VIRY.CZ

Nechaj zmazat vsetky nalezy Malwarebytes (ak si tak este neurobil). Nasledne posli aj log z mazania (ak ho to neponukne, tak bude vlavo v casti Spravy -> Zobrazit spravu - Exportovat -> Skopirovat do schranky).

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

Tohle jsem nechal zmazat, bohuzel log jsem nezalohoval. Pote jsem to spustil jeste jendou a vse bylo ciste

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 25.06.19
Čas skenování: 5:31
Logovací soubor: b029046a-96f9-11e9-8eb6-bcaec5b6e7f2.json

-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.586
Aktualizovat verzi balíku komponent: 1.0.11232
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 18362.175)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-KQ46S14\Slavicek

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 529771
Zjištěné hrozby: 44
Hrozby umístěné do karantény: 0
Uplynulý čas: 5 min, 41 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 25.06.19
Čas skenování: 5:31
Logovací soubor: b029046a-96f9-11e9-8eb6-bcaec5b6e7f2.json

-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.586
Aktualizovat verzi balíku komponent: 1.0.11232
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 18362.175)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-KQ46S14\Slavicek

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 529771
Zjištěné hrozby: 44
Hrozby umístěné do karantény: 0
Uplynulý čas: 5 min, 41 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 14
Trojan.Clicker, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\csrss, Žádná uživatelská akce, [3197], [431499],1.0.11232
Trojan.Clicker, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B5830178-3CE5-43C9-9826-3ADE9C86535D}, Žádná uživatelská akce, [3197], [431499],1.0.11232
Trojan.Clicker, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{B5830178-3CE5-43C9-9826-3ADE9C86535D}, Žádná uživatelská akce, [3197], [431499],1.0.11232
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\FLASHSERVIS, Žádná uživatelská akce, [436], [697281],1.0.11232
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B97DF53D-9DB4-4306-9F94-8F527FB0C6AB}, Žádná uživatelská akce, [436], [697281],1.0.11232
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{B97DF53D-9DB4-4306-9F94-8F527FB0C6AB}, Žádná uživatelská akce, [436], [697281],1.0.11232
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D718A7C8-07E9-4F89-94DD-8520AEFB9779}, Žádná uživatelská akce, [436], [697271],1.0.11232
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D718A7C8-07E9-4F89-94DD-8520AEFB9779}, Žádná uživatelská akce, [436], [697271],1.0.11232
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\7ZipUnis, Žádná uživatelská akce, [436], [697271],1.0.11232
PUP.Optional.1Bbot, HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\1BTC Software, Žádná uživatelská akce, [3476], [584329],1.0.11232
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, Žádná uživatelská akce, [467], [584322],1.0.11232
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, Žádná uživatelská akce, [467], [518478],1.0.11232
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, Žádná uživatelská akce, [467], [518476],1.0.11232
Trojan.MalPack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RubusFund 2.0, Žádná uživatelská akce, [547], [631644],1.0.11232

Hodnota v registru: 10
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Žádná uživatelská akce, [832], [259988],1.0.11232
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Žádná uživatelská akce, [832], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Žádná uživatelská akce, [832], [-1],0.0.0
Trojan.Downloader.E, HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\STARTUPAPPROVED\RUN|7304226, Žádná uživatelská akce, [3753], [451404],1.0.11232
Trojan.Downloader.E, HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\STARTUPAPPROVED\RUN|1796984, Žádná uživatelská akce, [3753], [451404],1.0.11232
Trojan.Clicker, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B5830178-3CE5-43C9-9826-3ADE9C86535D}|PATH, Žádná uživatelská akce, [3197], [431497],1.0.11232
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B97DF53D-9DB4-4306-9F94-8F527FB0C6AB}|PATH, Žádná uživatelská akce, [436], [697278],1.0.11232
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D718A7C8-07E9-4F89-94DD-8520AEFB9779}|PATH, Žádná uživatelská akce, [436], [697272],1.0.11232
PUP.Optional.CloudNet, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{2F57C7F8-CE95-4BB7-8709-4C21208B2284}, Žádná uživatelská akce, [6063], [446028],1.0.11232
Trojan.BitCoinMiner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{6D1C8152-5782-46DA-B579-91963A579134}, Žádná uživatelská akce, [623], [446017],1.0.11232

Data registrů: 5
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Žádná uživatelská akce, [832], [293485],1.0.11232
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Žádná uživatelská akce, [832], [293485],1.0.11232
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Žádná uživatelská akce, [832], [293485],1.0.11232
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Žádná uživatelská akce, [832], [293485],1.0.11232
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Žádná uživatelská akce, [832], [293486],1.0.11232

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 1
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\PGE7KV0ZBR, Žádná uživatelská akce, [3698], [357599],1.0.11232

Soubor: 14
Adware.Linkury.Generic, C:\USERS\SLAVICEK\APPDATA\LOCAL\MD.XML, Žádná uživatelská akce, [3737], [404866],1.0.11232
Adware.Linkury.Generic, C:\USERS\SLAVICEK\APPDATA\LOCAL\HatDonlax.tst, Žádná uživatelská akce, [3737], [404871],1.0.11232
Adware.Linkury.Generic, C:\USERS\SLAVICEK\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, Žádná uživatelská akce, [3737], [404862],1.0.11232
Adware.Linkury.Generic, C:\USERS\SLAVICEK\APPDATA\LOCAL\Vivalatlax.tst, Žádná uživatelská akce, [3737], [404871],1.0.11232
Trojan.Clicker, C:\WINDOWS\SYSTEM32\TASKS\CSRSS, Žádná uživatelská akce, [3197], [431499],1.0.11232
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\FLASHSERVIS, Žádná uživatelská akce, [436], [697281],1.0.11232
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\7ZIPUNIS, Žádná uživatelská akce, [436], [697271],1.0.11232
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\PGE7KV0ZBR\CAST.CONFIG, Žádná uživatelská akce, [3698], [357599],1.0.11232
Adware.Tuto4PC.Generic, C:\Program Files\PGE7KV0ZBR\PGE7KV0ZB.exe.config, Žádná uživatelská akce, [3698], [357599],1.0.11232
Adware.Tuto4PC.Generic, C:\Program Files\PGE7KV0ZBR\uninstaller.exe.config, Žádná uživatelská akce, [3698], [357599],1.0.11232
Adware.Linkury.Generic, C:\USERS\SLAVICEK\APPDATA\LOCAL\CONFIG.XML, Žádná uživatelská akce, [3737], [404859],1.0.11232
PUP.Optional.Spigot, C:\USERS\SLAVICEK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Žádná uživatelská akce, [162], [454814],1.0.11232
PUP.Optional.Linkury.Generic, C:\USERS\SLAVICEK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Žádná uživatelská akce, [212], [454805],1.0.11232
PUP.Optional.SonicSearch, C:\USERS\SLAVICEK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Žádná uživatelská akce, [386], [519968],1.0.11232

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Log z AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-25.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-27-2019
# Duration: 00:00:09
# OS: Windows 10 Pro
# Scanned: 27554
# Detected: 9

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

Adware.NeoBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C31FFFC8-E607-4B43-ABE6-B98F6F84AD0F}
PUP.Optional.Dreamtrips HKCU\Software\DreamTrips
PUP.Optional.MarginTrade HKCU\Software\Margin Trade

***** [ Chromium (and derivatives) ] *****

PUP.Optional.TouchVPN Touch VPN
PUP.Optional.TouchVPN Touch VPN

***** [ Chromium URLs ] *****

PUP.Optional.Legacy WebSearch
PUP.Optional.SofTonicAssistant Softonic EN
PUP.Optional.SofTonicAssistant Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

PUP.Optional.Legacy suggestqueries.google.com

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

log z mazani

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-25.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-27-2019
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 6
# Failed: 3

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\DreamTrips
Deleted HKCU\Software\Margin Trade
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C31FFFC8-E607-4B43-ABE6-B98F6F84AD0F}

***** [ Chromium (and derivatives) ] *****

Not Deleted Touch VPN
Not Deleted Touch VPN

***** [ Chromium URLs ] *****

Deleted Softonic EN
Deleted Softonic EN
Deleted WebSearch

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted suggestqueries.google.com

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1629 octets] - [27/06/2019 14:45:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK, poprosim o obidva nove logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2019
Ran by Slavicek (administrator) on DESKTOP-KQ46S14 (28-06-2019 16:47:14)
Running from C:\Users\Slavicek\Pictures\Adamko\Trash
Loaded Profiles: Slavicek (Available Profiles: Slavicek)
Platform: Windows 10 Pro Version 1903 18362.175 (X64) Language: Slovenština (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18111.17311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atiesrxx.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(SatoshiLabs s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [kbdsprt] => [X]
HKLM-x32\...\Run: [localSPM] => [X]
HKLM\...\Policies\Explorer\Run: [localSPM] => C:\WINDOWS\runkey.exe [469688 2018-12-07] (Clever Security Software Ltd -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\Run: [f.lux] => C:\Users\Slavicek\AppData\Local\FluxSoftware\Flux\flux.exe [1378824 2019-05-07] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [807936 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2019-06-25]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs s.r.o. -> )
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03843FF5-064A-4EC1-8085-228C120A954B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448080 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {07D073D0-2976-4723-A91C-16F8EC903D2B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-01-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1BF3B7B3-7C9E-4A80-8E77-2E3AF3528F9B} - System32\Tasks\Opera scheduled assistant Autoupdate 1547228286 => C:\Users\Slavicek\AppData\Local\Programs\Opera\launcher.exe
Task: {1E68C37B-7DF7-4C5F-8BAF-90CA8EEF1C9B} - System32\Tasks\Opera scheduled Autoupdate 1541932983 => C:\Users\Slavicek\AppData\Local\Programs\Opera\launcher.exe
Task: {2A543D90-5F36-436A-9364-7FD4E62453F8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113192 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {386D7F2A-6C56-4CE5-BEB2-E07F82D6A575} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4543648 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A7483C7-590C-499C-8C01-6FD414D66891} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491832 2019-06-13] (Bitdefender SRL -> Bitdefender)
Task: {53752D3B-1B5A-4889-B55B-D64CFA29158A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-01-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {62EC2D1E-B621-4B06-86BC-5D477C0ABD03} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26803808 2019-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DE46157-3CF6-4161-83DE-0710E152F1E3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448080 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1013120-30D4-48C9-9183-2905E114C700} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-79263149-2179494062-2174528413-1001UA => C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-07] (Google Inc -> Google Inc.)
Task: {B1AB443F-4825-4069-82B4-E5E1618813DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4543648 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAE24398-3875-4284-9C34-61DE3278F73F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113192 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB6168B3-8DB4-4EF2-8FFA-D1E3C0911BC3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26803808 2019-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F805A67D-09E7-4606-A6BE-AF6F2FC52129} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [725288 2017-12-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {FDBA97A5-221B-4173-9B14-12E26BB8F177} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-79263149-2179494062-2174528413-1001Core => C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-07] (Google Inc -> Google Inc.)
Task: {FE6DC139-C626-4C57-BD11-8A392E26E9D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-24] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{c7018ace-a901-41c6-926b-1b6789db9eee}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{d15c54cf-cdbb-4ccf-8eb4-c96569ce65b9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2018-10-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2018-10-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: vj5yttn1.default
FF ProfilePath: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\vj5yttn1.default [2019-06-24]
FF Homepage: Mozilla\Firefox\Profiles\vj5yttn1.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\vj5yttn1.default -> about:newtab
FF Extension: (Avast Online Security) - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\vj5yttn1.default\Extensions\wrc@avast.com.xpi [2019-06-24]
FF SearchPlugin: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\vj5yttn1.default\searchplugins\google-avast.xml [2019-06-24]
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2018-10-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2018-10-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-79263149-2179494062-2174528413-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-79263149-2179494062-2174528413-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default [2019-06-28]
CHR Extension: (Google Translate) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-12-07]
CHR Extension: (Slides) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-07]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2017-12-07]
CHR Extension: (Magio GO) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-12-07]
CHR Extension: (Docs) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-07]
CHR Extension: (Google Drive) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-07]
CHR Extension: (Session Manager) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2017-12-07]
CHR Extension: (Touch VPN) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-11-01]
CHR Extension: (Auto Copy) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijpdibkloghppkbmhcklkogpjaenfkg [2018-01-12]
CHR Extension: (Skype Calling) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-12-07]
CHR Extension: (YouTube) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-07]
CHR Extension: (Copy Without Formatting) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekbgkmeapobkbadclnkjfjdbpbcaobd [2017-12-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-22]
CHR Extension: (uBlock Origin) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-06-20]
CHR Extension: (Adblock for Youtube™) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-03-23]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-05]
CHR Extension: (Recent History) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbmkfdfomhhlonpbnpiibloacemdhjjm [2017-12-07]
CHR Extension: (Sheets) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-07]
CHR Extension: (Play to Kodi) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncjhcjfnnooidlkijollckpakkebden [2019-04-30]
CHR Extension: (AdBlock Premium) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2019-02-13]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2019-05-21]
CHR Extension: (Google Docs Offline) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-29]
CHR Extension: (IE Tab) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-06-15]
CHR Extension: (Disconnect) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2019-04-02]
CHR Extension: (CrxMouse Chrome™ Gestures) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2019-03-06]
CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2017-12-07]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2019-01-12]
CHR Extension: (Google Mail Checker) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2019-04-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (shortfuts) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\piepdojghinggmddebidfkhfbdaggnmh [2019-06-19]
CHR Extension: (Gmail) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR Extension: (Bypass Paywalls) - C:\Users\Slavicek\Pictures\Adamko\Trash\bypass-paywalls-chrome-master\bypass-paywalls-chrome-master [2019-06-23] [UpdateUrl:hxxps://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml] <==== ATTENTION
CHR Profile: C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-13]
CHR Profile: C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-06-13]
CHR Extension: (Slides) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-20]
CHR Extension: (Docs) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-20]
CHR Extension: (Google Drive) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-20]
CHR Extension: (Touch VPN) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-12-23]
CHR Extension: (YouTube) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-20]
CHR Extension: (Honey) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-12-23]
CHR Extension: (Adblock Plus) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-23]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2018-12-23]
CHR Extension: (Sheets) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-23]
CHR Extension: (AdBlock) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-23]
CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjknjjomckknofjidppipffbpoekiipm [2018-12-23]
CHR Extension: (Roblox+) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfbnmfgkohlfclfnplnlenbalpppohkm [2018-12-23]
CHR Extension: (Grammarly for Chrome) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-12-23]
CHR Extension: (TubeBuddy for YouTube) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2018-12-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-20]
CHR Extension: (Gmail) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-20]
CHR Profile: C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atiesrxx.exe [481768 2018-01-18] (Advanced Micro Devices, Inc. -> AMD)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-03-27] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-03-27] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11409504 2019-06-20] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-19] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-12-12] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2303792 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3175728 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1294448 2019-05-14] (Bitdefender SRL -> Bitdefender)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [238376 2019-05-23] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [238376 2019-05-23] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [238376 2019-05-23] (Bitdefender SRL -> Bitdefender)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atikmdag.sys [41703912 2018-01-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atikmpag.sys [546280 2018-01-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1551768 2019-05-15] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [395728 2019-05-03] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [298488 2019-05-10] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [374632 2018-11-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [188384 2018-11-28] (Bitdefender SRL -> BitDefender LLC)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-08-08] (Logitech Inc -> Logitech Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [611152 2019-01-28] (Bitdefender SRL -> Bitdefender)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-27 14:44 - 2019-06-27 14:46 - 000000000 ____D C:\AdwCleaner
2019-06-26 16:44 - 2019-06-26 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-06-24 22:08 - 2019-06-24 22:08 - 000000000 ____D C:\Users\Slavicek\AppData\Local\CrashDumps
2019-06-24 22:07 - 2019-06-24 22:07 - 000096872 _____ C:\ProgramData\cl.kit.1561406758.bdinstall.v2.bin
2019-06-24 22:06 - 2019-06-24 22:07 - 000161912 _____ C:\ProgramData\cl.1561406766.10032.v2.bin
2019-06-24 22:06 - 2019-06-24 22:07 - 000001432 _____ C:\ProgramData\cl.1561406766.2384.v2.bin
2019-06-24 22:05 - 2019-06-24 22:05 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2019-06-24 22:03 - 2019-06-24 22:03 - 000075592 _____ C:\ProgramData\agent.update.1561406560.bdinstall.v2.bin
2019-06-24 21:56 - 2019-06-24 21:56 - 000001192 ____C C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-06-24 21:55 - 2019-06-24 21:55 - 000001207 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free.lnk
2019-06-24 21:55 - 2019-06-24 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2019-06-24 21:55 - 2019-06-24 21:55 - 000000000 ____D C:\ProgramData\Bitdefender
2019-06-24 21:55 - 2019-05-15 15:11 - 001551768 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2019-06-24 21:55 - 2019-05-10 13:10 - 000298488 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2019-06-24 21:55 - 2019-05-03 19:18 - 000395728 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2019-06-24 21:55 - 2019-03-21 01:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2019-06-24 21:55 - 2019-01-28 10:38 - 000611152 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2019-06-24 21:55 - 2018-11-28 06:45 - 000188384 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2019-06-24 21:55 - 2018-11-19 14:10 - 000374632 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2019-06-24 21:54 - 2019-06-28 15:03 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-06-24 21:54 - 2019-06-24 21:54 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2019-06-24 21:52 - 2019-06-24 22:09 - 000000000 ____D C:\Program Files\Bitdefender Agent
2019-06-24 21:52 - 2019-06-24 21:52 - 000102012 _____ C:\ProgramData\agent.1561405973.bdinstall.v2.bin
2019-06-24 21:52 - 2019-06-24 21:52 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-06-24 16:29 - 2019-06-24 16:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-06-24 16:29 - 2019-06-24 16:29 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-06-24 16:28 - 2019-06-24 22:08 - 000000000 ____D C:\ProgramData\AVAST Software
2019-06-18 15:26 - 2019-06-18 15:26 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-06-18 15:09 - 2019-06-18 15:09 - 000000000 ___HD C:\$SysReset
2019-06-18 09:43 - 2019-06-27 15:09 - 002492808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-18 09:43 - 2019-06-24 22:08 - 000000270 __RSH C:\Users\Slavicek\ntuser.pol
2019-06-18 09:43 - 2019-06-18 09:43 - 000000020 ___SH C:\Users\Slavicek\ntuser.ini
2019-06-18 09:42 - 2019-06-27 15:03 - 000003148 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2019-06-18 09:42 - 2019-06-27 15:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-18 09:42 - 2019-06-18 15:27 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-79263149-2179494062-2174528413-1001
2019-06-18 09:42 - 2019-06-18 09:43 - 000003522 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-79263149-2179494062-2174528413-1001UA
2019-06-18 09:42 - 2019-06-18 09:43 - 000003254 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-79263149-2179494062-2174528413-1001Core
2019-06-18 09:42 - 2019-06-18 09:42 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-06-18 09:42 - 2019-06-18 09:42 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-06-18 09:42 - 2019-06-18 09:42 - 000003878 _____ C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1547228286
2019-06-18 09:42 - 2019-06-18 09:42 - 000003618 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1541932983
2019-06-18 09:42 - 2019-06-18 09:42 - 000002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2019-06-18 09:42 - 2019-06-18 09:42 - 000002060 _____ C:\WINDOWS\System32\Tasks\StartDVR
2019-06-18 09:42 - 2019-06-18 09:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-79263149-2179494062-2174528413-1001
2019-06-18 09:37 - 2019-06-18 09:37 - 000000000 ____D C:\ProgramData\USOShared
2019-06-18 09:36 - 2019-06-18 09:07 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-06-18 09:35 - 2019-06-28 15:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-18 09:35 - 2019-06-18 09:39 - 000484712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-18 09:27 - 2019-06-18 09:27 - 000066064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WinSetupBoot.sys
2019-06-18 09:12 - 2019-06-18 09:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-06-18 09:11 - 2019-06-24 22:08 - 000000000 ____D C:\Users\Slavicek
2019-06-18 09:11 - 2019-06-18 15:27 - 000002372 ____C C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-18 09:11 - 2019-06-18 09:12 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-06-18 09:08 - 2019-06-18 09:08 - 025445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 018006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 007802224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 007006720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 006141440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 005499904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 005014016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 004306944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 004128904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003525080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003486208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-18 09:08 - 2019-06-18 09:08 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 002398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001510960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001493944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001248256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001105776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000744248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000737552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-06-18 09:08 - 2019-06-18 09:08 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000420360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2019-06-18 09:07 - 2019-06-18 09:08 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-06-18 09:07 - 2019-06-18 09:07 - 025902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 022610944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 017786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 009917992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 008010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007887656 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007831368 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007757312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007275008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007241800 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007103488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006536976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006381568 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006225832 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006068328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006036480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 005939712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 005745504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 005071360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004577280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 004553616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004034048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004008448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003947520 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003915752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003734456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003725824 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 003684864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003590672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003373256 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003094528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002990392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 002769976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002763312 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-06-18 09:07 - 2019-06-18 09:07 - 002724352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 002698552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 002694144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002587328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002550584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002449456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002321408 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002178048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002117168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002081464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001999440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001954952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001944064 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001853440 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001830416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001754024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-18 09:07 - 2019-06-18 09:07 - 001745408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001721344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001647584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001635328 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001633648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001608704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001509728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001505808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001437184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001422848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001395600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001392144 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001366344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-18 09:07 - 2019-06-18 09:07 - 001363456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001283384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-18 09:07 - 2019-06-18 09:07 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001246000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001192088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001149200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001072168 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001068856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001065984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000939504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000911360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000909736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000888936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000888056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000879576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 000876856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000811192 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-06-18 09:07 - 2019-06-18 09:07 - 000811192 _____ C:\WINDOWS\system32\locale.nls
2019-06-18 09:07 - 2019-06-18 09:07 - 000804880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000773944 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000773168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000751256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000726328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000680760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000674792 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000673320 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000613904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-06-18 09:07 - 2019-06-18 09:07 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000529072 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-18 09:07 - 2019-06-18 09:07 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 000466624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000441352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-06-18 09:07 - 2019-06-18 09:07 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000401416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000379192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000358944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000338800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000267728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000261016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-06-18 09:07 - 2019-06-18 09:07 - 000223248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidclass.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000205112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000201256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000199688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000199184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000199184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000194176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-06-18 09:07 - 2019-06-18 09:07 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000161848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000146744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000146416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000139472 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000136720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameChatTranscription.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-06-18 09:07 - 2019-06-18 09:07 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000084520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000066360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidusb.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000037888 _____ C:\WINDOWS\system32\usocoreps.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-06-18 09:07 - 2019-06-18 09:07 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000021512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2019-06-18 09:04 - 2019-06-27 15:09 - 000707652 _____ C:\WINDOWS\system32\perfh005.dat
2019-06-18 09:04 - 2019-06-27 15:09 - 000144902 _____ C:\WINDOWS\system32\perfc005.dat
2019-06-18 09:04 - 2019-06-18 09:04 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-06-18 09:04 - 2019-06-18 09:04 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2019-06-18 09:04 - 2019-06-18 09:04 - 000000000 ____D C:\WINDOWS\system32\cs
2019-06-18 09:04 - 2019-06-18 09:03 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2019-06-18 09:04 - 2019-06-18 09:03 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2019-06-18 08:56 - 2019-06-18 08:56 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2019-06-18 08:56 - 2019-06-18 08:56 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-06-18 08:56 - 2019-06-18 08:56 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-06-18 08:55 - 2019-06-18 08:55 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-06-18 08:55 - 2019-06-18 08:55 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-06-18 08:55 - 2019-06-18 08:55 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-06-18 08:55 - 2019-06-18 08:55 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-06-18 08:55 - 2019-06-18 08:55 - 000000000 ____D C:\Program Files\MSBuild
2019-06-18 08:55 - 2019-06-18 08:55 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-06-18 08:55 - 2019-06-18 08:55 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-06-18 08:54 - 2019-06-18 08:55 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-06-18 08:54 - 2019-06-18 08:55 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-06-18 08:54 - 2019-06-18 08:55 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-06-18 08:54 - 2019-06-18 08:54 - 006472704 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0005.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 006359552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 005496832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-18 08:54 - 2019-06-18 08:54 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-06-18 08:54 - 2019-06-18 08:54 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-06-18 08:49 - 2019-06-18 08:49 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-06-18 08:13 - 2019-06-18 08:13 - 000000000 ___HD C:\$Windows.~WS
2019-06-18 08:08 - 2019-06-18 08:32 - 000000036 _____ C:\WINDOWS\progress.ini
2019-06-18 08:02 - 2019-06-28 16:47 - 000000000 ____D C:\FRST
2019-06-18 07:58 - 2019-06-18 09:43 - 000000000 ___HD C:\$GetCurrent
2019-06-18 07:58 - 2019-06-18 09:43 - 000000000 ____D C:\Windows10Upgrade
2019-06-18 07:58 - 2019-06-18 08:29 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2019-06-18 06:44 - 2019-06-18 09:35 - 000000000 ____D C:\Program Files\UNP
2019-06-15 13:23 - 2019-06-18 09:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-06-15 13:23 - 2019-06-15 13:23 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2019-06-15 13:23 - 2019-06-15 13:23 - 000000000 ____D C:\Program Files\CPUID
2019-06-14 16:58 - 2018-12-07 14:32 - 000469688 _____ C:\WINDOWS\runkey.exe
2019-06-13 16:00 - 2019-06-13 16:00 - 000000000 ____D C:\Users\Slavicek\AppData\Local\mbamtray
2019-06-13 16:00 - 2019-06-13 16:00 - 000000000 ____D C:\Users\Slavicek\AppData\Local\mbam
2019-06-13 15:43 - 2019-06-13 16:03 - 000000000 ____D C:\Users\Slavicek\AppData\Roaming\gxxxunc4lxy
2019-06-13 15:43 - 2019-06-13 15:43 - 000000000 ____D C:\ProgramData\Pader
2019-06-13 15:42 - 2019-06-13 16:03 - 000000000 ____D C:\Program Files (x86)\Rundll
2019-06-13 15:41 - 2019-06-24 22:08 - 000003274 __RSH C:\ProgramData\ntuser.pol
2019-06-13 15:40 - 2019-06-13 21:40 - 000000000 __SHD C:\ProgramData\FlashSys
2019-06-13 15:40 - 2019-06-13 15:54 - 000722944 _____ C:\Users\Slavicek\AppData\Local\sha.db
2019-06-13 15:40 - 2019-06-13 15:40 - 000000000 ___SH C:\Users\Slavicek\AppData\Roaming\6
2019-06-13 15:40 - 2019-06-13 15:40 - 000000000 ____D C:\Users\Slavicek\AppData\Local\AdvinstAnalytics
2019-06-09 14:40 - 2019-06-09 14:40 - 000000000 ____D C:\Users\Slavicek\AppData\Roaming\AMD
2019-06-09 14:38 - 2019-06-18 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2019-06-09 14:38 - 2019-06-09 14:43 - 000000000 ____D C:\Users\Slavicek\AppData\Roaming\obs-studio
2019-06-09 14:38 - 2019-06-09 14:38 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2019-06-09 14:38 - 2019-06-09 14:38 - 000000000 ____D C:\Program Files\obs-studio
2019-06-09 14:37 - 2019-06-09 14:37 - 069794432 _____ (obsproject.com) C:\Users\Slavicek\Desktop\OBS-Studio-23.1-Full-Installer-x64.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-28 16:47 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-28 15:52 - 2018-02-03 17:08 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\vlc
2019-06-28 15:10 - 2018-12-15 11:08 - 000000000 ___DC C:\Users\Slavicek\Desktop\Adamko
2019-06-27 15:09 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2019-06-27 15:09 - 2018-03-30 21:22 - 000625204 _____ C:\WINDOWS\system32\perfh01B.dat
2019-06-27 15:09 - 2018-03-30 21:22 - 000178132 _____ C:\WINDOWS\system32\perfc01B.dat
2019-06-27 15:02 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-27 15:02 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-27 15:02 - 2017-12-07 22:18 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-06-27 14:51 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-06-27 14:43 - 2018-03-28 13:14 - 000000000 ____D C:\ProgramData\Origin
2019-06-27 13:48 - 2018-03-28 13:16 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Origin
2019-06-26 16:44 - 2018-12-15 11:49 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-26 16:42 - 2018-10-03 19:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-26 16:35 - 2018-08-10 08:55 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\D3DSCache
2019-06-26 14:56 - 2018-03-28 13:16 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-06-25 20:13 - 2018-02-12 16:51 - 000000000 ____D C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
2019-06-24 22:37 - 2018-02-12 16:25 - 000000000 ____D C:\Program Files (x86)\FNMC Manager
2019-06-24 22:15 - 2018-01-23 16:19 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-06-24 22:15 - 2018-01-23 16:18 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-06-24 20:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-06-24 19:21 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-06-24 17:43 - 2017-12-07 23:08 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\PlaceholderTileLogoFolder
2019-06-24 16:32 - 2018-05-03 15:15 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-22 19:12 - 2018-10-04 19:11 - 000001432 ____C C:\Users\Slavicek\Desktop\Roblox Player.lnk
2019-06-22 19:12 - 2018-10-04 19:11 - 000001247 ____C C:\Users\Slavicek\Desktop\Roblox Studio.lnk
2019-06-22 19:12 - 2018-09-28 18:41 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-06-22 19:10 - 2018-03-28 13:15 - 000000000 ____D C:\Program Files (x86)\Origin
2019-06-22 18:05 - 2018-08-28 21:30 - 000006157 ____C C:\Users\Slavicek\Desktop\PS4.txt
2019-06-22 09:45 - 2018-01-23 16:21 - 000002171 ____C C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2019-06-20 06:38 - 2017-12-07 22:15 - 000002525 ____C C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 06:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-06-18 22:00 - 2018-03-12 15:41 - 000000000 __RDC C:\Users\Slavicek\Documents\Scanned Documents
2019-06-18 15:27 - 2017-12-07 22:13 - 000000000 ___RD C:\Users\Slavicek\OneDrive
2019-06-18 15:17 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-18 10:50 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-18 10:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-18 10:50 - 2018-08-10 09:11 - 000000000 ____D C:\ProgramData\Packages
2019-06-18 10:49 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-06-18 10:49 - 2017-12-07 22:11 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\Packages
2019-06-18 09:43 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-06-18 09:43 - 2017-12-07 22:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-18 09:43 - 2017-12-07 22:11 - 000000000 ___RD C:\Users\Slavicek\3D Objects
2019-06-18 09:40 - 2019-03-19 06:52 - 000000000 __RSD C:\WINDOWS\Media
2019-06-18 09:38 - 2019-04-06 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
2019-06-18 09:38 - 2019-03-19 06:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-06-18 09:38 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-06-18 09:38 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration
2019-06-18 09:38 - 2019-03-16 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClownfishVoiceChanger
2019-06-18 09:38 - 2019-01-12 17:56 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plague Inc Evolved
2019-06-18 09:38 - 2018-12-26 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod
2019-06-18 09:38 - 2018-12-18 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-06-18 09:38 - 2018-10-13 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-06-18 09:38 - 2018-09-30 09:44 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2019-06-18 09:38 - 2018-06-05 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash
2019-06-18 09:38 - 2018-03-28 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-06-18 09:38 - 2018-03-11 14:48 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
2019-06-18 09:38 - 2018-03-11 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2019-06-18 09:38 - 2018-02-12 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeKe
2019-06-18 09:38 - 2018-02-03 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-06-18 09:38 - 2018-01-23 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2019-06-18 09:38 - 2018-01-23 16:19 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2019-06-18 09:38 - 2018-01-23 16:18 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-06-18 09:38 - 2018-01-16 18:13 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2019-06-18 09:38 - 2018-01-15 18:34 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2019-06-18 09:38 - 2017-12-07 23:48 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-18 09:38 - 2017-12-07 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-18 09:38 - 2017-12-07 23:46 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2019-06-18 09:38 - 2017-12-07 22:17 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome
2019-06-18 09:35 - 2019-05-25 11:18 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-06-18 09:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-06-18 09:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-06-18 09:35 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-18 09:35 - 2019-03-19 06:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-06-18 09:35 - 2018-01-23 17:28 - 000000000 ____D C:\Program Files\AMD
2019-06-18 09:35 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-06-18 09:27 - 2019-03-19 06:56 - 000000000 ____D C:\WINDOWS\Setup
2019-06-18 09:12 - 2019-04-17 21:31 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-06-18 09:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-06-18 09:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Resources
2019-06-18 09:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Help
2019-06-18 09:12 - 2019-03-13 17:13 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-06-18 09:12 - 2018-12-18 17:49 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-06-18 09:12 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-06-18 09:12 - 2018-08-01 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-06-18 09:12 - 2018-01-23 17:51 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-18 09:04 - 2019-03-19 12:56 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-06-18 09:04 - 2019-03-19 12:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-06-18 09:04 - 2019-03-19 12:56 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\system32\winrm
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\system32\slmgr
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Com
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\IME
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-06-18 09:04 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2019-06-18 08:56 - 2019-03-19 07:00 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2019-06-18 08:56 - 2019-03-19 07:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2019-06-18 08:56 - 2019-03-19 07:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2019-06-18 08:56 - 2019-03-19 07:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2019-06-18 08:56 - 2019-03-19 07:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2019-06-18 08:56 - 2019-03-19 07:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2019-06-18 08:56 - 2019-03-19 07:00 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2019-06-18 08:56 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 001401344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2019-06-18 08:56 - 2019-03-19 06:58 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2019-06-18 08:56 - 2019-03-19 06:58 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2019-06-18 08:56 - 2019-03-19 06:58 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2019-06-18 08:56 - 2019-03-19 06:58 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2019-06-18 08:56 - 2019-03-19 06:58 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2019-06-18 08:56 - 2019-03-19 06:58 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2019-06-18 08:56 - 2019-03-19 06:58 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2019-06-18 08:56 - 2019-03-19 06:57 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2019-06-18 08:56 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2019-06-18 08:54 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\OCR
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-06-18 08:17 - 2018-10-24 22:08 - 000000000 ____D C:\ESD
2019-06-14 17:01 - 2019-05-25 18:42 - 000000000 ____D C:\ProgramData\SMART Technologies
2019-06-14 16:57 - 2018-11-11 12:43 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\Opera Software
2019-06-14 16:57 - 2018-11-11 12:42 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Opera Software
2019-06-14 16:57 - 2018-05-03 15:15 - 000000000 ___DC C:\Users\Slavicek\AppData\LocalLow\Mozilla
2019-06-13 16:16 - 2019-01-12 19:38 - 000000000 ____D C:\Users\Slavicek\Downloads\opera autoupdate
2019-06-12 17:21 - 2019-03-13 17:13 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Discord
2019-06-12 10:30 - 2018-09-27 22:35 - 000000000 ___DC C:\Users\Slavicek\Desktop\kupa ps4
2019-06-11 20:18 - 2017-12-08 00:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-11 20:16 - 2017-12-08 00:18 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-08 23:28 - 2018-01-15 18:33 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\JDownloader 2.0
2019-06-08 11:21 - 2019-03-16 09:03 - 000000344 ____C C:\Users\Slavicek\Documents\ClownfishVoiceChanger.ini
2019-06-05 16:01 - 2018-03-02 18:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-06-04 17:20 - 2019-05-26 17:09 - 000000000 ___DC C:\Users\Slavicek\Desktop\tabulka herbar

==================== Files in the root of some directories ================

2019-04-17 17:11 - 2019-04-17 17:11 - 005294464 _____ (Microsoft Corporation) C:\Users\Slavicek\setup.exe
2019-06-13 15:40 - 2019-06-13 15:40 - 000000000 ___SH () C:\Users\Slavicek\AppData\Roaming\6
2019-03-19 06:43 - 2019-03-19 06:43 - 000000273 ___SH () C:\Users\Slavicek\AppData\Roaming\frdesci
2017-12-08 00:04 - 2017-12-08 00:04 - 000007604 ____C () C:\Users\Slavicek\AppData\Local\Resmon.ResmonCfg
2019-06-13 15:40 - 2019-06-13 15:54 - 000722944 _____ () C:\Users\Slavicek\AppData\Local\sha.db

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by Slavicek (28-06-2019 16:49:04)
Running from C:\Users\Slavicek\Pictures\Adamko\Trash
Windows 10 Pro Version 1903 18362.175 (X64) (2019-06-18 07:43:39)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-79263149-2179494062-2174528413-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-79263149-2179494062-2174528413-503 - Limited - Disabled)
Guest (S-1-5-21-79263149-2179494062-2174528413-501 - Limited - Disabled)
Slavicek (S-1-5-21-79263149-2179494062-2174528413-1001 - Administrator - Enabled) => C:\Users\Slavicek
WDAGUtilityAccount (S-1-5-21-79263149-2179494062-2174528413-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.1.1 - Advanced Micro Devices, Inc.)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.15.120 - Bitdefender)
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version: - )
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
Discord (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\Flux) (Version: - f.lux Software LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
GnuCash 3.1 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team)
Google Chrome (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life Is Strange - Complete First Season verze 1.0 u13 (HKLM-x32\...\{2EC1CC17-23FA-49C5-898C-F15B3F708B7E}_is1) (Version: 1.0 u13 - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.11727.20210 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 61.0.2 (x64 sk)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.3 - Mozilla)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.40.26928 - Electronic Arts, Inc.)
paint.net (HKLM\...\{B998B716-4001-4919-BA90-BA14B51DFEB5}) (Version: 4.1.6 - dotPDN LLC)
Plague Inc Evolved (HKLM-x32\...\Plague Inc Evolved) (Version: - Plague Inc Evolved)
RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder)
Roblox Player for Slavicek (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Slavicek (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\roblox-studio) (Version: - Roblox Corporation)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.52.100.1020 - Electronic Arts Inc.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.2) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_1.7.0.0_x64__tf1gferkr813w [2017-12-07] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_4.1.2.0_x86__kgqvnymyfvs32 [2017-12-07] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.101.900.0_x86__kgqvnymyfvs32 [2017-12-07] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_2.6.0.9_x86__h6adky7gbf63m [2017-12-07] (Gameloft.)
File Viewer Plus -> C:\Program Files\WindowsApps\SharpenedProductions.FileViewerPlus_3.1.1.0_x86__xkt78gamzntbr [2018-12-16] (Sharpened Productions)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_85.1.379.0_x64__v10z8vjag6ke6 [2018-08-10] (HP Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_2.9.0.10_x86__h6adky7gbf63m [2017-12-07] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1804.2.0_x86__8wekyb3d8bbwe [2019-04-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.2212.0_x64__8wekyb3d8bbwe [2017-12-07] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Corporation) [MS Ad]
TVHPlayer Beta -> C:\Program Files\WindowsApps\9388Wally.465111A6D3D5_0.9.2.5_x86__srjp817t7b3e0 [2018-02-03] (Wally)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.1.18.0_x64__3ykzqggjzj4z0 [2017-12-07] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\75.0.3770.100\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-01-12] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-06-05 06:13 - 2017-06-05 06:13 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-06-05 06:13 - 2017-06-05 06:13 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-01-12 17:59 - 2018-01-12 17:59 - 000155688 _____ (AMD PMP-PE CB Code Signer v20170331 -> Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
2018-03-28 13:15 - 2018-03-28 13:15 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-03-28 13:15 - 2018-03-28 13:15 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2018-03-28 13:15 - 2019-05-25 09:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000237568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 001336832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-01-12 17:42 - 2018-01-12 17:42 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 006045696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 001204736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 003234304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 068669952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000110080 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000283136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24065894.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29618489.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24065894.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\29618489.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2019-06-13 15:42 - 000001116 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 sharefolder.online
127.0.0.1 telechargini.com
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Slavicek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20190623_115234.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "3XBF5784YLKYYGS"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "seemzxo"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{03513F34-92B9-4159-9D45-25E792C05DEA}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{6A536E7A-8E44-4524-A015-0B3AE2EF2758}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{CB5CA05E-19A5-4B8C-9BDC-C36422E9A1A2}] => (Allow) C:\Users\Slavicek\AppData\Local\Programs\Opera\60.0.3255.151\opera.exe No File
FirewallRules: [{EB92E8D1-018A-4798-83E7-452A4A94CA0C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53B2B6EB-E441-4621-A27C-E787C96C45ED}] => (Allow) C:\Users\Slavicek\AppData\Local\Programs\Opera\60.0.3255.109\opera.exe No File
FirewallRules: [UDP Query User{C7ED3982-2FA5-4641-A7E1-A76E6218DE34}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{37BF5091-A596-474C-895B-15D57AF62A1D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{80CA397F-28C0-4324-A944-64D3AE847B31}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B6F84E87-F3A6-4FCC-8AAD-EC6F4012977A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{773B181C-39B5-4CAE-A59C-58A29C33978E}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C48DA8F7-478C-49D2-826B-38A28941F83D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BB8013A1-8737-4796-974B-FEC547E46011}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B4785CCF-2BF9-4073-B95E-CDD5A5B7E5AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4632AB01-333F-425E-9928-32DD9DEEC0C4}] => (Allow) LPort=5558
FirewallRules: [{E46849C2-A68F-4A05-A31D-D7AED9CEC7F1}] => (Allow) LPort=5556
FirewallRules: [UDP Query User{C4C4583E-4F9D-4352-97E4-37933D8DEF9D}C:\users\slavicek\desktop\odorik.exe] => (Allow) C:\users\slavicek\desktop\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [TCP Query User{5A872D68-D54C-4FF2-AAEA-1E1D5677C520}C:\users\slavicek\desktop\odorik.exe] => (Allow) C:\users\slavicek\desktop\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [{4A314205-58FA-4627-B21E-65541C998966}] => (Block) C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5891494F-428A-495B-AAD4-44EFB87EFA30}] => (Block) C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{59C644F9-81E3-4E6B-9BB6-5393916B4DBE}C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{03994D94-3F24-4EBA-9C0F-75D2129C31D8}C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{28819002-4F9A-4009-9115-BB46B6D616DF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [UDP Query User{0DB069FE-766F-4822-9D31-C851767C5AE5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [{6EC6DAC7-B3B7-4A97-B35B-EA1C502533A4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BDD97B8D-0757-4C58-BFB0-52292BF6F71B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D81B8BD3-3B67-474B-BA6D-72323733FC90}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{DB4862B7-1CCF-4A9E-8DE8-028661F902C9}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{BC7B43CA-FB4B-41AC-813B-53D919F4B380}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{BDB3C070-E70C-4E42-8F61-586C39B065D9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{21D88489-CFD7-45BD-8BBB-1102D7AC41BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{08C3FB04-6BD8-4D9E-BF37-A6ED81186C0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F7CC01F0-022A-4F39-BB12-B3B175F6AF59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{77E768F0-6AEE-41B1-AB2E-1B3F10B0E7F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E2CB89DF-2405-43EA-A234-247400346EB2}] => (Allow) D:1\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [{707EDAE2-899A-4843-9D1F-6DA8E56FAE0C}] => (Allow) D:1\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [{958CB981-D5FB-4B77-A164-8E8A7FBA2665}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C16555BE-0705-47B9-8006-C0F2B77A340A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A7F06730-A410-438D-8873-B1282607A9A2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34EE703D-91F4-4DC4-831F-8FFA67A2B85C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{07B99EB4-C9D7-47C2-B401-74FB262FF525}D:\xgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\xgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{806382E6-DB0C-451E-91F8-0F8CB29398BB}D:\xgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\xgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E9E85B90-8151-4607-BD85-7B12830AA327}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{42C37B5A-BEF7-4BED-A76A-F2B767FB1397}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{6A9210C1-805D-496E-9637-89E46F38576D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{53329BC7-A8FF-479B-A350-48A0BF0753EC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{897727BA-5DD0-402D-8ECE-10DAF261B55D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{CA8DE110-38E6-47CB-AC5B-2A975DF54D50}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/27/2019 03:02:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, A system shutdown is in progress.
.

Error: (06/27/2019 03:02:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, A system shutdown is in progress.
]

Error: (06/25/2019 04:08:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, A system shutdown is in progress.
.

Error: (06/25/2019 04:08:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, A system shutdown is in progress.
]

Error: (06/24/2019 06:25:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, A system shutdown is in progress.
.

Error: (06/24/2019 06:25:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, A system shutdown is in progress.
]

System errors:
=============
Error: (06/28/2019 04:49:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (06/28/2019 04:49:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/28/2019 04:47:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (06/28/2019 04:47:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ46S14)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/28/2019 04:45:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (06/28/2019 04:45:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/28/2019 04:43:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (06/28/2019 04:43:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ46S14)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

CodeIntegrity:
===================================

Date: 2019-06-24 20:55:25.167
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-06-24 20:55:25.154
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1608 05/10/2011
Motherboard: ASUSTeK Computer INC. P8P67
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 21%
Total physical RAM: 16360.79 MB
Available physical RAM: 12921.83 MB
Total Virtual: 17384.79 MB
Available Virtual: 12281.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:88.89 GB) (Free:26.8 GB) NTFS
Drive d: (Nový zväzok) (Fixed) (Total:345.57 GB) (Free:14.99 GB) NTFS
Drive e: (Install_FIlmy) (Fixed) (Total:585.94 GB) (Free:64.87 GB) NTFS
Drive f: (Nový zväzok) (Fixed) (Total:376.27 GB) (Free:64.24 GB) NTFS
Drive g: () (Fixed) (Total:110 GB) (Free:5.26 GB) NTFS
Drive h: (Adrika) (Fixed) (Total:109.89 GB) (Free:7.91 GB) NTFS

\\?\Volume{05a743f9-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.54 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4284FF7D)
Partition 1: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 9B64CFD8)
Partition 1: (Not Active) - (Size=376.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.9 GB) - (Type=0F Extended)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 89.4 GB) (Disk ID: 05A743F9)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=88.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

jinak stale nejde windows defender, asi to ten trojan musel kompletne vymazat. Ve sluzbach chybi Windows Security Center Service(wscsvc), zkousel take z MS stranek upgrade na nejnovejsi verzi win 10, ale nefixlo se to....
nepomohl ani tenhle navod
https://appuals.com/fix-the-windows-sec ... e-started/

Podle logu z FRST take chybi Windows Update Service (wuauserv)

A jeste neco, UPC odepsalo, ze podezrela aktivita byla pres port 25

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\Users\Slavicek\setup.exe
File: C:\Users\Slavicek\setup.exe
File: C:\WINDOWS\system32\rtvcvfw64.dll
File: C:\Windows\SysWOW64\rtvcvfw32.dll

HKLM-x32\...\Run: [kbdsprt] => [X]
HKLM-x32\...\Run: [localSPM] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {1BF3B7B3-7C9E-4A80-8E77-2E3AF3528F9B} - System32\Tasks\Opera scheduled assistant Autoupdate 1547228286 => C:\Users\Slavicek\AppData\Local\Programs\Opera\launcher.exe
Task: {1E68C37B-7DF7-4C5F-8BAF-90CA8EEF1C9B} - System32\Tasks\Opera scheduled Autoupdate 1541932983 => C:\Users\Slavicek\AppData\Local\Programs\Opera\launcher.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
FF Homepage: Mozilla\Firefox\Profiles\vj5yttn1.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\vj5yttn1.default -> about:newtab
S3 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc [X]
2019-04-17 17:11 - 2019-04-17 17:11 - 005294464 _____ (Microsoft Corporation) C:\Users\Slavicek\setup.exe
2019-06-13 15:40 - 2019-06-13 15:40 - 000000000 ___SH () C:\Users\Slavicek\AppData\Roaming\6
2019-03-19 06:43 - 2019-03-19 06:43 - 000000273 ___SH () C:\Users\Slavicek\AppData\Roaming\frdesci
2019-06-13 15:40 - 2019-06-13 15:54 - 000722944 _____ () C:\Users\Slavicek\AppData\Local\sha.db
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24065894.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29618489.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24065894.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\29618489.sys => ""="Driver"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "3XBF5784YLKYYGS"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "seemzxo"

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by Slavicek (28-06-2019 21:12:02) Run:1
Running from C:\Users\Slavicek\Pictures\Adamko\Trash
Loaded Profiles: Slavicek (Available Profiles: Slavicek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\Users\Slavicek\setup.exe
File: C:\Users\Slavicek\setup.exe
File: C:\WINDOWS\system32\rtvcvfw64.dll
File: C:\Windows\SysWOW64\rtvcvfw32.dll

HKLM-x32\...\Run: [kbdsprt] => [X]
HKLM-x32\...\Run: [localSPM] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {1BF3B7B3-7C9E-4A80-8E77-2E3AF3528F9B} - System32\Tasks\Opera scheduled assistant Autoupdate 1547228286 => C:\Users\Slavicek\AppData\Local\Programs\Opera\launcher.exe
Task: {1E68C37B-7DF7-4C5F-8BAF-90CA8EEF1C9B} - System32\Tasks\Opera scheduled Autoupdate 1541932983 => C:\Users\Slavicek\AppData\Local\Programs\Opera\launcher.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FF Homepage: Mozilla\Firefox\Profiles\vj5yttn1.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\vj5yttn1.default -> about:newtab
S3 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc [X]
2019-04-17 17:11 - 2019-04-17 17:11 - 005294464 _____ (Microsoft Corporation) C:\Users\Slavicek\setup.exe
2019-06-13 15:40 - 2019-06-13 15:40 - 000000000 ___SH () C:\Users\Slavicek\AppData\Roaming\6
2019-03-19 06:43 - 2019-03-19 06:43 - 000000273 ___SH () C:\Users\Slavicek\AppData\Roaming\frdesci
2019-06-13 15:40 - 2019-06-13 15:54 - 000722944 _____ () C:\Users\Slavicek\AppData\Local\sha.db
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24065894.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29618489.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24065894.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\29618489.sys => ""="Driver"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "3XBF5784YLKYYGS"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "seemzxo"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 742
Average :
Sum : 3059570883
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

VirusTotal: C:\Users\Slavicek\setup.exe => https://www.virustotal.com/file/4f5c5cb ... 559722394/

========================= File: C:\Users\Slavicek\setup.exe ========================

C:\Users\Slavicek\setup.exe
File is digitally signed
MD5: 5B51ECE9852B92CFD1D3946D5940EED5
Creation and modification date: 2019-04-17 17:11 - 2019-04-17 17:11
Size: 005294464
Attributes: ----A
Company Name: Microsoft Corporation -> Microsoft Corporation
Internal Name: Bootstrapper.exe
Original Name: Bootstrapper.exe
Product: Microsoft Office
Description: Microsoft Office
File Version: 16.0.11617.33601
Product Version: 16.0.11617.33601
Copyright:
VirusTotal: https://www.virustotal.com/file/4f5c5cb ... 559722394/

====== End of File: ======

========================= File: C:\WINDOWS\system32\rtvcvfw64.dll ========================

C:\WINDOWS\system32\rtvcvfw64.dll
File not signed
MD5: AF47D6660569DFA46BC4E1CD21E1624B
Creation and modification date: 2012-09-28 21:45 - 2012-09-28 21:45
Size: 000246272
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/a126f29 ... 561515592/

====== End of File: ======

========================= File: C:\Windows\SysWOW64\rtvcvfw32.dll ========================

C:\Windows\SysWOW64\rtvcvfw32.dll
File not signed
MD5: 03944ABAE856DC164BD167526E07E953
Creation and modification date: 2012-09-28 21:45 - 2012-09-28 21:45
Size: 000247296
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/746f4cc ... 561602171/

====== End of File: ======

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\kbdsprt" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\localSPM" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BF3B7B3-7C9E-4A80-8E77-2E3AF3528F9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BF3B7B3-7C9E-4A80-8E77-2E3AF3528F9B}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1547228286 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1547228286" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E68C37B-7DF7-4C5F-8BAF-90CA8EEF1C9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E68C37B-7DF7-4C5F-8BAF-90CA8EEF1C9B}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1541932983 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1541932983" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"Firefox homepage" => removed successfully
"Firefox newtab" => removed successfully
HKLM\System\CurrentControlSet\Services\AvastWscReporter => removed successfully
AvastWscReporter => service removed successfully
C:\Users\Slavicek\setup.exe => moved successfully
C:\Users\Slavicek\AppData\Roaming\6 => moved successfully
C:\Users\Slavicek\AppData\Roaming\frdesci => moved successfully
C:\Users\Slavicek\AppData\Local\sha.db => moved successfully
HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\24065894.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\29618489.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\24065894.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\29618489.sys => removed successfully
"HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\3XBF5784YLKYYGS" => removed successfully
"HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\3XBF5784YLKYYGS" => not found
"HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\seemzxo" => removed successfully
"HKU\S-1-5-21-79263149-2179494062-2174528413-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\seemzxo" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63514865 B
Java, Flash, Steam htmlcache => 51168707 B
Windows/system/drivers => 703389884 B
Edge => 7553013 B
Chrome => 648834582 B
Firefox => 190766730 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6656 B
LocalService => 0 B
NetworkService => 6656 B
NetworkService => 0 B
Slavicek => 612102973 B

RecycleBin => 1893545 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:15:18 ====

Spusti kontrolu integrity systemovych suborov:

Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca

Skopiruj a spusti prikaz:

Kód: Vybrat vše

DISM.exe /Online /Cleanup-image /Restorehealth

Po dokonceni skopiruj a spusti druhy prikaz:
Kód: Vybrat vše
```
sfc /scannow
```

Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

Kód: Vybrat vše

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
Restartuj PC a napis ako sa chova PC

Microsoft Windows [Version 10.0.18362.175]
(c) 2019 Microsoft Corporation. Všechna práva vyhrazena.

C:\WINDOWS\system32>DISM.exe /Online /Cleanup-image /Restorehealth

Deployment Image Servicing and Management tool
Version: 10.0.18362.1

Image Version: 10.0.18362.175

[==========================100.0%==========================] The restore operation completed successfully.
The operation completed successfully.

C:\WINDOWS\system32>sfc /scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.

C:\WINDOWS\system32>findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
1 file(s) copied.

C:\WINDOWS\system32>

Po restartu vyskocila hlaska, zda nechci zapnout centrum zabezpeceni, po odsouhlaseni=

: popup.png (4.19 KiB) Zobrazeno 1916 x

Poprosim o obidva nove logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2019
Ran by Slavicek (administrator) on DESKTOP-KQ46S14 (30-06-2019 08:54:13)
Running from C:\Users\Slavicek\Pictures\Adamko\Trash
Loaded Profiles: Slavicek (Available Profiles: Slavicek)
Platform: Windows 10 Pro Version 1903 18362.175 (X64) Language: Slovenština (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.19418.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18111.17311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atiesrxx.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(SatoshiLabs s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [localSPM] => C:\WINDOWS\runkey.exe [469688 2018-12-07] (Clever Security Software Ltd -> )
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\Run: [f.lux] => C:\Users\Slavicek\AppData\Local\FluxSoftware\Flux\flux.exe [1378824 2019-05-07] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [807936 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2019-06-25]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs s.r.o. -> )

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03843FF5-064A-4EC1-8085-228C120A954B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448080 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {07D073D0-2976-4723-A91C-16F8EC903D2B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-01-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {2A543D90-5F36-436A-9364-7FD4E62453F8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113192 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {386D7F2A-6C56-4CE5-BEB2-E07F82D6A575} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4543648 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A7483C7-590C-499C-8C01-6FD414D66891} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491832 2019-06-13] (Bitdefender SRL -> Bitdefender)
Task: {53752D3B-1B5A-4889-B55B-D64CFA29158A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-01-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {62EC2D1E-B621-4B06-86BC-5D477C0ABD03} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26803808 2019-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DE46157-3CF6-4161-83DE-0710E152F1E3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448080 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A498BBF4-1085-445C-96C1-0BD8D46A2C39} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [725288 2017-12-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {B1013120-30D4-48C9-9183-2905E114C700} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-79263149-2179494062-2174528413-1001UA => C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-07] (Google Inc -> Google Inc.)
Task: {B1AB443F-4825-4069-82B4-E5E1618813DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4543648 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAE24398-3875-4284-9C34-61DE3278F73F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113192 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB6168B3-8DB4-4EF2-8FFA-D1E3C0911BC3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26803808 2019-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDBA97A5-221B-4173-9B14-12E26BB8F177} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-79263149-2179494062-2174528413-1001Core => C:\Users\Slavicek\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-07] (Google Inc -> Google Inc.)
Task: {FE6DC139-C626-4C57-BD11-8A392E26E9D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-24] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{c7018ace-a901-41c6-926b-1b6789db9eee}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{d15c54cf-cdbb-4ccf-8eb4-c96569ce65b9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-79263149-2179494062-2174528413-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-79263149-2179494062-2174528413-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2018-10-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2018-10-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: vj5yttn1.default
FF ProfilePath: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\vj5yttn1.default [2019-06-28]
FF Extension: (Avast Online Security) - C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\vj5yttn1.default\Extensions\wrc@avast.com.xpi [2019-06-24]
FF SearchPlugin: C:\Users\Slavicek\AppData\Roaming\Mozilla\Firefox\Profiles\vj5yttn1.default\searchplugins\google-avast.xml [2019-06-24]
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2018-10-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2018-10-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-79263149-2179494062-2174528413-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-79263149-2179494062-2174528413-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default [2019-06-30]
CHR Extension: (Google Translate) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-12-07]
CHR Extension: (Slides) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-07]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2017-12-07]
CHR Extension: (Magio GO) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-12-07]
CHR Extension: (Docs) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-07]
CHR Extension: (Google Drive) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-07]
CHR Extension: (Session Manager) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2017-12-07]
CHR Extension: (Touch VPN) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-11-01]
CHR Extension: (Auto Copy) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijpdibkloghppkbmhcklkogpjaenfkg [2018-01-12]
CHR Extension: (Skype Calling) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-12-07]
CHR Extension: (YouTube) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-07]
CHR Extension: (Copy Without Formatting) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekbgkmeapobkbadclnkjfjdbpbcaobd [2017-12-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-22]
CHR Extension: (uBlock Origin) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-06-20]
CHR Extension: (Adblock for Youtube™) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-03-23]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-05]
CHR Extension: (Recent History) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbmkfdfomhhlonpbnpiibloacemdhjjm [2017-12-07]
CHR Extension: (Sheets) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-07]
CHR Extension: (Play to Kodi) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncjhcjfnnooidlkijollckpakkebden [2019-04-30]
CHR Extension: (AdBlock Premium) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2019-02-13]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2019-05-21]
CHR Extension: (Google Docs Offline) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-29]
CHR Extension: (IE Tab) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-06-15]
CHR Extension: (Disconnect) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2019-04-02]
CHR Extension: (CrxMouse Chrome™ Gestures) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2019-03-06]
CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2017-12-07]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2019-01-12]
CHR Extension: (Google Mail Checker) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2019-04-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (shortfuts) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\piepdojghinggmddebidfkhfbdaggnmh [2019-06-19]
CHR Extension: (Gmail) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR Extension: (Bypass Paywalls) - C:\Users\Slavicek\Pictures\Adamko\Trash\bypass-paywalls-chrome-master\bypass-paywalls-chrome-master [2019-06-23] [UpdateUrl:hxxps://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml] <==== ATTENTION
CHR Profile: C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-28]
CHR Profile: C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-06-28]
CHR Extension: (Slides) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-20]
CHR Extension: (Docs) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-20]
CHR Extension: (Google Drive) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-20]
CHR Extension: (Touch VPN) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-12-23]
CHR Extension: (YouTube) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-20]
CHR Extension: (Honey) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-12-23]
CHR Extension: (Adblock Plus) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-23]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2018-12-23]
CHR Extension: (Sheets) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-23]
CHR Extension: (AdBlock) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-23]
CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjknjjomckknofjidppipffbpoekiipm [2018-12-23]
CHR Extension: (Roblox+) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfbnmfgkohlfclfnplnlenbalpppohkm [2018-12-23]
CHR Extension: (Grammarly for Chrome) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-12-23]
CHR Extension: (TubeBuddy for YouTube) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2018-12-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-20]
CHR Extension: (Gmail) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-20]
CHR Profile: C:\Users\Slavicek\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atiesrxx.exe [481768 2018-01-18] (Advanced Micro Devices, Inc. -> AMD)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-03-27] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-03-27] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11409504 2019-06-20] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-19] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-12-12] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2303792 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3175728 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1294448 2019-05-14] (Bitdefender SRL -> Bitdefender)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [238376 2019-05-23] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [238376 2019-05-23] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [238376 2019-05-23] (Bitdefender SRL -> Bitdefender)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atikmdag.sys [41703912 2018-01-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atikmpag.sys [546280 2018-01-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1551768 2019-05-15] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [395728 2019-05-03] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [298488 2019-05-10] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [374632 2018-11-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [188384 2018-11-28] (Bitdefender SRL -> BitDefender LLC)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-08-08] (Logitech Inc -> Logitech Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [611152 2019-01-28] (Bitdefender SRL -> Bitdefender)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-29 16:23 - 2019-06-29 16:23 - 000000000 ____D C:\WINDOWS\Panther
2019-06-29 12:18 - 2019-06-29 12:18 - 000017909 ____C C:\Users\Slavicek\Desktop\Desktop.rar
2019-06-29 12:14 - 2019-06-29 12:14 - 000126733 ____C C:\Users\Slavicek\Desktop\sfcdetails.txt
2019-06-29 12:14 - 2019-06-29 12:00 - 000309152 ____C C:\Users\Slavicek\Desktop\dism.txt
2019-06-28 17:26 - 2019-06-28 18:01 - 000000140 _____ C:\WINDOWS\Reimage.ini
2019-06-27 14:44 - 2019-06-27 14:46 - 000000000 ____D C:\AdwCleaner
2019-06-26 16:44 - 2019-06-26 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-06-24 22:08 - 2019-06-24 22:08 - 000000000 ____D C:\Users\Slavicek\AppData\Local\CrashDumps
2019-06-24 22:07 - 2019-06-24 22:07 - 000096872 _____ C:\ProgramData\cl.kit.1561406758.bdinstall.v2.bin
2019-06-24 22:06 - 2019-06-24 22:07 - 000161912 _____ C:\ProgramData\cl.1561406766.10032.v2.bin
2019-06-24 22:06 - 2019-06-24 22:07 - 000001432 _____ C:\ProgramData\cl.1561406766.2384.v2.bin
2019-06-24 22:05 - 2019-06-24 22:05 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2019-06-24 22:03 - 2019-06-24 22:03 - 000075592 _____ C:\ProgramData\agent.update.1561406560.bdinstall.v2.bin
2019-06-24 21:56 - 2019-06-24 21:56 - 000001192 ____C C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-06-24 21:55 - 2019-06-24 21:55 - 000001207 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free.lnk
2019-06-24 21:55 - 2019-06-24 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2019-06-24 21:55 - 2019-06-24 21:55 - 000000000 ____D C:\ProgramData\Bitdefender
2019-06-24 21:55 - 2019-05-15 15:11 - 001551768 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2019-06-24 21:55 - 2019-05-10 13:10 - 000298488 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2019-06-24 21:55 - 2019-05-03 19:18 - 000395728 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2019-06-24 21:55 - 2019-03-21 01:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2019-06-24 21:55 - 2019-01-28 10:38 - 000611152 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2019-06-24 21:55 - 2018-11-28 06:45 - 000188384 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2019-06-24 21:55 - 2018-11-19 14:10 - 000374632 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2019-06-24 21:54 - 2019-06-29 19:30 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-06-24 21:54 - 2019-06-24 21:54 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2019-06-24 21:52 - 2019-06-24 22:09 - 000000000 ____D C:\Program Files\Bitdefender Agent
2019-06-24 21:52 - 2019-06-24 21:52 - 000102012 _____ C:\ProgramData\agent.1561405973.bdinstall.v2.bin
2019-06-24 21:52 - 2019-06-24 21:52 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-06-24 16:29 - 2019-06-24 16:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-06-24 16:29 - 2019-06-24 16:29 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-06-24 16:28 - 2019-06-24 22:08 - 000000000 ____D C:\ProgramData\AVAST Software
2019-06-18 15:26 - 2019-06-18 15:26 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-06-18 15:09 - 2019-06-18 15:09 - 000000000 ___HD C:\$SysReset
2019-06-18 09:43 - 2019-06-29 12:28 - 002492808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-18 09:43 - 2019-06-28 21:15 - 000000008 __RSH C:\Users\Slavicek\ntuser.pol
2019-06-18 09:43 - 2019-06-18 09:43 - 000000020 ___SH C:\Users\Slavicek\ntuser.ini
2019-06-18 09:42 - 2019-06-29 12:22 - 000003148 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2019-06-18 09:42 - 2019-06-29 12:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-18 09:42 - 2019-06-18 15:27 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-79263149-2179494062-2174528413-1001
2019-06-18 09:42 - 2019-06-18 09:43 - 000003522 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-79263149-2179494062-2174528413-1001UA
2019-06-18 09:42 - 2019-06-18 09:43 - 000003254 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-79263149-2179494062-2174528413-1001Core
2019-06-18 09:42 - 2019-06-18 09:42 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-06-18 09:42 - 2019-06-18 09:42 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-06-18 09:42 - 2019-06-18 09:42 - 000002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2019-06-18 09:42 - 2019-06-18 09:42 - 000002060 _____ C:\WINDOWS\System32\Tasks\StartDVR
2019-06-18 09:42 - 2019-06-18 09:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-79263149-2179494062-2174528413-1001
2019-06-18 09:37 - 2019-06-18 09:37 - 000000000 ____D C:\ProgramData\USOShared
2019-06-18 09:36 - 2019-06-18 09:07 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-06-18 09:35 - 2019-06-30 08:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-18 09:35 - 2019-06-18 09:39 - 000484712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-18 09:27 - 2019-06-18 09:27 - 000066064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WinSetupBoot.sys
2019-06-18 09:12 - 2019-06-18 09:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-06-18 09:11 - 2019-06-28 21:15 - 000000000 ____D C:\Users\Slavicek
2019-06-18 09:11 - 2019-06-18 15:27 - 000002372 ____C C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-18 09:11 - 2019-06-18 09:12 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-06-18 09:08 - 2019-06-18 09:08 - 025445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 018006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 007802224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 007006720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 006141440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 005499904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 005014016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 004306944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 004128904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003525080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003486208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-18 09:08 - 2019-06-18 09:08 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 002398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001510960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001493944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001248256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001105776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000744248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000737552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2019-06-18 09:08 - 2019-06-18 09:08 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-06-18 09:08 - 2019-06-18 09:08 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000420360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-06-18 09:08 - 2019-06-18 09:08 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2019-06-18 09:07 - 2019-06-18 09:08 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-06-18 09:07 - 2019-06-18 09:07 - 025902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 022610944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 017786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 009917992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 008010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007887656 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007831368 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007757312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007275008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007241800 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 007103488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006536976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006381568 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006225832 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006068328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 006036480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 005939712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 005745504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 005071360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004577280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 004553616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004034048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 004008448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003947520 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003915752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003734456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003725824 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 003684864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003590672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003373256 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 003094528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002990392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 002769976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002763312 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-06-18 09:07 - 2019-06-18 09:07 - 002724352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 002698552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 002694144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002587328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002550584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002449456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002321408 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002178048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002117168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 002081464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001999440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001954952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001944064 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001853440 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001830416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001754024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-18 09:07 - 2019-06-18 09:07 - 001745408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001721344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001647584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001635328 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001633648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001608704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001509728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001505808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001437184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001422848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001395600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001392144 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001366344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-18 09:07 - 2019-06-18 09:07 - 001363456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001283384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-18 09:07 - 2019-06-18 09:07 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001246000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001192088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001149200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001072168 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001068856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001065984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000939504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000911360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000909736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000888936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000888056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000879576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 000876856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000811192 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-06-18 09:07 - 2019-06-18 09:07 - 000811192 _____ C:\WINDOWS\system32\locale.nls
2019-06-18 09:07 - 2019-06-18 09:07 - 000804880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000773944 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000773168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000751256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000726328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000680760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000674792 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000673320 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000613904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-06-18 09:07 - 2019-06-18 09:07 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000529072 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-18 09:07 - 2019-06-18 09:07 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 000466624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000441352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-06-18 09:07 - 2019-06-18 09:07 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000401416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000379192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000358944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000338800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000267728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000261016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-06-18 09:07 - 2019-06-18 09:07 - 000223248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidclass.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000205112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000201256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000199688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000199184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000199184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000194176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-06-18 09:07 - 2019-06-18 09:07 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000161848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000146744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000146416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000139472 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000136720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameChatTranscription.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-06-18 09:07 - 2019-06-18 09:07 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000084520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000066360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidusb.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000037888 _____ C:\WINDOWS\system32\usocoreps.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-06-18 09:07 - 2019-06-18 09:07 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2019-06-18 09:07 - 2019-06-18 09:07 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000021512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2019-06-18 09:07 - 2019-06-18 09:07 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-06-18 09:07 - 2019-06-18 09:07 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-06-18 09:07 - 2019-06-18 09:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2019-06-18 09:04 - 2019-06-29 12:28 - 000707652 _____ C:\WINDOWS\system32\perfh005.dat
2019-06-18 09:04 - 2019-06-29 12:28 - 000144902 _____ C:\WINDOWS\system32\perfc005.dat
2019-06-18 09:04 - 2019-06-18 09:04 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-06-18 09:04 - 2019-06-18 09:04 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2019-06-18 09:04 - 2019-06-18 09:04 - 000000000 ____D C:\WINDOWS\system32\cs
2019-06-18 09:04 - 2019-06-18 09:03 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2019-06-18 09:04 - 2019-06-18 09:03 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2019-06-18 08:56 - 2019-06-18 08:56 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2019-06-18 08:56 - 2019-06-18 08:56 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-06-18 08:56 - 2019-06-18 08:56 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-06-18 08:55 - 2019-06-18 08:55 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-06-18 08:55 - 2019-06-18 08:55 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-06-18 08:55 - 2019-06-18 08:55 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-06-18 08:55 - 2019-06-18 08:55 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-06-18 08:55 - 2019-06-18 08:55 - 000000000 ____D C:\Program Files\MSBuild
2019-06-18 08:55 - 2019-06-18 08:55 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-06-18 08:55 - 2019-06-18 08:55 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-06-18 08:54 - 2019-06-18 08:55 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-06-18 08:54 - 2019-06-18 08:55 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-06-18 08:54 - 2019-06-18 08:55 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-06-18 08:54 - 2019-06-18 08:54 - 006472704 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0005.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 006359552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 005496832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-18 08:54 - 2019-06-18 08:54 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-06-18 08:54 - 2019-06-18 08:54 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-06-18 08:54 - 2019-06-18 08:54 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-06-18 08:49 - 2019-06-18 08:49 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-06-18 08:13 - 2019-06-18 08:13 - 000000000 ___HD C:\$Windows.~WS
2019-06-18 08:08 - 2019-06-18 08:32 - 000000036 _____ C:\WINDOWS\progress.ini
2019-06-18 08:02 - 2019-06-30 08:54 - 000000000 ____D C:\FRST
2019-06-18 07:58 - 2019-06-18 09:43 - 000000000 ___HD C:\$GetCurrent
2019-06-18 07:58 - 2019-06-18 09:43 - 000000000 ____D C:\Windows10Upgrade
2019-06-18 07:58 - 2019-06-18 08:29 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2019-06-18 06:44 - 2019-06-18 09:35 - 000000000 ____D C:\Program Files\UNP
2019-06-15 13:23 - 2019-06-18 09:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-06-15 13:23 - 2019-06-15 13:23 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2019-06-15 13:23 - 2019-06-15 13:23 - 000000000 ____D C:\Program Files\CPUID
2019-06-14 16:58 - 2018-12-07 14:32 - 000469688 _____ C:\WINDOWS\runkey.exe
2019-06-13 16:00 - 2019-06-13 16:00 - 000000000 ____D C:\Users\Slavicek\AppData\Local\mbamtray
2019-06-13 16:00 - 2019-06-13 16:00 - 000000000 ____D C:\Users\Slavicek\AppData\Local\mbam
2019-06-13 15:43 - 2019-06-13 16:03 - 000000000 ____D C:\Users\Slavicek\AppData\Roaming\gxxxunc4lxy
2019-06-13 15:43 - 2019-06-13 15:43 - 000000000 ____D C:\ProgramData\Pader
2019-06-13 15:42 - 2019-06-13 16:03 - 000000000 ____D C:\Program Files (x86)\Rundll
2019-06-13 15:41 - 2019-06-28 21:15 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-06-13 15:40 - 2019-06-13 21:40 - 000000000 __SHD C:\ProgramData\FlashSys
2019-06-13 15:40 - 2019-06-13 15:40 - 000000000 ____D C:\Users\Slavicek\AppData\Local\AdvinstAnalytics
2019-06-09 14:40 - 2019-06-09 14:40 - 000000000 ____D C:\Users\Slavicek\AppData\Roaming\AMD
2019-06-09 14:38 - 2019-06-18 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2019-06-09 14:38 - 2019-06-09 14:43 - 000000000 ____D C:\Users\Slavicek\AppData\Roaming\obs-studio
2019-06-09 14:38 - 2019-06-09 14:38 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2019-06-09 14:38 - 2019-06-09 14:38 - 000000000 ____D C:\Program Files\obs-studio
2019-06-09 14:37 - 2019-06-09 14:37 - 069794432 _____ (obsproject.com) C:\Users\Slavicek\Desktop\OBS-Studio-23.1-Full-Installer-x64.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-30 08:48 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-29 23:16 - 2018-02-03 17:08 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\vlc
2019-06-29 19:31 - 2018-10-13 20:39 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\.minecraft
2019-06-29 19:27 - 2018-10-13 20:40 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\.tlauncher
2019-06-29 19:25 - 2018-08-10 08:55 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\D3DSCache
2019-06-29 12:28 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2019-06-29 12:28 - 2018-03-30 21:22 - 000625204 _____ C:\WINDOWS\system32\perfh01B.dat
2019-06-29 12:28 - 2018-03-30 21:22 - 000178132 _____ C:\WINDOWS\system32\perfc01B.dat
2019-06-29 12:21 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-29 12:21 - 2017-12-07 22:18 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-06-29 12:00 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-28 21:14 - 2018-01-20 07:18 - 000000000 ___DC C:\Users\Slavicek\AppData\LocalLow\Temp
2019-06-28 21:12 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-06-28 15:10 - 2018-12-15 11:08 - 000000000 ___DC C:\Users\Slavicek\Desktop\Adamko
2019-06-27 15:02 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-27 14:51 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-06-27 14:43 - 2018-03-28 13:14 - 000000000 ____D C:\ProgramData\Origin
2019-06-27 13:48 - 2018-03-28 13:16 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Origin
2019-06-26 16:44 - 2018-12-15 11:49 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-26 16:44 - 2018-12-15 11:49 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-26 16:42 - 2018-10-03 19:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-26 14:56 - 2018-03-28 13:16 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-06-25 20:13 - 2018-02-12 16:51 - 000000000 ____D C:\ProgramData\{827D21CC-A22D-45D6-23CA-451DDAC769BA}
2019-06-24 22:37 - 2018-02-12 16:25 - 000000000 ____D C:\Program Files (x86)\FNMC Manager
2019-06-24 22:15 - 2018-01-23 16:19 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-06-24 22:15 - 2018-01-23 16:18 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-06-24 20:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-06-24 19:21 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-06-24 17:43 - 2017-12-07 23:08 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\PlaceholderTileLogoFolder
2019-06-24 16:32 - 2018-05-03 15:15 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-22 19:12 - 2018-10-04 19:11 - 000001432 ____C C:\Users\Slavicek\Desktop\Roblox Player.lnk
2019-06-22 19:12 - 2018-10-04 19:11 - 000001247 ____C C:\Users\Slavicek\Desktop\Roblox Studio.lnk
2019-06-22 19:12 - 2018-09-28 18:41 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-06-22 19:10 - 2018-03-28 13:15 - 000000000 ____D C:\Program Files (x86)\Origin
2019-06-22 18:05 - 2018-08-28 21:30 - 000006157 ____C C:\Users\Slavicek\Desktop\PS4.txt
2019-06-22 09:45 - 2018-01-23 16:21 - 000002171 ____C C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2019-06-20 06:38 - 2017-12-07 22:15 - 000002525 ____C C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 06:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-06-18 22:00 - 2018-03-12 15:41 - 000000000 __RDC C:\Users\Slavicek\Documents\Scanned Documents
2019-06-18 15:27 - 2017-12-07 22:13 - 000000000 ___RD C:\Users\Slavicek\OneDrive
2019-06-18 10:50 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-18 10:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-18 10:50 - 2018-08-10 09:11 - 000000000 ____D C:\ProgramData\Packages
2019-06-18 10:49 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-06-18 10:49 - 2017-12-07 22:11 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\Packages
2019-06-18 09:43 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-06-18 09:43 - 2017-12-07 22:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-18 09:43 - 2017-12-07 22:11 - 000000000 ___RD C:\Users\Slavicek\3D Objects
2019-06-18 09:40 - 2019-03-19 06:52 - 000000000 __RSD C:\WINDOWS\Media
2019-06-18 09:38 - 2019-04-06 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
2019-06-18 09:38 - 2019-03-19 06:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-06-18 09:38 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-06-18 09:38 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration
2019-06-18 09:38 - 2019-03-16 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClownfishVoiceChanger
2019-06-18 09:38 - 2019-01-12 17:56 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plague Inc Evolved
2019-06-18 09:38 - 2018-12-26 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod
2019-06-18 09:38 - 2018-12-18 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-06-18 09:38 - 2018-10-13 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-06-18 09:38 - 2018-09-30 09:44 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2019-06-18 09:38 - 2018-06-05 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GnuCash
2019-06-18 09:38 - 2018-03-28 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-06-18 09:38 - 2018-03-11 14:48 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
2019-06-18 09:38 - 2018-03-11 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2019-06-18 09:38 - 2018-02-12 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeKe
2019-06-18 09:38 - 2018-02-03 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-06-18 09:38 - 2018-01-23 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2019-06-18 09:38 - 2018-01-23 16:19 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2019-06-18 09:38 - 2018-01-23 16:18 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-06-18 09:38 - 2018-01-16 18:13 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2019-06-18 09:38 - 2018-01-15 18:34 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2019-06-18 09:38 - 2017-12-07 23:48 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-18 09:38 - 2017-12-07 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-18 09:38 - 2017-12-07 23:46 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2019-06-18 09:38 - 2017-12-07 22:17 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome
2019-06-18 09:35 - 2019-05-25 11:18 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-06-18 09:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-06-18 09:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-06-18 09:35 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-18 09:35 - 2019-03-19 06:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-06-18 09:35 - 2018-01-23 17:28 - 000000000 ____D C:\Program Files\AMD
2019-06-18 09:27 - 2019-03-19 06:56 - 000000000 ____D C:\WINDOWS\Setup
2019-06-18 09:12 - 2019-04-17 21:31 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-06-18 09:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-06-18 09:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Resources
2019-06-18 09:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Help
2019-06-18 09:12 - 2019-03-13 17:13 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-06-18 09:12 - 2018-12-18 17:49 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-06-18 09:12 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-06-18 09:12 - 2018-08-01 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-06-18 09:12 - 2018-01-23 17:51 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-06-18 09:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-18 09:04 - 2019-03-19 12:56 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-06-18 09:04 - 2019-03-19 12:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-06-18 09:04 - 2019-03-19 12:56 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\system32\winrm
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\system32\slmgr
2019-06-18 09:04 - 2019-03-19 12:54 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Com
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\IME
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-06-18 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-06-18 09:04 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2019-06-18 08:56 - 2019-03-19 07:00 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2019-06-18 08:56 - 2019-03-19 07:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2019-06-18 08:56 - 2019-03-19 07:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2019-06-18 08:56 - 2019-03-19 07:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2019-06-18 08:56 - 2019-03-19 07:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2019-06-18 08:56 - 2019-03-19 07:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2019-06-18 08:56 - 2019-03-19 07:00 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2019-06-18 08:56 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2019-06-18 08:56 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 001401344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2019-06-18 08:56 - 2019-03-19 06:58 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2019-06-18 08:56 - 2019-03-19 06:58 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2019-06-18 08:56 - 2019-03-19 06:58 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2019-06-18 08:56 - 2019-03-19 06:58 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2019-06-18 08:56 - 2019-03-19 06:58 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2019-06-18 08:56 - 2019-03-19 06:58 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2019-06-18 08:56 - 2019-03-19 06:58 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2019-06-18 08:56 - 2019-03-19 06:58 - 000009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2019-06-18 08:56 - 2019-03-19 06:57 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2019-06-18 08:56 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2019-06-18 08:56 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2019-06-18 08:54 - 2019-03-19 12:55 - 000000000 ____D C:\WINDOWS\OCR
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-06-18 08:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-06-18 08:17 - 2018-10-24 22:08 - 000000000 ____D C:\ESD
2019-06-14 17:01 - 2019-05-25 18:42 - 000000000 ____D C:\ProgramData\SMART Technologies
2019-06-14 16:57 - 2018-11-11 12:43 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\Opera Software
2019-06-14 16:57 - 2018-11-11 12:42 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Opera Software
2019-06-14 16:57 - 2018-05-03 15:15 - 000000000 ___DC C:\Users\Slavicek\AppData\LocalLow\Mozilla
2019-06-13 16:16 - 2019-01-12 19:38 - 000000000 ____D C:\Users\Slavicek\Downloads\opera autoupdate
2019-06-12 17:21 - 2019-03-13 17:13 - 000000000 ___DC C:\Users\Slavicek\AppData\Roaming\Discord
2019-06-12 10:30 - 2018-09-27 22:35 - 000000000 ___DC C:\Users\Slavicek\Desktop\kupa ps4
2019-06-11 20:18 - 2017-12-08 00:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-11 20:16 - 2017-12-08 00:18 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-08 23:28 - 2018-01-15 18:33 - 000000000 ___DC C:\Users\Slavicek\AppData\Local\JDownloader 2.0
2019-06-08 11:21 - 2019-03-16 09:03 - 000000344 ____C C:\Users\Slavicek\Documents\ClownfishVoiceChanger.ini
2019-06-05 16:01 - 2018-03-02 18:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-06-04 17:20 - 2019-05-26 17:09 - 000000000 ___DC C:\Users\Slavicek\Desktop\tabulka herbar

==================== Files in the root of some directories ================

2017-12-08 00:04 - 2017-12-08 00:04 - 000007604 ____C () C:\Users\Slavicek\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by Slavicek (30-06-2019 08:55:39)
Running from C:\Users\Slavicek\Pictures\Adamko\Trash
Windows 10 Pro Version 1903 18362.175 (X64) (2019-06-18 07:43:39)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-79263149-2179494062-2174528413-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-79263149-2179494062-2174528413-503 - Limited - Disabled)
Guest (S-1-5-21-79263149-2179494062-2174528413-501 - Limited - Disabled)
Slavicek (S-1-5-21-79263149-2179494062-2174528413-1001 - Administrator - Enabled) => C:\Users\Slavicek
WDAGUtilityAccount (S-1-5-21-79263149-2179494062-2174528413-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.1.1 - Advanced Micro Devices, Inc.)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.15.120 - Bitdefender)
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version: - )
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
Discord (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\Flux) (Version: - f.lux Software LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
GnuCash 3.1 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team)
Google Chrome (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life Is Strange - Complete First Season verze 1.0 u13 (HKLM-x32\...\{2EC1CC17-23FA-49C5-898C-F15B3F708B7E}_is1) (Version: 1.0 u13 - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.11727.20210 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 61.0.2 (x64 sk)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.3 - Mozilla)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.40.26928 - Electronic Arts, Inc.)
paint.net (HKLM\...\{B998B716-4001-4919-BA90-BA14B51DFEB5}) (Version: 4.1.6 - dotPDN LLC)
Plague Inc Evolved (HKLM-x32\...\Plague Inc Evolved) (Version: - Plague Inc Evolved)
RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder)
Roblox Player for Slavicek (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Slavicek (HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\roblox-studio) (Version: - Roblox Corporation)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.52.100.1020 - Electronic Arts Inc.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.2) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_1.7.0.0_x64__tf1gferkr813w [2017-12-07] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_4.1.2.0_x86__kgqvnymyfvs32 [2017-12-07] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.101.900.0_x86__kgqvnymyfvs32 [2017-12-07] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_2.6.0.9_x86__h6adky7gbf63m [2017-12-07] (Gameloft.)
File Viewer Plus -> C:\Program Files\WindowsApps\SharpenedProductions.FileViewerPlus_3.1.1.0_x86__xkt78gamzntbr [2018-12-16] (Sharpened Productions)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_85.1.379.0_x64__v10z8vjag6ke6 [2018-08-10] (HP Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_2.9.0.10_x86__h6adky7gbf63m [2017-12-07] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1804.2.0_x86__8wekyb3d8bbwe [2019-04-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.2212.0_x64__8wekyb3d8bbwe [2017-12-07] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Corporation) [MS Ad]
TVHPlayer Beta -> C:\Program Files\WindowsApps\9388Wally.465111A6D3D5_0.9.2.5_x86__srjp817t7b3e0 [2018-02-03] (Wally)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.1.18.0_x64__3ykzqggjzj4z0 [2017-12-07] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\75.0.3770.100\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-79263149-2179494062-2174528413-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Slavicek\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-01-12] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-06-05 06:13 - 2017-06-05 06:13 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-06-05 06:13 - 2017-06-05 06:13 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-01-12 17:59 - 2018-01-12 17:59 - 000155688 _____ (AMD PMP-PE CB Code Signer v20170331 -> Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
2018-03-28 13:15 - 2018-03-28 13:15 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-03-28 13:15 - 2018-03-28 13:15 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2018-03-28 13:15 - 2019-05-25 09:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-06-22 19:10 - 2019-05-25 09:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000237568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 001336832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-01-12 17:42 - 2018-01-12 17:42 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 006045696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 001204736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 003234304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 068669952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000110080 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000283136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-06-05 06:13 - 2017-06-05 06:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2019-06-28 21:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Slavicek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20190623_115234.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-79263149-2179494062-2174528413-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{03513F34-92B9-4159-9D45-25E792C05DEA}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{6A536E7A-8E44-4524-A015-0B3AE2EF2758}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{CB5CA05E-19A5-4B8C-9BDC-C36422E9A1A2}] => (Allow) C:\Users\Slavicek\AppData\Local\Programs\Opera\60.0.3255.151\opera.exe No File
FirewallRules: [{EB92E8D1-018A-4798-83E7-452A4A94CA0C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53B2B6EB-E441-4621-A27C-E787C96C45ED}] => (Allow) C:\Users\Slavicek\AppData\Local\Programs\Opera\60.0.3255.109\opera.exe No File
FirewallRules: [UDP Query User{C7ED3982-2FA5-4641-A7E1-A76E6218DE34}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [TCP Query User{37BF5091-A596-474C-895B-15D57AF62A1D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{80CA397F-28C0-4324-A944-64D3AE847B31}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B6F84E87-F3A6-4FCC-8AAD-EC6F4012977A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{773B181C-39B5-4CAE-A59C-58A29C33978E}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C48DA8F7-478C-49D2-826B-38A28941F83D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BB8013A1-8737-4796-974B-FEC547E46011}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B4785CCF-2BF9-4073-B95E-CDD5A5B7E5AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4632AB01-333F-425E-9928-32DD9DEEC0C4}] => (Allow) LPort=5558
FirewallRules: [{E46849C2-A68F-4A05-A31D-D7AED9CEC7F1}] => (Allow) LPort=5556
FirewallRules: [UDP Query User{C4C4583E-4F9D-4352-97E4-37933D8DEF9D}C:\users\slavicek\desktop\odorik.exe] => (Allow) C:\users\slavicek\desktop\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [TCP Query User{5A872D68-D54C-4FF2-AAEA-1E1D5677C520}C:\users\slavicek\desktop\odorik.exe] => (Allow) C:\users\slavicek\desktop\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [{4A314205-58FA-4627-B21E-65541C998966}] => (Block) C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5891494F-428A-495B-AAD4-44EFB87EFA30}] => (Block) C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{59C644F9-81E3-4E6B-9BB6-5393916B4DBE}C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{03994D94-3F24-4EBA-9C0F-75D2129C31D8}C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\slavicek\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{28819002-4F9A-4009-9115-BB46B6D616DF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [UDP Query User{0DB069FE-766F-4822-9D31-C851767C5AE5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [{6EC6DAC7-B3B7-4A97-B35B-EA1C502533A4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BDD97B8D-0757-4C58-BFB0-52292BF6F71B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D81B8BD3-3B67-474B-BA6D-72323733FC90}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{DB4862B7-1CCF-4A9E-8DE8-028661F902C9}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{BC7B43CA-FB4B-41AC-813B-53D919F4B380}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{BDB3C070-E70C-4E42-8F61-586C39B065D9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{21D88489-CFD7-45BD-8BBB-1102D7AC41BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{08C3FB04-6BD8-4D9E-BF37-A6ED81186C0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F7CC01F0-022A-4F39-BB12-B3B175F6AF59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{77E768F0-6AEE-41B1-AB2E-1B3F10B0E7F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E2CB89DF-2405-43EA-A234-247400346EB2}] => (Allow) D:1\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [{707EDAE2-899A-4843-9D1F-6DA8E56FAE0C}] => (Allow) D:1\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [{958CB981-D5FB-4B77-A164-8E8A7FBA2665}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C16555BE-0705-47B9-8006-C0F2B77A340A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A7F06730-A410-438D-8873-B1282607A9A2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34EE703D-91F4-4DC4-831F-8FFA67A2B85C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{07B99EB4-C9D7-47C2-B401-74FB262FF525}D:\xgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\xgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{806382E6-DB0C-451E-91F8-0F8CB29398BB}D:\xgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\xgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E9E85B90-8151-4607-BD85-7B12830AA327}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{42C37B5A-BEF7-4BED-A76A-F2B767FB1397}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{6A9210C1-805D-496E-9637-89E46F38576D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{53329BC7-A8FF-479B-A350-48A0BF0753EC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{897727BA-5DD0-402D-8ECE-10DAF261B55D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{CA8DE110-38E6-47CB-AC5B-2A975DF54D50}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2019 10:34:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 75.0.3770.100 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1f3c

Čas spuštění: 01d52de95c0c1452

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Slavicek\AppData\Local\Google\Chrome\Application\chrome.exe

ID hlášení: 49e7e8bc-cb8f-49c9-be5c-96b2498faf6d

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (06/27/2019 03:02:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, A system shutdown is in progress.
.

Error: (06/27/2019 03:02:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, A system shutdown is in progress.
]

Error: (06/25/2019 04:08:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, A system shutdown is in progress.
.

Error: (06/25/2019 04:08:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, A system shutdown is in progress.
]

Error: (06/24/2019 06:25:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, A system shutdown is in progress.
.

System errors:
=============
Error: (06/30/2019 08:55:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (06/30/2019 08:55:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ46S14)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/30/2019 08:53:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (06/30/2019 08:53:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ46S14)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/30/2019 08:51:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (06/30/2019 08:51:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ46S14)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/30/2019 08:49:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (06/30/2019 08:49:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ46S14)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

CodeIntegrity:
===================================

Date: 2019-06-24 20:55:25.167
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-06-24 20:55:25.154
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1608 05/10/2011
Motherboard: ASUSTeK Computer INC. P8P67
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 24%
Total physical RAM: 16360.79 MB
Available physical RAM: 12373.18 MB
Total Virtual: 17384.79 MB
Available Virtual: 12186.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:88.89 GB) (Free:27.85 GB) NTFS
Drive d: (Nový zväzok) (Fixed) (Total:345.57 GB) (Free:14.99 GB) NTFS
Drive e: (Install_FIlmy) (Fixed) (Total:585.94 GB) (Free:64.87 GB) NTFS
Drive f: (Nový zväzok) (Fixed) (Total:376.27 GB) (Free:64.24 GB) NTFS
Drive g: () (Fixed) (Total:110 GB) (Free:5.26 GB) NTFS
Drive h: (Adrika) (Fixed) (Total:109.89 GB) (Free:7.91 GB) NTFS

\\?\Volume{05a743f9-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.54 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4284FF7D)
Partition 1: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 9B64CFD8)
Partition 1: (Not Active) - (Size=376.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.9 GB) - (Type=0F Extended)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 89.4 GB) (Disk ID: 05A743F9)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=88.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Stiahni tento balik: https://aka.ms/wudiag

Spusti, klikni na Spresnit a nasledne na Spustis ako spravca
Nasledne vyber Windows Update, klikni na Dalej a pockaj na dokoncenie
Pouzi vsetky ponuknute opravy a posli screenshot s vysledkom

VIRY.CZ

Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem

Re: Botnet - zjištěna infikace malwarem