 - 000658756 _____ C:\WINDOWS\Minidump\082820-5234-01.dmp
2020-08-28 14:44 - 2020-08-28 18:18 - 593185107 _____ C:\WINDOWS\MEMORY.DMP
2020-08-27 10:35 - 2020-08-27 10:35 - 014710053 _____ C:\Users\PC\Downloads\Patofyziologie pro nelékařské směry - Martin Vokurka.pdf
2020-08-27 10:30 - 2020-08-27 10:30 - 006228647 _____ C:\Users\PC\Downloads\vypracované otázky PatFyz podle Necase (1).pdf
2020-08-27 10:30 - 2020-08-27 10:30 - 000013464 _____ C:\Users\PC\Downloads\PFY (2).odt
2020-08-26 19:54 - 2020-08-26 19:54 - 000002757 _____ C:\Users\PC\Desktop\Microsoft Office Word 2007.lnk
2020-08-26 19:54 - 2020-08-26 19:54 - 000002675 _____ C:\Users\PC\Desktop\Microsoft Office Excel 2007.lnk
2020-08-26 19:45 - 2020-08-26 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-08-26 19:44 - 2020-08-26 19:44 - 000000000 ____D C:\WINDOWS\PCHEALTH
2020-08-26 19:44 - 2020-08-26 19:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2020-08-26 19:44 - 2020-08-26 19:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-08-26 19:43 - 2020-08-26 19:43 - 000000000 __RHD C:\MSOCache
2020-08-26 19:43 - 2020-08-26 19:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2020-08-26 18:46 - 2020-08-26 18:46 - 000000085 _____ C:\WINDOWS\wininit.ini
2020-08-26 17:31 - 2020-08-26 17:31 - 000000000 ____D C:\ProgramData\adaware
2020-08-26 17:31 - 2020-08-26 17:31 - 000000000 ____D C:\Program Files\Common Files\adaware
2020-08-26 17:21 - 2020-08-26 17:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2020-08-26 17:21 - 2020-08-26 17:21 - 000000000 ____D C:\Users\PC\AppData\Local\Safer-Networking Ltd
2020-08-26 17:21 - 2020-08-26 17:21 - 000000000 ____D C:\Safer-Networking Ltd
2020-08-26 17:20 - 2020-08-26 19:20 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-08-26 17:08 - 2020-08-26 17:08 - 000000000 ___HD C:\$WinREAgent
2020-08-26 16:53 - 2020-08-26 16:53 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2020-08-26 16:50 - 2020-08-26 19:43 - 000000000 ____D C:\Program Files\Microsoft Office
2020-08-26 16:15 - 2020-08-26 19:26 - 000000000 ____D C:\Users\PC\AppData\Roaming\system32
2020-08-26 16:15 - 2020-08-26 19:26 - 000000000 ____D C:\Users\PC\AppData\Local\system32
2020-08-26 15:23 - 2020-08-28 11:24 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-08-26 15:23 - 2020-08-26 16:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-26 15:23 - 2020-08-26 15:23 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-08-26 15:23 - 2020-08-26 15:23 - 000002124 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-08-26 15:17 - 2020-08-26 19:23 - 000000000 ____D C:\Users\PC\AppData\Local\Javaupdate
2020-08-26 15:17 - 2020-08-26 15:17 - 000000000 ____D C:\Users\PC\AppData\Local\8a49486b
2020-08-26 14:45 - 2020-08-26 14:50 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-08-26 14:12 - 2020-08-28 18:24 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-08-26 14:12 - 2020-08-28 18:24 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-08-26 14:12 - 2020-08-26 14:12 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-08-26 14:05 - 2020-08-17 14:45 - 000044312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_1.dll
2020-08-26 14:05 - 2020-08-17 14:45 - 000027416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_codecvt_ids.dll
2020-08-25 20:25 - 2020-08-25 20:25 - 000061351 _____ C:\Users\PC\Downloads\Informace o vyplate pojistneho plneni za dobu nezbytneho leceni (2).zip
2020-08-25 09:39 - 2020-08-25 09:46 - 1639313456 _____ C:\Users\PC\Downloads\Hura_do_Afriky_-anim.pohadka cz.avi
2020-08-21 11:36 - 2020-08-21 11:37 - 000000000 ____D C:\Users\PC\Documents\Notruf 112
2020-08-21 11:36 - 2020-08-21 11:36 - 000000000 ____D C:\Users\PC\Documents\SkidRow
2020-08-21 11:36 - 2020-08-21 11:36 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Aerosoft
2020-08-21 10:37 - 2020-08-21 10:37 - 000000000 ____D C:\Users\PC\AppData\Roaming\Promotion Software GmbH
2020-08-15 08:08 - 2020-08-15 08:08 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003984896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-15 08:08 - 2020-08-15 08:08 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-15 08:08 - 2020-08-15 08:08 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-15 08:08 - 2020-08-15 08:08 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-15 08:08 - 2020-08-15 08:08 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-15 08:08 - 2020-08-15 08:08 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-15 08:08 - 2020-08-15 08:08 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-15 08:08 - 2020-08-15 08:08 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-15 08:08 - 2020-08-15 08:08 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-15 08:08 - 2020-08-15 08:08 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-15 08:08 - 2020-08-15 08:08 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-15 08:08 - 2020-08-15 08:08 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-15 08:08 - 2020-08-15 08:08 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-15 08:08 - 2020-08-15 08:08 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-15 08:08 - 2020-08-15 08:08 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000275256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-15 08:08 - 2020-08-15 08:08 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-15 08:08 - 2020-08-15 08:08 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-15 08:08 - 2020-08-15 08:08 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-15 08:08 - 2020-08-15 08:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-15 08:07 - 2020-08-15 08:07 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-15 08:03 - 2020-08-15 08:03 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-15 08:03 - 2020-08-15 08:03 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-07-31 09:01 - 2020-07-31 09:01 - 000164796 _____ C:\Users\PC\Downloads\Vypis_z_uctu_0-385074173_z_20180630.pdf
2020-07-31 09:00 - 2020-07-31 09:00 - 000185644 _____ C:\Users\PC\Downloads\Vypis_z_uctu_0-385074173_z_20180531.pdf
2020-07-31 09:00 - 2020-07-31 09:00 - 000175651 _____ C:\Users\PC\Downloads\Vypis_z_uctu_0-385074173_z_20180430.pdf
2020-07-31 09:00 - 2020-07-31 09:00 - 000174253 _____ C:\Users\PC\Downloads\Vypis_z_uctu_0-385074173_z_20180228.pdf
2020-07-31 08:59 - 2020-07-31 08:59 - 000185013 _____ C:\Users\PC\Downloads\Vypis_z_uctu_0-385074173_z_20180331.pdf
2020-07-31 08:54 - 2020-07-31 08:54 - 000226621 _____ C:\Users\PC\Downloads\Vypis_z_uctu_0-385074173_z_20190228.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-28 18:24 - 2020-01-27 19:24 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-28 18:24 - 2019-03-19 13:57 - 001475408 _____ C:\WINDOWS\system32\perfh005.dat
2020-08-28 18:24 - 2019-03-19 13:57 - 000379216 _____ C:\WINDOWS\system32\perfc005.dat
2020-08-28 18:19 - 2020-03-17 22:38 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-08-28 18:18 - 2020-02-18 17:04 - 000000000 ____D C:\WINDOWS\Minidump
2020-08-28 18:18 - 2020-01-27 19:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-28 18:18 - 2020-01-27 19:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-28 18:18 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-28 18:18 - 2017-06-15 11:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-08-28 14:59 - 2020-01-27 19:23 - 000003124 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2020-08-28 14:50 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-08-28 14:50 - 2016-07-18 17:28 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-08-28 14:48 - 2020-01-27 19:18 - 000000000 ____D C:\Users\PC
2020-08-28 14:45 - 2020-01-27 19:14 - 000537368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-28 11:47 - 2016-07-19 17:36 - 000002446 _____ C:\Users\PC\Desktop\Google Chrome.lnk
2020-08-28 11:47 - 2016-07-18 16:44 - 000002483 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-08-28 07:09 - 2020-06-12 08:38 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 07:09 - 2020-06-12 08:38 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-27 10:33 - 2020-06-15 10:00 - 000001987 _____ C:\Users\PC\Desktop\DOSBox 0.74.lnk
2020-08-27 10:33 - 2020-06-15 10:00 - 000001963 _____ C:\Users\PC\Desktop\Garmin Express.lnk
2020-08-27 10:33 - 2020-06-15 10:00 - 000001858 _____ C:\Users\PC\Desktop\DAEMON Tools Lite.lnk
2020-08-27 10:33 - 2020-06-15 10:00 - 000001782 _____ C:\Users\PC\Desktop\CPUID CPU-Z.lnk
2020-08-27 10:33 - 2020-06-15 10:00 - 000001402 _____ C:\Users\PC\Desktop\Acronis True Image 2014.lnk
2020-08-27 10:33 - 2020-06-15 10:00 - 000001238 _____ C:\Users\PC\Desktop\LPGTECH Gas Setting 2.0.lnk
2020-08-27 10:33 - 2020-06-15 10:00 - 000001069 _____ C:\Users\PC\Desktop\CPUID HWMonitor.lnk
2020-08-27 10:33 - 2020-06-15 10:00 - 000001060 _____ C:\Users\PC\Desktop\HiSuite.lnk
2020-08-27 10:33 - 2020-06-15 10:00 - 000001036 _____ C:\Users\PC\Desktop\WinRAR.lnk
2020-08-27 10:33 - 2020-06-15 10:00 - 000000960 _____ C:\Users\PC\Desktop\VLC media player.lnk
2020-08-27 10:33 - 2020-04-22 09:49 - 000002341 _____ C:\Users\PC\Desktop\Microsoft Teams.lnk
2020-08-27 10:33 - 2020-03-17 22:38 - 000001076 _____ C:\Users\PC\Desktop\SpeedFan.lnk
2020-08-27 10:33 - 2020-01-22 19:02 - 000001248 _____ C:\Users\PC\Desktop\AIDA64 Extreme.lnk
2020-08-27 10:33 - 2019-09-26 18:05 - 000002041 _____ C:\Users\PC\Desktop\DVD Decrypter.lnk
2020-08-27 10:33 - 2018-01-01 15:39 - 000001249 _____ C:\Users\PC\Desktop\MioMore Desktop 7.50.lnk
2020-08-27 10:33 - 2017-07-04 13:47 - 000002689 _____ C:\Users\PC\Desktop\Nero Burning ROM.lnk
2020-08-27 10:33 - 2016-07-19 19:02 - 000001859 _____ C:\Users\PC\Desktop\NFS14 – zástupce.lnk
2020-08-27 10:33 - 2016-07-19 17:21 - 000001954 _____ C:\Users\PC\Desktop\NFS11 – zástupce.lnk
2020-08-27 10:33 - 2016-07-18 17:28 - 000001155 _____ C:\Users\PC\Desktop\MSI Afterburner.lnk
2020-08-27 10:33 - 2016-07-18 16:32 - 000000993 _____ C:\Users\PC\Desktop\Core Temp.lnk
2020-08-27 10:11 - 2016-09-16 07:56 - 000000000 ___RD C:\Users\PC\Documents\Scanned Documents
2020-08-26 20:11 - 2016-07-18 19:16 - 000000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2020-08-26 19:44 - 2020-01-27 18:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-08-26 19:44 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-08-26 19:44 - 2016-07-18 20:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-08-26 19:44 - 2016-04-27 08:34 - 000000000 ____D C:\WINDOWS\ShellNew
2020-08-26 19:43 - 2015-10-30 09:24 - 000000167 _____ C:\WINDOWS\win.ini
2020-08-26 19:39 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-08-26 19:34 - 2017-12-10 16:49 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2020-08-26 19:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-26 19:29 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-08-26 18:46 - 2018-06-11 17:15 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-08-26 15:24 - 2016-07-18 20:42 - 000000000 ____D C:\Users\PC\AppData\Local\Adobe
2020-08-26 15:22 - 2016-07-18 20:43 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-08-26 15:18 - 2016-07-18 16:21 - 000000000 ____D C:\Users\PC\AppData\Roaming\Adobe
2020-08-26 15:03 - 2018-10-10 17:25 - 000000000 ____D C:\Users\PC\AppData\Local\Downloaded Installations
2020-08-26 15:01 - 2016-07-18 20:43 - 000000000 ____D C:\ProgramData\Adobe
2020-08-26 14:59 - 2020-01-27 19:23 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-08-26 14:24 - 2017-06-28 16:29 - 000000000 ____D C:\Program Files\Nitro
2020-08-26 13:47 - 2016-07-18 20:49 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2020-08-26 13:35 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-23 11:19 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-22 09:42 - 2020-06-12 08:38 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-21 11:03 - 2016-07-30 16:04 - 000000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2020-08-19 17:33 - 2020-01-27 19:23 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3850399385-1112106150-548709150-1001
2020-08-19 17:33 - 2020-01-27 19:18 - 000002352 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-19 17:33 - 2016-07-18 16:23 - 000000000 ___RD C:\Users\PC\OneDrive
2020-08-18 10:29 - 2020-01-27 19:23 - 000004648 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-08-18 10:29 - 2019-03-19 06:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-08-18 10:29 - 2019-03-19 06:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-08-18 10:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-08-18 10:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-08-17 14:45 - 2018-07-06 00:49 - 000618264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2020-08-17 14:45 - 2018-07-06 00:49 - 000366360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2020-08-17 14:45 - 2018-07-06 00:49 - 000333592 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2020-08-17 14:45 - 2018-07-06 00:49 - 000203544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_2.dll
2020-08-17 14:45 - 2018-07-06 00:49 - 000089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2020-08-17 14:45 - 2018-07-06 00:49 - 000031512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_1.dll
2020-08-15 08:45 - 2017-12-10 16:55 - 000000000 ___RD C:\Users\PC\3D Objects
2020-08-15 08:45 - 2016-04-27 09:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-15 08:29 - 2019-03-19 13:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-15 08:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-15 08:29 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-08-15 08:08 - 2012-01-20 14:28 - 000410820 __RSH C:\bootmgr
2020-08-10 14:05 - 2020-06-13 20:04 - 000000000 ____D C:\Users\PC\Desktop\verča skola
2020-08-09 13:13 - 2016-07-18 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2020-08-09 13:13 - 2016-07-18 16:32 - 000000000 ____D C:\Program Files\Core Temp
2020-08-08 14:58 - 2020-07-20 15:31 - 000000823 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-08 14:58 - 2020-07-20 15:31 - 000000823 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-08-05 13:56 - 2018-02-16 15:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2019-05-05 12:16 - 2019-11-19 18:46 - 000023552 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-26 14:45 - 2020-08-26 14:45 - 000000000 _____ () C:\Users\PC\AppData\Local\oobelibMkey.log
2016-07-30 16:47 - 2020-05-07 17:38 - 000007593 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2018-06-11 13:04 - 2018-06-11 13:04 - 000000002 _____ () C:\Users\PC\AppData\Local\WMI.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-08-2020
Ran by PC (28-08-2020 18:27:03)
Running from C:\Users\PC\Desktop
Windows 10 Pro Version 1909 18363.1016 (X64) (2020-01-27 17:24:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3850399385-1112106150-548709150-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3850399385-1112106150-548709150-503 - Limited - Disabled)
Guest (S-1-5-21-3850399385-1112106150-548709150-501 - Limited - Disabled)
PC (S-1-5-21-3850399385-1112106150-548709150-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-3850399385-1112106150-548709150-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.414 - Adobe)
AIDA64 Extreme v6.20 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.20 - FinalWire Ltd.)
ANT Drivers Installer x64 (HKLM\...\{6AA82A23-ABAE-4E28-9476-4DF72E67EFE3}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
Core Temp 1.16 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.16 - ALCPU)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
EA Download Manager (HKLM-x32\...\EA Download Manager) (Version: 6.0.4.124 - Electronic Arts, Inc.)
EA Download Manager UI (HKLM-x32\...\{E17141A6-211D-5854-61D9-69827A430D82}) (Version: 6.0.4 - Electronic Arts) Hidden
EA Download Manager UI (HKLM-x32\...\com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 6.0.4.124 - Electronic Arts)
Elevated Installer (HKLM-x32\...\{880D2C38-2835-4328-A11C-32DB9EAE6EA1}) (Version: 6.20.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{052d79d0-16af-4138-9d84-9f1605c2a26b}) (Version: 6.20.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{7C71E35F-9E7D-4B53-909D-6505C3B6689C}) (Version: 6.20.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Google Chrome) (Version: 85.0.4183.83 - Google LLC)
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1202.1 - GIGABYTE)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.14.49.15 - HP Inc.)
LEGO STAR WARS The Force Awakens (HKLM-x32\...\LEGO STAR WARS The Force Awakens_is1) (Version: - )
LPGTECH Gas Setting 2.0 (HKLM-x32\...\{9E680F62-635A-49E7-BDFE-1D12A4EF0BAE}_is1) (Version: 2.0 - LPGTECH)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Teams) (Version: 1.3.00.8663 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
MioMore Desktop 7.50 (HKLM-x32\...\{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50) (Version: 7.50.0112.135 - Mio Technology)
MRP Aktualizační manažer (HKLM-x32\...\MRP NetAgent CZ_is1) (Version: 2.3.33 - MRP)
MRP Daňová evidence + sklad (HKLM-x32\...\MRP Danova evidence_is1) (Version: 8.40.1020 - MRP)
MRP Základ vizuálního systému (HKLM-x32\...\MRP Zaklad) (Version: - )
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.3.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{6F8A555E-F2E1-415D-AD8A-67C0A7671029}) (Version: 8.10.27 - Nero AG)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
RC Desk Pilot 0.2.2 (HKLM\...\{DFFD7D4F-6C61-402D-8D16-72B8AC33FE5A}_is1) (Version: - rcdeskpilot.com)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\PC\AppData\Local\Google\Chrome\Application\85.0.4183.83\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-09-24] (Nero AG -> Nero AG)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\aa4b53adde6bfb3d\Google Chrome.lnk -> C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\56292fd72b436a45\Google Chrome.lnk -> C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2019-10-26 13:04 - 2019-10-26 13:04 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-10-26 13:03 - 2019-10-26 13:03 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-10-26 13:04 - 2019-10-26 13:04 - 000650240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-10-26 13:03 - 2019-10-26 13:03 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-10-26 13:03 - 2019-10-26 13:03 - 000369664 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2020-04-19 20:23 - 2020-08-28 18:19 - 000192512 _____ () [File not signed] C:\Users\PC\AppData\Local\Temp\sfamcc00001.dll
2020-08-28 18:19 - 2020-08-28 18:19 - 000158720 _____ () [File not signed] C:\Users\PC\AppData\Local\Temp\sfareca00001.dll
2020-02-18 19:54 - 2018-03-24 01:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2020-02-18 19:55 - 2018-03-24 01:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [514]
AlternateDataStreams: C:\Users\PC\Local Settings:26-08-2020 [42035]
AlternateDataStreams: C:\Users\PC\Desktop\ukonceni mgr.jpeg:3or4kl4x13tuuug3Byamue2s4b [85]
AlternateDataStreams: C:\Users\PC\Desktop\ukonceni mgr.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\PC\AppData\Local:26-08-2020 [42035]
AlternateDataStreams: C:\Users\PC\AppData\Local\Application Data:26-08-2020 [42035]
AlternateDataStreams: C:\Users\PC\AppData\Local\Data aplikací:26-08-2020 [42035]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\sharepoint.com -> hxxps://tnuni-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2020-08-26 14:07 - 000001041 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3850399385-1112106150-548709150-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\img0.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "NBKeyScan"
HKLM\...\StartupApproved\Run32: => "Nitro System Tray"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\StartupFolder: => "desktop.ilt.lnk"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\StartupFolder: => "desktop.ini.lnk"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\StartupFolder: => "igfx.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "Java"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{DD9CE97C-90EA-43A9-B369-80F68910B182}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Block) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{898C657F-A869-40BC-84D6-A0745CACB8A4}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Block) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{430EF56C-7890-4D2F-B3DF-EE2EE4E42FB6}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{EBFC0084-699A-4D91-8438-02F21AD3D2BF}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{858A24BF-03D9-4FC0-AD1B-37C60285207C}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{CA43811C-A26B-4050-8AB5-747707130AB1}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{74E0A551-D93D-48C0-99EB-08B6D6EE68BE}C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe] => (Block) C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{405FA191-FED3-40ED-860E-16967F9B8505}C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe] => (Block) C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe (Electronic Arts) [File not signed]
FirewallRules: [{8F244BD2-F135-4922-90CC-F916E4634603}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{8339096A-00D6-4C43-810A-788A331F6E95}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{A6425305-9507-4F14-99BD-EC02A64D8BCA}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]

==================== Restore Points =========================

09-08-2020 12:25:04 Naplánovaný kontrolní bod
15-08-2020 08:03:08 Windows Update
25-08-2020 20:43:04 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/28/2020 06:24:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (08/28/2020 06:24:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (08/28/2020 06:24:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (08/28/2020 06:23:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4928,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/28/2020 02:54:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4640,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/28/2020 02:53:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (08/28/2020 02:53:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (08/28/2020 02:53:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (08/28/2020 06:23:26 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (08/28/2020 06:18:54 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x00000119 (0x0000000000000005, 0xffffe287934c6000, 0xffffe28793563260, 0x0000000000001f23). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: 00000000-0000-0000-0000-000000000000

Error: (08/28/2020 06:18:54 PM) (Source: BugCheck) (EventID: 1005) (User: )
Description: Ze souboru úplného výpisu nelze vytvořit soubor s minimálním výpisem.

Error: (08/28/2020 06:18:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:58:48, ‎28.‎08.‎2020) bylo neočekávané.

Error: (08/28/2020 02:49:01 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13

Error: (08/28/2020 02:49:01 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13

Error: (08/28/2020 02:49:01 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13

Error: (08/28/2020 02:49:01 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13


Windows Defender:
===================================
Date: 2020-08-28 12:38:42.470
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {21C117C6-0E08-4290-8E27-3947D96242C6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-08-26 19:30:53.268
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:BAT/AutoKMS
ID: 2147739951
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\PC\AppData\Local\Temp\Office2019kms.cmd
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.321.2236.0, AS: 1.321.2236.0, NIS: 1.321.2236.0
Verze modulu: AM: 1.1.17300.4, NIS: 1.1.17300.4

Date: 2020-08-26 19:26:41.962
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:MSIL/Bladabindi
ID: 2147678468
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igfx.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
Verze bezpečnostních informací: AV: 1.321.2236.0, AS: 1.321.2236.0, NIS: 1.321.2236.0
Verze modulu: AM: 1.1.17300.4, NIS: 1.1.17300.4

Date: 2020-08-26 19:26:41.847
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:MSIL/Bladabindi
ID: 2147678468
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igfx.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
Verze bezpečnostních informací: AV: 1.321.2236.0, AS: 1.321.2236.0, NIS: 1.321.2236.0
Verze modulu: AM: 1.1.17300.4, NIS: 1.1.17300.4

Date: 2020-08-26 19:26:41.673
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:MSIL/Bladabindi
ID: 2147678468
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\PC\AppData\Local\system32\shost.exe; file:_C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ilt.lnk; file:_C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igfx.exe; startup:_C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ilt.lnk; startup:_C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igfx.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: PC-STOLNI\PC
Název procesu: C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
Verze bezpečnostních informací: AV: 1.321.2236.0, AS: 1.321.2236.0, NIS: 1.321.2236.0
Verze modulu: AM: 1.1.17300.4, NIS: 1.1.17300.4

Date: 2020-08-28 18:18:55.651
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2020-08-26 14:06:10.671
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.2227.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-08-26 17:28:42.431
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-26 17:21:12.499
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-08-26 17:21:03.738
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-08-26 14:15:21.330
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.

Date: 2020-08-26 14:11:19.925
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-08-26 14:05:33.374
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.

Date: 2020-08-26 14:05:33.367
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.

Date: 2020-08-26 14:05:33.238
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\spool\drivers\x64\3\ADUIGP.DLL that did not meet the Unchecked signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. U1f 03/08/2013
Motherboard: Gigabyte Technology Co., Ltd. Z68X-UD3P-B3
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 17%
Total physical RAM: 16341.83 MB
Available physical RAM: 13514.14 MB
Total Virtual: 18773.83 MB
Available Virtual: 15881.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.18 GB) (Free:224.79 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{337783d8-0000-0000-0000-a08b6f000000}\ () (Fixed) (Total:0.5 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 337783D8)
Partition 1: (Active) - (Size=446.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=516 MB) - (Type=27)

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[d0uble]

Omlouvám se za Váš čas, ale momentálně po dnešní aktualizaci windows se mi rozsypal obraz natolik, že je PC nepoužitelný. Takže to bude nejspíš hardware problém - nejdou nainstalovat ovladače grafické karty.

[Rudy]

OK.