modrá smrt 0x10000007e,
Dump report:
PROCESS_NAME: ntoskrnl.wrong.symbols.exe
MODULE_NAME: nt_wrong_symbols
IMAGE_NAME: ntoskrnl.wrong.symbols.exe
Provedena kontrola memtest, paměti bez chyb.
Provedena kontrola s ESET on line scanner, Avast, adwcleaner_8.0.7.exe, havěť nezjištěna...
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2020
Ran by WIN10-J (03-09-2020 13:32:39)
Running from D:\Zdroje\!Servis PC\RSIT_Skenovací report na viry
Windows 10 Home Version 1909 18363.1016 (X64) (2020-05-11 11:37:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1166155930-2696877368-3214738172-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1166155930-2696877368-3214738172-503 - Limited - Disabled)
Guest (S-1-5-21-1166155930-2696877368-3214738172-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1166155930-2696877368-3214738172-504 - Limited - Disabled)
WIN10-J (S-1-5-21-1166155930-2696877368-3214738172-1001 - Administrator - Enabled) => C:\Users\ohil
___VMware_Conv_SA___ (S-1-5-21-1166155930-2696877368-3214738172-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 10 Corporate Edition (HKLM-x32\...\{F1000000-0001-0000-0000-074957833700}) (Version: 10.00.221.7212 - ABBYY)
AceThinker Video Master V4.8.2 (HKLM-x32\...\{CDD36B59-DF4F-4401-92FF-0FF8417CDF4C}_is1) (Version: 4.8.2 - AceThinker)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1) (Version: 19.1 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
All My Movies 4.9 GAOTD (HKLM-x32\...\{DEE77D4F-249F-46DF-8176-4BC4822D68AD}_is1) (Version: - Bolide Software)
Ashampoo Burning Studio 2019 (HKLM-x32\...\{91B33C97-293D-A984-2057-76661C44CB0E}_is1) (Version: 1.20.0 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 16 (HKLM-x32\...\{4209F371-C47A-1204-F2BA-6FD6E5BB1B50}_is1) (Version: 16.00.21 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
ConvertXtoDVD 4.1.11.351 (HKLM-x32\...\ConvertXtoDVD Retail Dimitry_is1) (Version: 4.1.11.351 - )
CyberPower PowerPanel Personal Edition 1.6.2 (HKLM-x32\...\{101D30B6-3F53-4CFA-9BFA-913BE993E567}) (Version: 1.6.2 - Cyber Power Systems, Inc.)
FastCopy (HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\...\FastCopy) (Version: 3.90 - H.Shirouzu)
FreeFileSync 10.24 (HKLM-x32\...\FreeFileSync_is1) (Version: 10.24 - FreeFileSync.org)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.83 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS)
Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
KeePass Password Safe 2.38 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.38 - Dominik Reichl)
Kits Configuration Installer (HKLM-x32\...\{8867E8B9-1539-18F3-54AB-B1F1E641AC14}) (Version: 10.1.19041.1 - Microsoft) Hidden
MailStore Home 10.2.3.12921 (HKLM-x32\...\MailStore Home_universal1) (Version: 10.2.3.12921 - MailStore Software GmbH)
MailWasher (HKLM-x32\...\{8C70C166-E452-482D-ADEE-E34FE06A2A8D}) (Version: 7.11.05 - Firetrust)
MAMP & MAMP PRO 4.2.0 version 4.2.0 (HKLM-x32\...\{A62E77D4-9B74-4CA0-A254-EFE711F7A298}_is1) (Version: 4.2.0 - MAMP GmbH)
MAMP PRO 4.2.0 version 4.2.0 (HKLM-x32\...\{B35986B9-1715-4109-A4E4-3892C0CB3DF4}_is1) (Version: 4.2.0 - MAMP GmbH)
Maxthon Nitro (HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\...\MxNitro) (Version: 1.1.1.800 - Maxthon International Limited)
Microsoft Garage Mouse without Borders (HKLM-x32\...\{D3BC954F-D661-474C-B367-30EB6E56542E}) (Version: 2.1.8.105 - Microsoft Garage)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
MiniTool Partition Wizard 10.2.2 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.8.0 - Mozilla)
Mozilla Thunderbird 68.12.0 (x64 cs) (HKLM\...\Mozilla Thunderbird 68.12.0 (x64 cs)) (Version: 68.12.0 - Mozilla)
Nexus (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1955.62 - Trusteer)
Opera Stable 70.0.3728.106 (HKLM-x32\...\Opera 70.0.3728.106) (Version: 70.0.3728.106 - Opera Software)
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.198.198.0 - Tracker Software Products Ltd)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 2.3.1 - Vaclav Slavik)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1955.62 - Trusteer) Hidden
Reg Organizer verze 8.26 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.26 - ChemTable Software)
SDK Debuggers (HKLM-x32\...\{91C073DA-2474-72C0-3022-3D00A221F43C}) (Version: 10.1.19041.1 - Microsoft Corporation) Hidden
Seznam prohlížeč (HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\...\Seznam Browser) (Version: 4.4.0 - Seznam.cz a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 release candidate 3 - Ghisler Software GmbH)
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 8.0.0 - Green Gate Systems, LLC)
UniPDF 1.2 (HKLM-x32\...\UniPDF) (Version: 1.2 - UniPDF.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VideoReDo TVSuite Version 5.1.1.719 (HKLM-x32\...\VideoReDo5_is1) (Version: - DRD Systems, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VMware vCenter Converter Standalone (HKLM-x32\...\{DA09FD63-5AE7-4bf6-8B86-0FCA4DEA8F8F}) (Version: 6.2.0.7348398 - VMware, Inc.)
VMware Workstation (HKLM\...\{88A20B9A-DF30-459E-AB99-4D688A426CF7}) (Version: 15.1.0 - VMware, Inc.)
Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.19041.1 (HKLM-x32\...\{1aef9cb5-faba-471c-b24a-c45dd69d37ea}) (Version: 10.1.19041.1 - Microsoft Corporation)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.80 Build 33 - Windscribe Limited)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wise Care 365 5.1.9 (HKLM-x32\...\Wise Care 365_is1) (Version: 5.1.9 - WiseCleaner.com, Inc.)
WPT Redistributables (HKLM-x32\...\{70D0B057-048B-F699-A2B0-AD325018802F}) (Version: 10.1.18362.1 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{EC12C121-3208-5E92-FCB0-0591769632F9}) (Version: 10.1.18362.1 - Microsoft) Hidden
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{18FE6943-D33D-42F5-99D5-0ED22F633E32}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.6.121.18102 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{881E7A8C-9C4B-4D14-B390-EAFBA278CF45}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1804.2.61 - ZONER software)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.4.249.0_x64__rz1tebttyb220 [2020-08-09] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-10] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0 [2020-09-03] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1166155930-2696877368-3214738172-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files\VMware\VMware Workstation\vmdkShellExt.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\ohil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Nástroj na obnovení Chromebooku.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jndclpdbaamdhonoechobihbbiimdgai
==================== Loaded Modules (Whitelisted) =============
2020-05-10 18:55 - 2019-03-03 01:45 - 000960512 _____ () [File not signed] C:\MAMP\bin\apache\bin\perl516.dll
2020-05-10 18:55 - 2019-03-03 01:45 - 000067584 _____ () [File not signed] C:\MAMP\bin\apache\bin\zlib1.dll
2020-05-10 18:55 - 2019-03-03 01:46 - 000127056 _____ () [File not signed] C:\MAMP\bin\apache\modules\mod_perl.so
2020-05-10 18:56 - 2019-03-03 01:46 - 000072704 _____ () [File not signed] C:\MAMP\bin\apache\modules\mod_wsgi.so
2020-05-10 18:57 - 2019-12-17 22:37 - 001007616 _____ () [File not signed] C:\MAMP\bin\php\php7.4.1\libsqlite3.dll
2020-05-10 18:57 - 2020-02-08 11:35 - 000183808 _____ () [File not signed] C:\MAMP\bin\php\php7.4.1\libssh2.dll
2019-11-04 16:09 - 2019-11-04 16:09 - 000059392 _____ () [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
2018-07-18 14:27 - 2018-07-18 14:27 - 000747520 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2017-12-01 19:03 - 2017-12-01 19:03 - 006319616 _____ () [File not signed] C:\Users\ohil\AppData\Roaming\Firetrust\MailWasher\MWPappDLL.dll
2017-12-01 19:03 - 2017-12-01 19:03 - 000061952 _____ () [File not signed] C:\Users\ohil\AppData\Roaming\Firetrust\MailWasher\MWPBridgeDLL.dll
2017-12-03 20:35 - 2017-12-03 20:35 - 000627200 _____ () [File not signed] C:\Users\ohil\AppData\Roaming\Firetrust\MailWasher\MWPHeaderParser.dll
2020-05-10 18:55 - 2019-03-03 01:45 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\bin\apr_ldap-1.dll
2020-05-10 18:55 - 2019-03-03 01:45 - 000141824 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\bin\libapr-1.dll
2020-05-10 18:55 - 2019-03-03 01:45 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\bin\libapriconv-1.dll
2020-05-10 18:55 - 2019-03-03 01:45 - 000194560 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\bin\libaprutil-1.dll
2020-05-10 18:55 - 2019-03-03 01:45 - 000271360 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\bin\libhttpd.dll
2020-05-10 18:55 - 2019-03-03 01:46 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_actions.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_alias.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_asis.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_auth_basic.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000025600 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_auth_digest.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authn_anon.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authn_dbd.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authn_dbm.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authn_default.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authn_file.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000026624 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authnz_ldap.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authz_dbm.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authz_default.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authz_groupfile.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authz_host.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authz_owner.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_authz_user.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000029184 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_autoindex.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000032768 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_cache.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_cern_meta.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000019968 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_cgi.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000072192 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_dav.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000035840 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_dav_fs.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_dav_lock.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_dbd.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_deflate.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_dir.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000019968 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_disk_cache.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_dumpio.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_env.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000013312 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_expires.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000018432 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_ext_filter.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000057344 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_fcgid.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_file_cache.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000015872 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_filter.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000016384 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_headers.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000017920 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_charset_lite.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_ident.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000016384 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_imagemap.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000035840 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_include.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000019456 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_info.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_isapi.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000039424 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_ldap.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000022528 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_log_config.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_log_forensic.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_logio.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_mime.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000022528 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_mime_magic.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000028160 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_negotiation.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000061440 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_proxy.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000030720 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_proxy_ajp.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000024576 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_proxy_balancer.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000012800 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_proxy_connect.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000028672 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_proxy_ftp.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000029696 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_proxy_http.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000015872 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_proxy_scgi.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_reqtimeout.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000049664 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_rewrite.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000013312 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_setenvif.so
2020-05-10 18:55 - 2019-03-03 01:46 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_speling.so
2020-05-10 18:56 - 2019-03-03 01:46 - 000125952 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_ssl.so
2020-05-10 18:56 - 2019-03-03 01:46 - 000019456 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_status.so
2020-05-10 18:56 - 2019-03-03 01:46 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_substitute.so
2020-05-10 18:56 - 2019-03-03 01:46 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_unique_id.so
2020-05-10 18:56 - 2019-03-03 01:46 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_userdir.so
2020-05-10 18:56 - 2019-03-03 01:46 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_usertrack.so
2020-05-10 18:56 - 2019-03-03 01:46 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_version.so
2020-05-10 18:56 - 2019-03-03 01:46 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\modules\mod_vhost_alias.so
2020-05-10 18:57 - 2020-02-08 11:35 - 000156672 _____ (hxxps://nghttp2.org/) [File not signed] C:\MAMP\bin\php\php7.4.1\nghttp2.dll
2019-11-27 12:15 - 2019-11-27 12:15 - 000398336 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000513536 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll
2019-11-27 12:15 - 2019-11-27 12:15 - 000055296 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt32.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
2019-11-27 12:15 - 2019-11-27 12:15 - 000020480 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr32.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
2019-07-25 11:52 - 2019-07-25 11:52 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
2020-05-10 18:55 - 2019-03-03 01:45 - 002449920 _____ (Python Software Foundation) [File not signed] C:\MAMP\bin\apache\bin\python27.dll
2019-11-27 12:27 - 2019-11-27 12:27 - 001189888 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
2019-11-10 12:38 - 2019-11-10 12:38 - 001124352 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
2020-05-10 18:57 - 2020-02-08 11:35 - 026902528 _____ (The ICU Project) [File not signed] C:\MAMP\bin\php\php7.4.1\icudt60.dll
2020-05-10 18:57 - 2020-02-08 11:35 - 002011648 _____ (The ICU Project) [File not signed] C:\MAMP\bin\php\php7.4.1\icuin60.dll
2020-05-10 18:57 - 2020-02-08 11:35 - 000043520 _____ (The ICU Project) [File not signed] C:\MAMP\bin\php\php7.4.1\icuio60.dll
2020-05-10 18:57 - 2020-02-08 11:35 - 001317888 _____ (The ICU Project) [File not signed] C:\MAMP\bin\php\php7.4.1\icuuc60.dll
2020-05-10 18:55 - 2019-03-03 01:45 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\MAMP\bin\apache\bin\LIBEAY32.dll
2020-05-10 18:55 - 2019-03-03 01:45 - 000274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\MAMP\bin\apache\bin\SSLEAY32.dll
2020-05-10 18:57 - 2020-02-08 11:35 - 002228736 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\MAMP\bin\php\php7.4.1\libcrypto-1_1.dll
2020-05-10 18:57 - 2020-02-08 11:35 - 000399872 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\MAMP\bin\php\php7.4.1\libssl-1_1.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000070656 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_bz2.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000460800 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_curl.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000058368 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_exif.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 005713920 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_fileinfo.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 001134080 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_gd2.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000215040 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_imagick.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000318976 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_intl.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000891904 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_mbstring.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000069632 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_memcache.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000091136 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_mysqli.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000110080 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_openssl.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000024576 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_pdo_mysql.dll
2020-05-10 18:57 - 2019-12-17 22:37 - 000024064 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_pdo_sqlite.dll
2020-05-10 18:57 - 2019-12-17 22:37 - 000036352 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_sqlite3.dll
2020-05-10 18:57 - 2020-02-08 11:34 - 000224768 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\ext\php_xsl.dll
2020-05-10 18:57 - 2020-02-08 11:35 - 000029696 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\php7apache2_2.dll
2020-05-10 18:57 - 2020-02-08 11:35 - 007150592 _____ (The PHP Group) [File not signed] C:\MAMP\bin\php\php7.4.1\php7ts.dll
2019-02-14 17:49 - 2017-11-24 18:43 - 000026624 _____ (Winstep Software Technologies) [File not signed] C:\Program Files\Winstep\WsxMMTimer.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [286]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [156]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [155]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [818]
AlternateDataStreams: C:\ProgramData\TEMP:EFDFF94D [362]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2018-03-09 13:28 - 000000851 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com
2018-05-10 09:20 - 2018-05-13 12:02 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\
HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
Network Binding:
=============
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)
Ethernet 3: VMware Bridge Protocol -> vmware_bridge (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKLM\...\StartupApproved\Run32: => "ABBYY Screenshot Reader Retail"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "AdobeCS4ServiceManager"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\...\StartupApproved\Run: => "MampTray"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C2621627-B119-4A4A-8678-71846E6E8535}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BDC58944-1110-456E-B538-4D4E567BC718}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EDD266C9-DC8A-4A39-ADCF-18F735F374E9}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{5C01A154-C5C8-4698-B386-341BAC58FC09}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{2A477179-650A-4548-AB98-FD9E863602D1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{2F2CCDBD-E8AC-4105-859C-DD895D748A4F}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F5E8FDE9-D044-42F3-917C-8ACE6B4DCC1E}] => (Allow) C:\Users\ohil\AppData\Roaming\Firetrust\MailWasher\MailWasherPro.exe (Firetrust Ltd -> Firetrust)
FirewallRules: [{94941142-7D15-4509-A0CF-A98644DE132C}] => (Allow) C:\Users\ohil\AppData\Roaming\Firetrust\MailWasher\MailWasherPro.exe (Firetrust Ltd -> Firetrust)
FirewallRules: [{88745162-FDCE-4E61-B2B9-A940F0D6610F}] => (Allow) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe (Microsoft Corporation -> Microsoft)
FirewallRules: [{C6DFAF20-FFC5-42C5-98CF-6B9B81ABFC0B}] => (Allow) LPort=5353
FirewallRules: [TCP Query User{E89EA150-8298-4A0E-9C63-AD2F9B6B6D7D}C:\program files\windscribe\wsappcontrol.exe] => (Allow) C:\program files\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [UDP Query User{3F172D6C-7CC0-4614-8E5E-4026D5C72F2E}C:\program files\windscribe\wsappcontrol.exe] => (Allow) C:\program files\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{96889BFA-56E9-43BB-AA5E-C045E1A4D551}] => (Block) C:\program files\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{EBFE9F8D-1DED-4852-A1BF-CDF9F068FE4D}] => (Block) C:\program files\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{7BC44A81-5F61-408D-9C82-AEB0831695A8}] => (Allow) LPort=9089
FirewallRules: [{4670CDA0-D601-46B0-A9C9-A961C848E41C}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EFA1D91D-8FF5-437F-9711-E82757D88863}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{72941FBC-53A1-4C04-B536-2DD4D6CFC91B}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{FF365108-ACC2-4DCC-9351-0C0AF0CC697E}] => (Allow) C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{30BBFEFA-E8BC-4D95-9797-41E7CF0D3688}] => (Allow) C:\Program Files\AceThinker\AceThinker Video Master\AceThinker Video Master.exe (Apowersoft Ltd -> AceThinker)
FirewallRules: [{FC3B7458-2F24-44B9-8EB7-B249E3CCEF09}] => (Allow) C:\Program Files\AceThinker\AceThinker Video Master\AceThinker Video Master.exe (Apowersoft Ltd -> AceThinker)
FirewallRules: [{AD8145FF-EB0B-408E-8DD2-6E21210FC74F}] => (Allow) c:\program files\opera\69.0.3686.95\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{72A72E2F-12BE-4E3D-A6B5-E18AED7E165E}] => (Allow) c:\program files\opera\70.0.3728.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{060F2220-4ECD-47ED-AEE5-34CC003519DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B4B8B547-3C32-4A55-BF58-4251F4323BAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1EB585A7-5EE2-4A32-8E02-DF2D02FEBFC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1814987-9288-430E-96D6-1E2337A8FC8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{585B2113-D8AA-47FC-9B2F-A68490C83C71}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{60F563E7-CCB4-4F89-AC36-9EC94F3C2C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6AFA4D3-3A1C-46BD-A9F4-FFB7A0E1879C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E60ACC5D-E0B5-46AA-BBEE-A789DB2F72C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9FB01C84-B7C4-40C3-9857-8E165620EACE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
02-09-2020 15:54:47 Windows Software Development Kit - Windows 10.0.19041.1
03-09-2020 10:47:38 systém padá
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/03/2020 01:12:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7016,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (09/03/2020 01:04:31 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: WIN10-JIRKA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2020 01:02:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 828: ERROR: read_msg errno 10054 (Stávající připojení bylo vynuceně ukončeno vzdáleným hostitelem.)
Error: (09/03/2020 01:02:03 PM) (Source: MAMPDNS) (EventID: 0) (User: )
Description: Službu nelze spustit. Neplatný popisovač
Error: (09/03/2020 01:00:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Služba Šifrování neinicializovala záložní objekt System Writer systému VSS.
Details:
Could not query the status of the EventSystem service.
System Error:
Probíhá vypnutí systému.
.
Error: (09/03/2020 11:32:19 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: WIN10-JIRKA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2020 10:44:36 AM) (Source: MAMPDNS) (EventID: 0) (User: )
Description: Službu nelze spustit. Neplatný popisovač
Error: (09/03/2020 10:11:47 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4572,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (09/03/2020 01:08:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CPEFR bylo dosaženo časového limitu (30000 ms).
Error: (09/03/2020 01:02:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MAMPPRO neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (09/03/2020 01:02:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby MAMPPRO bylo dosaženo časového limitu (45000 ms).
Error: (09/03/2020 01:00:23 PM) (Source: DCOM) (EventID: 10005) (User: WIN10-JIRKA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby camsvc s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.CapabilityAccess.CapabilityAccess
Error: (09/03/2020 12:59:44 PM) (Source: DCOM) (EventID: 10005) (User: WIN10-JIRKA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (09/03/2020 12:58:56 PM) (Source: DCOM) (EventID: 10005) (User: WIN10-JIRKA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (09/03/2020 12:58:49 PM) (Source: DCOM) (EventID: 10005) (User: WIN10-JIRKA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (09/03/2020 12:58:18 PM) (Source: DCOM) (EventID: 10005) (User: WIN10-JIRKA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
CodeIntegrity:
===================================
Date: 2020-09-03 13:05:00.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-03 13:05:00.637
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-03 13:05:00.626
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-03 13:05:00.586
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-03 13:05:00.575
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-03 13:05:00.533
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-03 13:05:00.523
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-03 13:05:00.482
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2301 08/09/2012
Motherboard: ASUSTeK Computer INC. M4A88TD-V EVO/USB3
Processor: AMD Phenom(tm) II X6 1090T Processor
Percentage of memory in use: 61%
Total physical RAM: 7935.16 MB
Available physical RAM: 3044.31 MB
Total Virtual: 9822.16 MB
Available Virtual: 4300.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:83.11 GB) (Free:28 GB) NTFS
Drive d: () (Fixed) (Total:130.81 GB) (Free:35.74 GB) NTFS
Drive e: () (Fixed) (Total:192.23 GB) (Free:60.06 GB) NTFS
Drive f: (WIN 7) (Fixed) (Total:59.08 GB) (Free:2.8 GB) NTFS
Drive j: (FILMY) (Removable) (Total:29.82 GB) (Free:28.18 GB) FAT32
Drive l: (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: A01F3BD6)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=83.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=59.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=323 GB) - (Type=0F Extended)
==========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 072364D8)
Partition 1: (Not Active) - (Size=29.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-09-2020
Ran by WIN10-J (administrator) on WIN10-JIRKA (03-09-2020 13:27:39)
Running from D:\Zdroje\!Servis PC\RSIT_Skenovací report na viry
Loaded Profiles: WIN10-J
Platform: Windows 10 Home Version 1909 18363.1016 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\MAMP\bin\emailrelay\emailrelay.exe
() [File not signed] C:\MAMP\bin\emailrelay\emailrelay-service.exe
() [File not signed] C:\MAMP\bin\mysql\bin\mysqld.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apache Software Foundation) [File not signed] C:\MAMP\bin\apache\bin\httpd.exe <2>
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Cyber Power Systems, Inc. -> Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
(Cyber Power Systems, Inc. -> Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
(Firetrust Ltd -> Firetrust) C:\Users\ohil\AppData\Roaming\Firetrust\MailWasher\MailWasherPro.exe
(Ghisler Software GmbH) [File not signed] C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Janos Mathe -> H.D.S. Hungary) C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
(Kazuyuki Nakayama) [File not signed] D:\Zdroje\!Servis PC\HotSwap!_ver.6.1.0.0\6_2_2_0\64bit\HotSwap!.EXE
(Konstantin Polyakov IP -> Chemtable Software) C:\Program Files\Reg Organizer\StartupCheckingService.exe
(Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(mst software GmbH, Germany) [File not signed] C:\Program Files\Ashampoo\Ashampoo WinOptimizer 16\DfSdkS.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\70.0.3728.106\opera.exe <24>
(Opera Software AS -> Opera Software) C:\Program Files\Opera\70.0.3728.106\opera_crashreporter.exe
(VMware, Inc. -> ) C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files\Windscribe\WindscribeService.exe
(Winstep Software Technologies) [File not signed] C:\Program Files\Winstep\Nexus.exe
(Winstep Software Technologies) [File not signed] C:\Program Files\Winstep\WsxService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [326448 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Opera Browser Assistant] => c:\program files\opera\assistant\browser_assistant.exe [3126808 2020-09-02] (Opera Software AS -> Opera Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\...\Run: [NeXuS] => C:\Program Files\Winstep\Nexus.exe [17959552 2019-03-01] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\...\Policies\Explorer: [DisallowCpl] 1
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1006LM: C:\WINDOWS\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PDF-XChange4: C:\WINDOWS\system32\pxc40pm.dll [56912 2011-09-16] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-08-30] (Google LLC -> Google LLC)
Startup: C:\Users\ohil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk [2018-03-08]
ShortcutTarget: MailWasherPro.lnk -> C:\Users\ohil\AppData\Roaming\Firetrust\MailWasher\MailWasherPro.exe (Firetrust Ltd -> Firetrust)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01393321-B5E5-42E6-9197-4D530C10EB5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-09] (Google Inc -> Google Inc.)
Task: {279C1947-A588-465C-96C8-6C0787EF01E2} - System32\Tasks\Opera scheduled Autoupdate 1520351951 => c:\program files\opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software)
Task: {37970EC7-B5CE-486B-9380-EBD77C43008B} - System32\Tasks\DelayedItemsByChemtableSoftware\PowerPanel Personal Edition User Interaction => C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe [379824 2016-07-27] (Cyber Power Systems, Inc. -> Cyber Power Systems, Inc.)
Task: {435EF512-DD63-4DB7-B1AE-6D28FAF1BA5D} - System32\Tasks\Opera scheduled assistant Autoupdate 1589179874 => c:\program files\opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software)
Task: {4C622D79-7BEB-4FDF-A9F5-EA17C0F50E9A} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_WIN10_2DJ => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [4334736 2014-06-24] (Janos Mathe -> H.D.S. Hungary)
Task: {7F6929AB-03F2-4568-AFC6-D621B66259C0} - System32\Tasks\HotSwap! Applet => D:\Zdroje\!Servis PC\HotSwap!_ver.6.1.0.0\6_2_2_0\64bit\HotSwap!.EXE [211968 2017-02-13] (Kazuyuki Nakayama) [File not signed]
Task: {85FD49C5-E07B-4630-A178-CFF68D6EDB2C} - System32\Tasks\DelayedItemsByChemtableSoftware\SecurityHealth => C:\WINDOWS\system32\SecurityHealthSystray.exe [84992 2020-05-11] (Microsoft Windows -> Microsoft Corporation)
Task: {A16EB01A-5E2D-4456-84B1-F58E8F5A03FE} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files\Reg Organizer\RegOrganizer.exe -RegistryEditor -ForceForeground -NoSplash
Task: {BB20212B-AA7C-4BBD-9EFC-A5A167871046} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-05-10] (Avast Software s.r.o. -> Avast Software)
Task: {DE3C157F-9210-4DB6-A122-EE0350C82A3B} - System32\Tasks\DelayedItemsByChemtableSoftware\SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
Task: {E22D4761-42E5-41A9-8EE4-3E5A7A07AD84} - System32\Tasks\UltraDefrag\AutoDefrag => C:\Program Files\UltraDefrag\task-launcher.exe [64000 2018-11-03] (Green Gate Systems, LLC) [File not signed]
Task: {EB5CF893-9C3C-4174-8E4E-1289C0CF9419} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3850336 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EOSv3 Scheduler onLogOn.job => D:\Zdroje\!Servis PC\!ANTIVIRY\ESET on line scanner_stáhne nejnovější verzi programu\esetonlinescanner_csy.exe
Task: C:\WINDOWS\Tasks\EOSv3 Scheduler onTime.job => D:\Zdroje\!Servis PC\!ANTIVIRY\ESET on line scanner_stáhne nejnovější verzi programu\esetonlinescanner_csy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.0 account.zoner.com
Tcpip\..\Interfaces\{4af0cb67-87db-4953-baaa-4906b272ab60}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-16] (Tracker Software Products (Canada) Ltd -> Tracker Softaware)
Toolbar: HKLM-x32 - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-16] (Tracker Software Products (Canada) Ltd -> Tracker Softaware)
Edge:
======
DownloadDir: C:\Users\ohil\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1166155930-2696877368-3214738172-1001 -> hxxp://www.google.cz/
Edge Extension: (Translator pro Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-02-02]
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1166155930-2696877368-3214738172-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
Chrome:
=======
CHR Profile: C:\Users\ohil\AppData\Local\Google\Chrome\User Data\Default [2020-09-02]
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Extension: (IBM Security Rapport) - C:\Users\ohil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2020-01-13]
CHR Extension: (Translator) - C:\Users\ohil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blndkmebkmenignoajhoemebccmmfjib [2020-06-19]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\ohil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-08-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ohil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-16]
CHR Extension: (Gmail) - C:\Users\ohil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\ohil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-02]
CHR Profile: C:\Users\ohil\AppData\Local\Google\Chrome\User Data\System Profile [2020-06-04]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-1166155930-2696877368-3214738172-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Opera:
=======
OPR DownloadDir: D:\!!Download
OPR Session Restore: -> is enabled.
OPR Extension: (Translator) - C:\Users\ohil\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2020-09-03]
OPR Extension: (Smart RSS) - C:\Users\ohil\AppData\Roaming\Opera Software\Opera Stable\Extensions\nncgmpcdlilgbepbfpeidpjlcdfhmcfp [2018-03-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ABBYY.Licensing.FineReader.Corporate.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [814344 2010-05-07] (ABBYY SOLUTIONS LIMITED -> ABBYY)
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7824280 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357848 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 Chemtable Startup Checking; C:\Program Files\Reg Organizer\StartupCheckingService.exe [ ]
U2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
R2 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 16\DfsdkS.exe [406016 2019-02-18] (mst software GmbH, Germany) [File not signed]
R2 emailrelay; C:\MAMP\bin\emailrelay\emailrelay-service.exe [705536 2019-03-03] () [File not signed]
S2 MAMPDNS; C:\MAMPPRO\MAMPDNSService.exe [22528 2020-04-23] (MAMP GmbH) [File not signed]
S2 MAMPPRO; C:\MAMPPRO\MAMPPROService.exe [25088 2020-04-23] (MAMP GmbH) [File not signed]
R2 MAMPPRO-Apache; C:\MAMP\bin\apache\bin\httpd.exe [18432 2019-03-03] (Apache Software Foundation) [File not signed]
S3 MAMPPRO-Memcached; C:\MAMPPRO\MAMPMemcached.exe [11264 2020-04-23] (MAMP GmbH) [File not signed]
R2 MAMPPRO-MySQL; C:\MAMP\bin\mysql\bin\mysqld.exe [22023168 2019-03-03] () [File not signed]
S3 MAMPPRO-NGINX; C:\MAMPPRO\MAMPNGINX.exe [12288 2020-04-23] (MAMP GmbH) [File not signed]
R2 ppped; C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe [1113008 2016-07-27] (Cyber Power Systems, Inc. -> Cyber Power Systems, Inc.)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3002752 2020-02-25] (IBM -> IBM Corp.)
R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [518120 2017-12-12] (VMware, Inc. -> VMware, Inc.)
S3 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [518120 2017-12-12] (VMware, Inc. -> VMware, Inc.)
S3 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [518120 2017-12-12] (VMware, Inc. -> VMware, Inc.)
R2 VMwareHostd; C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe [15446448 2019-05-04] (VMware, Inc. -> )
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4501544 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files\Windscribe\WindscribeService.exe [442472 2017-11-13] (Windscribe Limited -> Windscribe Limited)
R2 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService.exe [775680 2018-06-06] (Winstep Software Technologies) [File not signed]
S3 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [658600 2018-07-20] (Lespeed Technology Ltd. -> WiseCleaner.com)
S3 WO_LiveService2; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 16\LiveTunerService.exe [308128 2019-02-18] (Ashampoo GmbH & Co. KG -> )
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-07] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AIDA64Driver; D:\Zdroje\!Servis PC\Aida64 o PC\Aida64extreme597_klíč UKW61-IRBD6-FJDNX-A4D34-FYY11\rozb_aida64extreme597\kerneld.x64 [45696 2018-03-27] (FinalWire Kft. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206392 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235584 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195648 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42768 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175192 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [516560 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84848 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851600 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469880 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217328 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326408 2020-09-01] (Avast Software s.r.o. -> AVAST Software)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr-x64.sys [84736 2017-12-12] (VMware, Inc. -> VMware, Inc.)
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-22] (Martin Malik - REALiX -> REALiX(tm))
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 LiveTuner2PM; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 16\LiveTuner64.sys [14320 2019-02-18] (Ashampoo GmbH & Co. KG -> )
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2018-02-06] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [431376 2020-02-25] (IBM -> IBM Corp.)
R1 RapportCerberus_1955065; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1955065.sys [1469776 2020-05-10] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544592 2020-02-25] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [397248 2020-02-25] (IBM -> IBM Corp.)
S0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [610672 2019-02-27] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [562560 2020-02-25] (IBM -> IBM Corp.)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2017-09-13] (Windscribe Limited -> The OpenVPN Project)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [235832 2019-01-28] (Oracle Corporation -> Oracle Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-03-25] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66576 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2019-04-27] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-10] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2019-02-17] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
S3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [51272 2019-02-17] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com)
U3 iswSvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-03 13:27 - 2020-09-03 13:28 - 000000000 ____D C:\FRST
2020-09-03 13:10 - 2020-09-03 13:11 - 000000000 ____D C:\rsit
2020-09-03 13:10 - 2020-09-03 13:10 - 000000000 ____D C:\Program Files (x86)\trend micro
2020-09-03 13:08 - 2020-09-03 13:08 - 000000000 _____ C:\WINDOWS\cpepmon.mlf
2020-09-03 12:59 - 2020-09-03 12:59 - 000000416 _____ C:\WINDOWS\Tasks\EOSv3 Scheduler onTime.job
2020-09-03 12:59 - 2020-09-03 12:59 - 000000416 _____ C:\WINDOWS\Tasks\EOSv3 Scheduler onLogOn.job
2020-09-03 11:39 - 2020-09-03 11:39 - 000001167 _____ C:\Users\ohil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-09-03 11:37 - 2020-09-03 11:37 - 000171644 _____ C:\WINDOWS\ntbtlog.txt
2020-09-03 11:28 - 2020-09-03 11:28 - 000207705 ____N C:\WINDOWS\Minidump\090320-44250-01.dmp
2020-09-03 10:17 - 2020-09-03 10:17 - 000000000 _____ C:\WINDOWS\Minidump\090320-1036890-01.dmp
2020-09-02 18:11 - 2020-09-03 10:44 - 1640919976 _____ C:\WINDOWS\MEMORY.DMP
2020-09-02 16:09 - 2020-09-02 16:09 - 000208483 ____N C:\WINDOWS\Minidump\090220-37500-01.dmp
2020-09-02 15:41 - 2020-09-02 15:41 - 000213421 ____N C:\WINDOWS\Minidump\090220-39000-01.dmp
2020-09-02 15:18 - 2020-05-11 14:01 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-09-02 14:27 - 2020-09-02 14:27 - 000210391 ____N C:\WINDOWS\Minidump\090220-39625-01.dmp
2020-09-02 09:18 - 2020-09-02 09:18 - 000000000 ____D C:\Users\ohil\AppData\Local\ESET
2020-09-01 18:15 - 2020-09-03 11:28 - 000000000 ____D C:\WINDOWS\Minidump
2020-09-01 13:34 - 2020-09-01 13:34 - 000338528 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-09-01 13:34 - 2020-09-01 13:34 - 000217328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-09-01 13:34 - 2020-09-01 13:34 - 000175192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-08-31 18:47 - 2020-09-01 13:23 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2020-08-30 18:09 - 2020-08-30 18:09 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-08-30 18:09 - 2020-08-30 18:09 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-30 18:09 - 2020-08-30 18:09 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-30 18:09 - 2020-08-30 18:09 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-30 18:09 - 2020-08-30 18:09 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-30 18:09 - 2020-08-30 18:09 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-30 18:09 - 2020-08-30 18:09 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-30 18:09 - 2020-08-30 18:09 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-30 18:09 - 2020-08-30 18:09 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-30 18:09 - 2020-08-30 18:09 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-30 18:09 - 2020-08-30 18:09 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-30 18:09 - 2020-08-30 18:09 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-30 18:09 - 2020-08-30 18:09 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-30 18:09 - 2020-08-30 18:09 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-30 18:09 - 2020-08-30 18:09 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-30 18:09 - 2020-08-30 18:09 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-30 18:08 - 2020-08-30 18:08 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-30 18:08 - 2020-08-30 18:08 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-30 18:08 - 2020-08-30 18:08 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-30 18:08 - 2020-08-30 18:08 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-30 18:08 - 2020-08-30 18:08 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-30 18:08 - 2020-08-30 18:08 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-30 18:08 - 2020-08-30 18:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-30 18:08 - 2020-08-30 18:08 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-30 18:08 - 2020-08-30 18:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-30 18:07 - 2020-08-30 18:07 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-30 18:07 - 2020-08-30 18:07 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-30 18:07 - 2020-08-30 18:07 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-30 18:07 - 2020-08-30 18:07 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-30 18:07 - 2020-08-30 18:07 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-30 18:07 - 2020-08-30 18:07 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-30 18:07 - 2020-08-30 18:07 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-30 18:07 - 2020-08-30 18:07 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-30 18:07 - 2020-08-30 18:07 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-30 18:07 - 2020-08-30 18:07 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-30 18:07 - 2020-08-30 18:07 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-30 18:07 - 2020-08-30 18:07 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-30 18:07 - 2020-08-30 18:07 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-30 18:07 - 2020-08-30 18:07 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-30 18:06 - 2020-08-30 18:06 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-30 18:06 - 2020-08-30 18:06 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-30 18:06 - 2020-08-30 18:06 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-30 18:06 - 2020-08-30 18:06 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-30 18:06 - 2020-08-30 18:06 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-30 18:06 - 2020-08-30 18:06 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-30 18:06 - 2020-08-30 18:06 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-30 18:06 - 2020-08-30 18:06 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-30 18:06 - 2020-08-30 18:06 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-30 18:06 - 2020-08-30 18:06 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-30 18:06 - 2020-08-30 18:06 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-30 18:06 - 2020-08-30 18:06 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-30 18:06 - 2020-08-30 18:06 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-30 17:44 - 2020-08-30 17:44 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-30 17:44 - 2020-08-30 17:44 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-03 13:29 - 2018-03-06 19:24 - 000000000 ____D C:\Users\ohil\AppData\LocalLow\Mozilla
2020-09-03 13:17 - 2019-05-06 09:22 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-03 13:02 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-03 13:01 - 2020-05-11 13:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-03 13:01 - 2018-03-20 15:19 - 000000000 ____D C:\ProgramData\VMware
2020-09-03 13:01 - 2018-03-09 19:54 - 000000000 ____D C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
2020-09-03 13:00 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-03 12:28 - 2020-05-11 13:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-03 11:38 - 2018-03-06 17:16 - 000000000 ____D C:\Program Files\totalcmd
2020-09-03 11:37 - 2019-02-09 17:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-09-03 11:36 - 2020-05-11 13:17 - 000000000 ____D C:\Users\ohil
2020-09-03 11:33 - 2020-05-11 13:36 - 000003136 _____ C:\WINDOWS\system32\Tasks\HotSwap! Applet
2020-09-03 10:47 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-03 10:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-02 18:45 - 2018-03-18 12:26 - 000000000 ____D C:\Users\ohil\AppData\Local\CrashDumps
2020-09-02 18:02 - 2018-03-07 19:07 - 000000000 ____D C:\ProgramData\TEMP
2020-09-02 17:59 - 2020-07-15 14:24 - 000003512 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1589179874
2020-09-02 17:59 - 2020-05-11 13:36 - 000003300 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1520351951
2020-09-02 17:59 - 2020-05-11 13:36 - 000003278 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-09-02 17:59 - 2020-05-11 13:36 - 000002952 _____ C:\WINDOWS\system32\Tasks\RegOrganizerQuickLaunch
2020-09-02 17:59 - 2018-03-07 19:38 - 000000000 ____D C:\Users\ohil\AppData\Roaming\vlc
2020-09-02 17:58 - 2020-05-11 13:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-09-02 17:55 - 2020-05-20 10:24 - 000000000 ____D C:\Users\ohil\AppData\Roaming\VideoReDo-TVSuite6
2020-09-02 17:51 - 2018-03-08 17:04 - 000000000 ____D C:\Users\ohil\OneDrive\Dokumenty\AllMyMovies
2020-09-02 17:43 - 2018-03-06 16:33 - 000000000 ____D C:\Program Files\Opera
2020-09-02 17:37 - 2020-05-11 13:36 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-09-02 16:03 - 2018-03-06 18:16 - 000000000 ____D C:\Users\ohil\AppData\Local\DBG
2020-09-02 15:58 - 2019-10-21 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2020-09-02 15:57 - 2018-03-06 16:57 - 000000000 ____D C:\ProgramData\Package Cache
2020-09-02 14:28 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-09-02 11:20 - 2020-05-11 13:27 - 001606356 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-02 11:20 - 2019-03-19 13:55 - 000682526 _____ C:\WINDOWS\system32\perfh005.dat
2020-09-02 11:20 - 2019-03-19 13:55 - 000137244 _____ C:\WINDOWS\system32\perfc005.dat
2020-09-02 11:20 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-01 17:43 - 2018-03-06 18:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-01 13:36 - 2020-01-13 19:43 - 000000000 ____D C:\Program Files\UltraDefrag
2020-09-01 13:34 - 2020-05-11 18:41 - 000516560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000851600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000469880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000326408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000206392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000195648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000084848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000042768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-09-01 13:34 - 2019-05-06 09:26 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-09-01 13:34 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-01 13:23 - 2020-05-13 10:07 - 000001094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-08-31 18:37 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-31 18:33 - 2018-03-06 15:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-31 18:33 - 2018-03-06 15:18 - 000000000 ___RD C:\Users\ohil\3D Objects
2020-08-31 18:25 - 2020-05-21 09:34 - 000450976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-30 18:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-30 18:58 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-08-30 17:39 - 2018-03-06 17:19 - 000000000 ____D C:\Users\ohil\AppData\Local\GHISLER
2020-08-30 16:51 - 2018-03-09 19:08 - 000002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-08-23 14:47 - 2018-03-08 17:18 - 000000000 ____D C:\Users\ohil\AppData\Roaming\KeePass
2020-08-17 11:23 - 2019-10-20 13:58 - 000001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-08-12 17:11 - 2019-03-02 18:05 - 000000000 ____D C:\Users\ohil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-08-12 17:11 - 2019-03-02 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-08-12 17:11 - 2019-03-02 18:05 - 000000000 ____D C:\Program Files\WinRAR
2020-08-06 10:39 - 2020-05-10 18:55 - 000000000 ____D C:\MAMP
==================== Files in the root of some directories ========
2019-02-01 15:24 - 2019-02-01 15:24 - 000099384 _____ () C:\Users\ohil\AppData\Roaming\inst.exe
2018-03-09 15:55 - 2018-03-09 15:55 - 000007859 _____ () C:\Users\ohil\AppData\Roaming\pcouffin.cat
2018-03-09 15:55 - 2018-03-09 15:55 - 000001167 _____ () C:\Users\ohil\AppData\Roaming\pcouffin.inf
2018-03-09 15:55 - 2018-03-09 15:55 - 000000034 _____ () C:\Users\ohil\AppData\Roaming\pcouffin.log
2019-02-01 15:24 - 2019-02-01 15:24 - 000082816 _____ (VSO Software) C:\Users\ohil\AppData\Roaming\pcouffin.sys
2018-03-09 15:55 - 2018-03-09 16:25 - 000001189 _____ () C:\Users\ohil\AppData\Roaming\vso_ts_preview.xml
2018-10-01 17:19 - 2018-10-01 17:19 - 000000000 _____ () C:\Users\ohil\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu Win10 padají - modrá smrt
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o kontrolu Win10 padají - modrá smrt
ahoj,
na zaciatok odinstaluj vsetko od Eset-u + AVAST
restart
+ preinstaluj ovladac grafickej karty
na zaciatok odinstaluj vsetko od Eset-u + AVAST
restart
+ preinstaluj ovladac grafickej karty
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: prosím o kontrolu Win10 padají - modrá smrt
přes SDIO_x64_R708.exe jsem aktualizoval ovladače, Eset odinstalován, avast jsem zatím ponechal, musí taky pryč? Jak vypadá log z FRST?
Re: prosím o kontrolu Win10 padají - modrá smrt
takže jsem odinstaloval i Avast,testuji PC....
Re: prosím o kontrolu Win10 padají - modrá smrt
okrem chyb pamate su prave ovladace GK a Avast castou pricinou padov
treba testovat
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: prosím o kontrolu Win10 padají - modrá smrt
OK.
Budete mít pravdu... Zatím vše funguje OK. V případě, že by systém zlobil, dám zprávu.
Také jsem našel zprávu od Avastu, že jejich antivir může způsobovat problémy:
https://support.avast.com/cs-cz/article ... een-crash/
Nenapadlo by mne, že antivír Avast může být problémem. Tento program již nikdy nebudu instalovat na PC. Raději nainstaluji Pandu. Zjišťování problému mne vzalo tolik volného času, jako, kdybych odstraňoval vír. Pro mne je Avast ne antivír, ale vír v PC!!!
Budete mít pravdu... Zatím vše funguje OK. V případě, že by systém zlobil, dám zprávu.
Také jsem našel zprávu od Avastu, že jejich antivir může způsobovat problémy:
https://support.avast.com/cs-cz/article ... een-crash/
Nenapadlo by mne, že antivír Avast může být problémem. Tento program již nikdy nebudu instalovat na PC. Raději nainstaluji Pandu. Zjišťování problému mne vzalo tolik volného času, jako, kdybych odstraňoval vír. Pro mne je Avast ne antivír, ale vír v PC!!!
Re: prosím o kontrolu Win10 padají - modrá smrt
treba vsak povedat, ze aj AVAST ma mnozstvo spokojných pouzivatelov
ALE ak sposobuje problemy, prec s nim
ja osobne sa v domácom prostredi roky striedam s Avirou a BitDefenderom
ALE ak sposobuje problemy, prec s nim
ja osobne sa v domácom prostredi roky striedam s Avirou a BitDefenderom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: prosím o kontrolu Win10 padají - modrá smrt
Aviru jsem v minulosti taky používal, ale vadilo mi, že není v českém (slovenském) rozhraní...
Přispějete na provoz fóra?